Our StoryBlogPodcastAdoption Report
Documentation
Activate Account

Widget Session

Suggest Edits

Introduction

This document provides a quick guide on how to integrate Trinsic using the Create Widget Session API.

In this mode, Trinsic controls the entire user experience, including guiding the user through Identity Provider selection.


Integration

To integrate Trinsic's Widget, you will need a secure backend (from which you will make API calls) and a frontend (website or mobile app).



1. Create a Session

When you're ready to verify a user, call the Create Widget Session method from your backend using an API SDK.

The response to this call will include a sessionId and a launchUrl.

Save the sessionId somewhere in your database; send the launchUrl to your frontend (web / mobile app).



2. Launch Session on Frontend

Once your frontend has received the launchUrl from your backend, use a UI SDK to launch the Session. Alternatively, if you specified a redirectUrl during Session creation, simply navigate the user's browser to the launchUrl.

Depending on the environment, the LaunchSession SDK call may be implemented using an async/await pattern that blocks until results are available, or may be a synchronous call which returns immediately and sends results via a registered callback.

The results of the LaunchSession call on your frontend will contain a resultsAccessKey if the Session completed successfully. If the Session did not complete successfully, resultsAccessKey will not be provided, and additional fields (e.g. canceled) provide further information.

Once you have a resultsAccessKey (or a failed result with no key), send it to your backend:

  • If resultsAccessKey is present, send it to your backend
  • If resultsAccessKey is not present, send a message to your backend indicating that the Session did not complete successfully


3. Retrieve Session Results

📘

Note

The resultsAccessKey is required in order to retrieve sensitive identity data from a Session.

Once your frontend has sent the resultsAccessKey to your backend, use an API SDK to retrieve the results:

  • If the Session was successful and your frontend sent a resultsAccessKey, call the Get Session Results endpoint
  • If the Session was not successful, call the Get Session endpoint
    • This will allow you to inspect the Session's state and (if applicable) failure reason, as described in Handling Errors.


4. (Optional) Redact Session

Trinsic automatically redacts all Sessions after a specified redaction period, which can be configured on a per-Application basis in the Dashboard .

If you would like to redact a Session's identity data before the specified redaction period, call the Redact Session endpoint from your backend.

We recommend that you redact Sessions immediately after consumption of their results.

Updated 14 days ago