v4.2.0

New Feature

Support of Digital Identity share service

Yoti Digital ID is now being upgraded!
We have a new API that is improving the sharing flow, for both end-users and integrators like you.

• share is now session based (must create a share session on the server, using the SDK)
• share session details (status, progress) can be fetched anytime
• can subscribe to share session events notification
• share data can be retrieved anytime until expiration of the receipt

This comes as a replacement of the Dynamic Sharing and Profile services combination.

⚠️You must use the new browser client to fully integrate this new version with your front-end

📖 How to

Here are some snippets of basic use cases.

Create a Digital Identity Client:

const {
  DigitalIdentityClient,
} = require('yoti');

const client = new DigitalIdentityClient(
  clientSdkId, // Your Yoti Client SDK ID
  pemKey, // The content of your Yoti .pem key
);

Create a share session:

const {
  DigitalIdentityBuilders: {
    PolicyBuilder,
    ShareSessionConfigurationBuilder,
    ShareSessionNotificationBuilder
  },
} = require('yoti');

const policy = new PolicyBuilder()
.withFullName()
.withEmail()
// any other methods supported
.build();

/*
OR with a IdentityProfileRequirements

.withIdentityProfileRequirements({
    trust_framework: 'UK_TFIDA',
    scheme: {
      type: 'RTW',
  },
});
*/

const subject = {
  subject_id: 'this is a new share',
};

const notification = new ShareSessionNotificationBuilder()
.withHeader('X-CUSTOM', 'custom')
.withUrl('https://service.com/yoti-notifications')
.withMethod('GET')
.withVerifiedTls(true)
.build();

// const extension = new ExtensionBuilder().withType()

const config = new ShareSessionConfigurationBuilder()
.withRedirectUri('/profile')
.withPolicy(policy)
.withSubject(subject)
.withNotification(notification)
// .withExtension(extension)
.build();

const shareSession = await client.createShareSession(config);
// shareSession.getId()
// shareSession.getStatus()
// shareSession.getExpiry()

Get the receipt of a share session:

const sessionId = 'session-id'
const shareSession = await client.getShareSession(sessionId);
const receiptId = shareSession.getReceiptId()
// Assuming receiptId exists
const receipt = await client.getShareReceipt(receiptId);
// Checking error
const receiptError = receipt.getError();
// Assuming no error, getting profile
const profile = receipt.getProfile();

// profile.getSelfie()
// profile.getFullName()
// profile.getFamilyName()
// profile.getGivenNames()
// profile.getDateOfBirth()
// profile.getGender()
// profile.getNationality()
// profile.getPhoneNumber()
// profile.getEmailAddress()
// profile.getPostalAddress()
// profile.getStructuredPostalAddress()
// profile.getDocumentDetails()
// profile.getDocumentImages()
// profile.getIdentityProfileReport()

v4.1.0

New Feature

Support static liveness check

Yoti IDV is now exposing another type of liveness.
One must chose either Zoom or Static type, not both.

const livenessCheck = new RequestedLivenessCheckBuilder()
  .forStaticLiveness()
  .build()

const mySessionSpecificationBuilder = new SessionSpecificationBuilder()
  // more checks
  .withRequestedCheck(livenessCheck)
  // more checks

When retrieving the session, one can retrieve the liveness resource of a static liveness check using the following:

const sessionResult = await idvClient.getSession(sessionId)
const livenessResources = sessionResult.getResources().getStaticLivenessResources()
// livenessResources[0].getImage()
// livenessResources[0].getImage().getId()

v4.0.0

⤴️ Node support:

💥BREAKING CHANGE: If still using lower than 14, no guarantee it will work...now or later.

Drop support for Node version less than 14.
Support for 14, 16, 18.

🧹Dependencies clean-up:

Update of all dependencies to latest, including node-forge and protobujs.
Removed non necessary dependencies (node-rsa, safe-buffer, base64-url).
Pinned dependencies.
Applied same rules to /examples.

📖 Library API:

Renaming:

💥 BREAKING CHANGE: only affects the Yoti Identity Verification API, code must to be updated.

The terminology "doc-scan" is removed in favour of "idv".
Changes can be summarised as:

• class: DocScanXxxx renamed to IDVXxxx
• variable: docScanXxxx renamed to idvXxxx

Usage before

const {DocScanClient, DocScanConstants} = require('yoti')
const docScanClient = new DocScanClient(sdkId, pem);

Usage after

const {IDVClient, IDVConstants} = require('yoti')
const idvClient = new IDVClient(sdkId, pem);

Removal of deprecated methods:

💥 BREAKING CHANGE: only affects the Yoti Digital ID API, code may need to be updated.

Backward compatibility methods of the Profile and ActivityDetails have been removed, handling of attributes simplified and streamlined.

Deprecated	Replacement
ActivityDetails.getUserProfile()	ActivityDetails.getProfile()
ActivityDetails.getUserId()	ActivityDetails.getRememberMeId()
ActivityDetails.getBase64SelfieUri()	Profile.getSelfie().getValue().getBase64Content()
Profile.propertyExists()	-
Profile.getAttributes()	Profile.getAttributesList()
Profile.getAgeVerified()	Profile.getAgeVerifications() Profile.findAgeOverVerification(age) Profile.findAgeUnderVerification(age) Profile.findAgeVerification(type, age)

Removal of ByteBuffer:

💥 BREAKING CHANGE: only affects accessing Media's content.

As part of upgrading to protobufjs v7, the method getContent() of any Media instance now returns a node Buffer and no longer an instance of ByteBuffer, so the ByteBuffer API is no longer accessible through content.

Changes for Digital ID (profile):

Usage before

const buffer = profile.attributes.selfie.value.content.getBuffer()
const buffer = profile.getSelfie().getValue().getContent.getBuffer()

Usage after

const buffer = profile.getSelfie().getValue().getContent()

Changes for IDV:

Given

const media = await IDVClient.getMediaContent(...)
// or
const media = await IDVService.getMediaContent(...)

Usage before

const { buffer } = media.getContent();

Usage after

const buffer = media.getContent();

v3.22.0

Added

Support of DBS / RTW / RTR verification via IDV (doc-scan).

With Yoti platform now enabling verification of identity profile through the IDV (doc-scan), this new SDK version exposes the feature.

1. Create a doc-scan session with an identity profile verification:

const identityProfileRequirements = {
     trust_framework: 'UK_TFIDA',
     scheme: {
       type: 'DBS',
       objective: 'BASIC',
    }
}

const sdkConfig = new SdkConfigBuilder()
    .withAllowHandoff(true)
    .build()

const sessionSpec = new SessionSpecificationBuilder()
    .withSubject(subject)
    .withIdentityProfileRequirements(identityProfileRequirements)
    .withSdkConfig(sdkConfig)
    .build();

See examples for more options on identityProfileRequirements.

2. Handle session result with identity profile:

const sessionResult = await docScanClient.getSession(sessionId);
const identityProfile = sessionResult.getIdentityProfile()
const identityProfileReport = identityProfile.getIdentityProfileReport
// identityProfileReport.getTrustFramework()
// identityProfileReport.getSchemesCompliance()

Examples

See examples for more details about the on identityProfileReport.

Screenshots:

v3.21.0

Added

Support of DBS / RTW / RTR verification via dynamic share.

With Yoti platform now enabling verification of identity profile through the Yoti app, this new SDK version exposes the feature.

1. Create a dynamic scenario with an identity profile verification:

const identityProfileRequirement = {
     trust_framework: 'UK_TFIDA',
     scheme: {
       type: 'DBS',
       objective: 'BASIC',
}

const dynamicPolicy = new Yoti.DynamicPolicyBuilder()
  .withIdentityProfileRequirements(identityProfileRequirement)
  .build();

const dynamicScenario = new Yoti.DynamicScenarioBuilder()
  .withCallbackEndpoint('/identity-profile-report')
  .withPolicy(dynamicPolicy)
  .withSubject(subject)
  .build();

See examples for more option on identityProfileRequirement.

2. Handle receipt with identity profile verification:

const activityDetails = await yotiClient.getActivityDetails(token);
const outcome = activityDetails.getOutcome(); // "SUCCESS" expected

const profile = activityDetails.getProfile();
const identityProfile = profile.getIdentityProfileReport().getValue(); // {identity_assertion, verification_report,  authentication_report}

See examples for more details about the on identityProfileReport.

Updated

Profile.getAttributeById()

The method getAttributeById('some_id') is now available on the profile, this can be used to find a specific attribute which share its name with others, like document_images (the method getAttributesByName() only returning the first occurrence).

See examples for more details about the on identityProfileReport.

v3.20.0

Description

Added

Support existence of several attributes with the same name in the profile.

// Additions
BaseProfile.getAttributesByName(attrName) // returns Attribute[]
BaseProfile.getAttributesList() // returns Attribute[]

// Usage
const someProfile = activityDetails.getProfile();
someProfile.getAttributesByName('family_name');
someProfile.getAttributesList();

Changed

Internal usage only

BaseProfile.constructor() now accepts both Object[] and Object.<string, Object>, to support multiple attributes with the same name

Deprecated

BaseProfile.profileData
BaseProfile.propertyExists

v3.19.0

Description

NEW:

Allows Session Handoff

User can now configure the session to be initiated on desktop and continued on mobile device.

new SdkConfigBuilder()
  .withAllowHandoff(true)

Enables Session Attempts

User can now specify the number of retries for the ID Document text extraction

new SdkConfigBuilder()
  .withIdDocumentTextExtractionGenericRetries(5)
  .withIdDocumentTextExtractionReclassificationRetries(5)

Alternative Session TTL as Deadline

User can specify a date as alternative way to set the session TTL

new SessionSpecificationBuilder()
  .withSessionDeadline(new Date('2021-12-15T16:30:00.000Z'))

FIX:

Custom Account Watchlist Advanced CA handling of tags elements

Made the tags optional in both request and response, this is addressing a bug when the response is being consumed.

v3.18.0

Added

Doc Scan

• Support for Watchlist Advanced check

v3.17.0

Added

Doc Scan

• Support for Watchlist Screening check

v3.16.0

Added

Doc Scan

• Support for Notification Configuration new Auth Type (BASIC, BEARER)

Miscellaneous

• Update dependencies (y18n patch 4.0.0 -> 4.0.3)