Skip to main content

Age Verification - 5 Minutes Tutorial - API Integration BETA

⚠️ BETA Product: This product is currently in beta. Features and integrations are under active development.

Prerequisites

The following information is required to be able to integrate with Authologic:

  • Developer portal credentials,
  • API Keys.

Developer Portal Credentials

The developer portal address and credentials were provided during onboarding.

Passwords And API Keys

During the onboarding you have received the API keys:

  • API key allowing communication with Authologic.
  • The key used to verify the data sent by Authologic by the callback mechanism.

Integration Overview

Authologic provides a simple and effective way to verify a user's age. The API process involves three key steps: initiating the verification through an external system, redirecting the user to the appropriate page, and receiving the verification results.

The entire process is called conversation. The following diagram represents the process logical flow:

  1. Start of the age verification process. Your server calls the API method called: POST /api/conversations
  2. The response returns information about the address to which the user should be redirected
  3. Your system redirects the user's browser to the above URL
  4. The user verifies their age
  5. Authologic redirects the user's browser to a predefined page of your system
  6. Your server displays the return page
  7. Authologic calls a callback on your server's side with the result of the verification
We use the curl tool to show the API operation. If you have not dealt with it, you can find a short guide on it here(opens in new tab). Of course, there is nothing to prevent you from using the swagger tool directly, which you will find at the link: here, or any other tool, such as Postman or Insomnia.

Creating a Conversation

Let's try using the curl tool to start a new conversation for age verification.

The conversation creation API does not have any mandatory fields. This is because your account may have default values for all fields configured. Thanks to this, possible changes in the requirements are not connected with your code.
The Authologic API uses the Basic Auth based authentication described, among others, at here(opens in new tab). Username and API key should be used as data. By using the curl tool we use the -u option which is responsible for the use of Basic Auth.
curl -X POST -u my_login "https://sandbox.authologic.com/api/conversations" \
-H "Accept: application/vnd.authologic.v1.1+json" \
-H "Content-Type: application/vnd.authologic.v1.1+json" \
-d '{
    "userKey": "7dfb9ded-c38f-49ae-95e2-307283a0b1f6",
    "returnUrl": "https://id.sandbox.authologic.com/c/{conversationId}/thankYou",
    "callbackUrl": "my_callback_url_here",
    "strategy": "public:sandbox",
        "query": {
            "ageVerification": {
                "over": 18
            }
        }
    }'

Of course, instead of my_login enter your login. You should be prompted for a password - at that point you should enter the API key (do not confuse it with the password to the customer panel).

For my_callback_url_here you could use https://webhook.site/(opens in new tab) to generate callback url which will be responsible for receiving user information from Authologic. Whether you will use webhook.site or other similar tool it is crucial that it will correctly receive http request since it is required for the process of identification.

Authologic requires you to provide the API version number by providing them as part of the expected document types. Therefore, in the query, we used the appropriate Accept and Content-Type headers, thanks to which the server will be able to choose the appropriate format and API version.

  • userKey - the field which you can use to provide your own user identification information. Authologic returns this field in the conversation results, but doesn't use the value of the field. It is optional and will be generated for you if omitted.
  • returnUrl - address to which the user will be redirected by Authologic after verifying the age. It may contain the fragment: {conversationId} - if it exists, it will be replaced with the conversation ID.
  • callbackUrl - after process is completed, on this url we will send you the verification result or information that process has failed.
  • strategy - information on how Authologic should perform the verification. This field is optional. If not specified, the system will use the default value. In our case, we used the public:sandbox strategy, which does not perform real verification, but allows you to select the result, which is convenient for implementation and integration tests.
  • query - it is the query definition that contains the set of information we want to receive.
  • ageVerification - is the name of the product we want to ask for. Age Verification specifies age confirmation.
  • over - the minimum age threshold to verify (e.g., 18, 21, or any custom age requirement).
We set the default strategy together when setting up an account. If you need to change it, please contact us.
A list of the available strategies assigned to your account can be found on the main page of the customer portal.
The example given is for a test environment. If you perform these operations on the production environment that was provided to you then the public:sandbox strategy is not available. You can omit the strategy field to use the default strategy or use another one that we gave you the name of when determining your needs. As a result, nothing bad will happen, but remember that the production environment requires real data. The collected data will also be real.

The response should look something like this:

{
  "id": "c12c1adc-3ff0-4d32-b95c-c593135c903e",
  "userKey": "7dfb9ded-c38f-49ae-95e2-307283a0b1f6",
  "url": "https://sandbox.authologic.com/c/c12c1adc-3ff0-4d32-b95c-c593135c903e",
  "status": "CREATED",
  "result": {
    "ageVerification": {
      "status": "IN_PROGRESS",
      "over": 18,
      "result": null
    }
  }
}

In the above response we got the following information:

  • id - the conversation id. We will need it when inquiring about its status.
  • userKey - ID of the user to be checked, exactly what you entered when creating the conversation.
  • url - the address to which the user should be redirected in order to verify their age.
  • status - conversation status. CREATED marks a new conversation where the user has not yet started the verification process.
  • result - conversation result. At the moment we do not have any verification result, so there appears, within the product for which we asked the status: IN_PROGRESS, the age threshold (over), and null for the result.
In the response there may be other fields, e.g. info. These fields are described separately, and we shouldn't worry about them now.

Age Verification Check

The user age is verified by sending the user to the address returned in the url field. So now open your browser and go to the page you got in this parameter. You should see the first screen of the age verification process. For our sample strategy, it will be a screen where we can simulate the verification result.

After going through the process, you should be redirected to the returnUrl page that you entered when creating the conversation.

Getting Conversation Result

Now let's check the conversation status. You should get request on url that was provided in callbackUrl field during creating conversation.

{
  "id": "f109ad2b-5e3c-4f9d-b2ea-20379e56f101",
  "created": "2020-12-24T16:00:00.930853456Z",
  "target": "CONVERSATION",
  "event": "FINISHED",
  "payload": {
    "conversation": {
      "id": "c12c1adc-3ff0-4d32-b95c-c593135c903e",
      "userKey": "7dfb9ded-c38f-49ae-95e2-307283a0b1f6",
      "url": "https://sandbox.authologic.com/c/c12c1adc-3ff0-4d32-b95c-c593135c903e",
      "status": "FINISHED",
      "result": {
        "ageVerification": {
          "status": "FINISHED",
          "over": 18,
          "result": true
        }
      }
    }
  }
}

Conversation Identifier vs Callback Identifier

Please note, that in the above response the top level identifier is the callback identifier, not the conversation identifier. In order to retrieve metadata about the conversation using Authologic APIs, you should use the conversation identifier, which is the id field value that is located in the payload.conversation object.

This time the status has changed to FINISHED, which means the process is complete. At the same time, the result structure also contains the FINISHED state, which means that the verification was successfully completed. The result field contains a boolean value:

  • true - the user is over the specified age threshold
  • false - the user is not over the specified age threshold
That's it. You managed to use API and verify user age.

What's Next

Combining Products

Combining multiple products together in a single request.

Testing

Learn how to test your integration.

Productionize

What to do before going to production.

WebSDK

Embedding the verification process within your website.

Embedding the verification process within your website is completely optional. Using redirection in your process if sufficient and more than enough to start working with Authologic. You can consider it when you would like the process to be a part of the web application.

Troubleshooting

Callbacks

Not being able to receive callbacks.

Errors

Verification failure reasons.

Statuses

Handling various conversation statuses.

FAQ

Frequently asked questions.

Deprecations

Deprecated features and options list.

Despite our sincere intentions, it is difficult to create perfect technical documentation. If you have an idea on how to improve this documentation, or you have trouble understanding any section, please email us at tech-support@authologic.com
Was this page helpful?
Powered by Authologic Nisaba