Workflow Integration
Use workflows to integrate the Web SDK.
Overview
This guide walks you through integrating the Web SDK with ComplyCube workflows.
For a quick copy-paste example, use our integration assistant.
Integration flow
The Web SDK runs as part of your frontend but relies on your backend to create secure tokens. Here’s how it works:
Integration guide
Create a client
Every verification flow starts with a client (i.e. customer). Use the API to create the client.
Example request
Example response
The response will contain an id (the Client ID). It is required for the next step.
See Clients API Reference to learn more.
Generate an SDK token
Your backend must create an SDK token for each new flow. This token links the SDK session to the client. Tokens are short-lived and must not be reused.
Example request
Example response
See SDK Token API Reference to learn more.
Import the SDK
To import our Web SDK, you need to include it in your target page HTML:
Loading the SDK with Integrity (Optional)
For additional security, you can optionally load the ComplyCube Web SDK using Subresource Integrity (SRI). This allows the browser to verify that the JavaScript and CSS files have not been modified by validating them against cryptographic checksums.
Retrieve the latest SDK integrity values
To ensure you always use the latest supported SDK version and integrity hashes, retrieve the asset metadata from the Web SDK info endpoint.
Example request
Example response
The response includes the URLs and corresponding integrity values for both the JavaScript and CSS assets.
Import the SDK using integrity attributes
Use the returned values to load the SDK in your HTML with integrity and crossorigin attributes:
Notes
Using SRI is optional, but recommended for environments with stricter security requirements.
The crossorigin="anonymous" attribute is required when using SRI with assets served from a different origin.
Integrity values may change when the SDK is updated. Always retrieve the latest values from the endpoint.
The links to complycube.min.js and style.css can be found in your developers portal.
Mount the SDK
As part of mounting the Web SDK, you are required to specify a workflow template ID. The SDK will automatically run the active version of the selected workflow.
Once the verification flow is complete, customers are redirected back to the return URL you specify.
With the generated token, the Web SDK can be initialised in your frontend using the following Javascript code:
The SDK mount parameters are described in the SDK Settings section below.
Referrer policy
To enable successful communication between the SDK and our servers, your web page's Referrer Policy header should be set to strict-origin-when-cross-origin. This ensures that the referrer information is securely transmitted during HTTP requests.
You can either do it programmatically or add it directly to the web page as follows:
<meta name="referrer" content="strict-origin-when-cross-origin">
Perform verification checks
Once your customer starts the flow, a workflow session is automatically created. This session contains all captured data (documents, images, and videos) as well as progress tracking. You can view all of them through the workflow sessions page on the portal or through the API.
When the flow finishes, the SDK triggers the onComplete callback. The callback provides a data object that includes the workflowSessionId. Your backend should use this ID to notify ComplyCube that the workflow has completed, which in turn runs the verification checks defined in the workflow.
If you have set up webhooks as described in our webhooks guide, you will be notified once a workflow session completes.
You can retrieve the details of a workflow session by calling the retrieve workflow session request.
Example of a complete workflow session request
SDK reference
This section describes all configurable settings, callbacks, lifecycle methods, and branding options available in the ComplyCube Web SDK.
Settings
token
The SDK token generated by your backend. This is required.
Type: string
workflowTemplateId
The ID of the workflow template to load for this the session. This is required.
Type: string
containerId
The ID of the container element where the SDK mounts. This must be an empty element.
Type: string
Default value: complycube-mount
useModal
This defines whether the UI screens load into a modal instead of inline.
Type: boolean
Default value: true
disableClientAnalytics
This defines whether we track client analytics or not.
Type: boolean
Default value: false
Callback
Callbacks let you respond to SDK lifecycle events.
onComplete
Triggered after the customer completes the verification flow. This is used to invoke a workflow session complete request.
onError
Triggered when an error occurs. The error object has two attributes:
type: This can be:exceptiontoken_expired: indicates the token has expired. When this occurs, a new SDK token must be provided.
message: Description of the error.
onExit
This callback is triggered when your client exits before completing the flow. It will return the exit reason, e.g., USER_CONSENT_NOT_GRANTED.
onModalClose
Triggered when the customer tries to close the modal. You can allow or prevent closure by updating the isModalOpen attribute using updateSettings.
Updating settings
A number of settings can be updated at runtime as follows:
Unmounting the SDK
If you are using the SDK in a Single Page Application (SPA), you can call the unmount function to remove the SDK and reset its state.
Branding
You can customise the SDK’s look and feel with the branding object. It comprises of the attributes outlined below.
Appearance
The appearance object allows you to customize the color scheme of the SDK with CSS values (e.g. RGBA, Hex). Customizable attributes include:
infoPopupColor
Warning popup background color.
infoPopupTextColor
Warning popup background color.
infoPopupLinkHoverColor
Warning popup fallback Link on hover background color.
infoPopupLinkActiveColor
Warning popup fallback Link active background color.
errorPopupColor
Error popup background color.
errorPopupTextColor
Error popup text color.
errorPopupLinkHoverColor
Error popup fallback Link on hover background color.
errorPopupLinkActiveColor
Error popup fallback Link active background color.
cameraButtonHoverColor
Camera button on hover background color.
cameraButtonActiveColor
Camera button active background color.
iconButtonActiveColor
Icon button active background color.
iconButtonHoverColor
Icon button on hover background color.
primaryButtonColor
Primary button background color.
primaryButtonTextColor
Primary button text color.
primaryButtonActiveColor
Primary button active background color.
primaryButtonHoverColor
Primary button on hover background color.
primaryButtonBorderColor
Primary button border color.
secondaryButtonColor
Secondary button background color.
secondaryButtonTextColor
Secondary button text color.
secondaryButtonActiveColor
Secondary button active background color.
secondaryButtonHoverColor
Secondary button on hover background color.
secondaryButtonBorderColor
Secondary button border color.
documentSelectorColor
Document selector background color.
documentSelectorTextColor
Document selector text color.
documentSelectorActiveBorderColor
Document selector active background color.
documentSelectorHoverBorderColor
Document selector on the hover background color.
linkHoverColor
Link on the hover background color.
linkActiveColor
Link active background color.
linkUnderlineColor
Link underline color.
linkHoverTextColor
Link on the hover text color.
bodyTextColor
SDK content text color.
headingTextColor
SDK heading text color.
subheadingTextColor
SDK subheading text color.
Logo
The logo object has the following attributes:
lightLogoUrl: URL for your logo's light version.darkLogoUrl: URL for your logo's dark version.
Example of logo branding
Text Brand
The textBrand attribute represents the textual format of your brand.
Example of text branding
If logo and textBrand attributes are specified at the same time, logo takes precedence.