Welcome to the Yoti Python SDK. This repo contains the tools and step by step instructions you need to quickly integrate your Python back-end with Yoti so that your users can share their identity details with your application in a secure and trusted way.
-
An Architectural view - High level overview of integration
-
References - Guides before you start
-
Requirements - Everything you need to get started
-
Installing the SDK - How to install our SDK
-
SDK Project import - How to install the SDK to your project
-
Configuration - Entry point explanation
-
Handling Users - How to manage users
-
Running the examples - How to retrieve a Yoti profile using the token
-
API Coverage - Attributes defined
-
Support - Please feel free to reach out
Before you start your integration, here is a bit of background on how the integration works. To integrate your application with Yoti, your back-end must expose a GET endpoint that Yoti will use to forward tokens. The endpoint can be configured in the Yoti Hub when you create/update your application. For more information on how to create an application please check our developer page.
The image below shows how your application back-end and Yoti integrate into the context of a Login flow. Yoti SDK carries out for you steps 6, 7 and the profile decryption in step 8.
Yoti also allows you to enable user details verification from your mobile app by means of the Android (TBA) and iOS (TBA) SDKs. In that scenario, your Yoti-enabled mobile app is playing both the role of the browser and the Yoti app. Your back-end doesn't need to handle these cases in a significantly different way. You might just decide to handle the User-Agent header in order to provide different responses for desktop and mobile clients.
To see the versions of Python this SDK is compatible with, see the the GitHub workflow tests file file.
To import the Yoti SDK inside your project, simply run the following command from your terminal:
pip install yotiYou can reference the project URL by adding the following import:
import yoti_python_sdkAfter creating your application on the Yoti Hub, you need to download the .PEM key and save it outside the repo (keep it private).
The variables required for the SDK to work are found in the tabs on your Yoti application's settings page (Yoti Hub). These are:
YOTI_SCENARIO_ID- This is used to configure the Yoti Login Button (see Front End Integration).YOTI_CLIENT_SDK_ID- This is the SDK identifier generated by Yoti Hub in the Key tab when you create your app. Note this is not your Application Identifier which is needed by your client-side code.YOTI_KEY_FILE_PATH- This is the path to the application .pem file, we recommend keeping your .pem file outside of your repository. It can be downloaded only once from the Keys tab in your Yoti Hub. (e.g. /home/user/.ssh/access-security.pem).
Please do not open the pem file as this might corrupt the key and you will need to create a new application.
One way to configure these environment variables is to use an .env file. There are .env.example files supplied in the Django and Flask example projects, which you can rename to .env and enter your settings into this file. Do not use quotes when entering your environment variables
from yoti_python_sdk import Client
@app.route('/profile')
def auth():
client = Client(YOTI_CLIENT_SDK_ID, YOTI_KEY_FILE_PATH)
activity_details = client.get_activity_details(request.args['token'])When you retrieve the user profile, you receive a user ID generated by Yoti exclusively for your application. This means that if the same individual logs into another app, Yoti will assign her/him a different ID. You can use this ID to verify whether (for your application) the retrieved profile identifies a new or an existing user. Here is an example of how this works:
client = Client(YOTI_CLIENT_SDK_ID, YOTI_KEY_FILE_PATH)
activity_details = client.get_activity_details(token)
profile = activity_details.profile
selfie = profile.selfie.value
given_names = profile.given_names.value
family_name = profile.family_name.value
full_name = profile.full_name.value
phone_number = profile.phone_number.value
date_of_birth = profile.date_of_birth.value
postal_address = profile.postal_address.value
structured_postal_address = profile.structured_postal_address.value
gender = profile.gender.value
nationality = profile.nationality.value
email_address = profile.email_address.value
remember_me_id = activity_details.user_id
parent_remember_me_id = activity_details.parent_remember_me_id
receipt_id = activity_details.receipt_id
timestamp = activity_details.timestamp
base64_selfie_uri = activity_details.base64_selfie_uriYou can retrieve the anchors, sources and verifiers for each attribute as follows:
given_names_attribute = profile.given_names
given_names_anchors = given_names_attribute.anchors
given_names_sources = given_names_attribute.sources
given_names_verifiers = given_names_attribute.verifiersYou can also retrieve further properties from these respective anchors in the following way:
source_anchor = given_names_sources[0]
value = source_anchor.value
sub_type = source_anchor.sub_type
timestamp = source_anchor.signed_timestamp
origin_server_certs = source_anchor.origin_server_certsIf you have chosen Verify Condition on the Yoti Hub with the age condition of "Over 18", you can retrieve the user information as follows:
age_verification_attribute = profile.get_attribute("age_over:18")You can retrieve the sources and verifiers in the same way as detailed above.
From the Yoti Hub:
- Set the application domain of your app to
localhost:5000 - Set the scenario callback URL to
/yoti/auth
To run the Flask or Django container:
- Clone this repository
- Change directory to the example project directory with
cd examples/yoti_example_flaskfor Flask
ORcd examples/yoti_example_djangofor Django
- Make sure the environment variables
YOTI_SCENARIO_ID,YOTI_CLIENT_SDK_IDandYOTI_KEY_FILE_PATHare set using an .env file (instructions in the Configuration section). Please note that with Docker, the .pem file must reside in a location within where docker is being run from, so it should be placed somewhere under the respective yoti_example_flask/yoti_example_django folders. - Rebuild the images if you have modified the docker-compose.yml file with
docker-compose build --no-cache
- Start the container with
docker-compose up - Navigate to https://localhost:5000
- Activity Details
- Remember Me ID
user_id - Parent Remember Me ID
parent_remember_me_id - ReceiptID
receipt_id - Timestamp
timestamp - Profile
profile- Photo
selfie - Given Names
given_names - Family Name
family_name - Full Name
full_name - Mobile Number
phone_number - Email Address
email_address - Date of Birth
date_of_birth - Address
postal_address - Structured Postal Address
structured_postal_address - Gender
gender - Nationality
nationality
- Photo
- Application Profile
application_profile- Name
application_name - URL
application_url - Logo
application_logo - Receipt Background Color
application_receipt_bg_color
- Name
- Base64 Selfie URI
base64_selfie_uri
- Remember Me ID
For any questions or support please email [email protected]. Please provide the following to get you up and working as quickly as possible:
- Computer type
- OS version
- Version of Python being used
- Screenshot
Once we have answered your question we may contact you again to discuss Yoti products and services. If you’d prefer us not to do this, please let us know when you e-mail.
If you're using Windows and you haven't installed Cryptography before, you might need to set two environment variables for Cryptography to install (it is a requirement of the Yoti package):
set LIB=C:\OpenSSL-Win64\lib;%LIB%
set INCLUDE=C:\OpenSSL-Win64\include;%INCLUDE%Where OpenSSL-Win64 is the location that you have installed OpenSSL to. See here for more information.