To verify your documents, identity and gain verification experience from BASIS ID, use the widget below. You will receive verification results by email within 24 hours.

Integration Guidance

1. Widget Integration

Lorem ipsum dolor, sit amet consectetur adipisicing elit. Neque, accusamus dolor optio eaque
error possimus molestias! Natus, eius est eveniet cum adipisci laboriosam, voluptatum, minima laudantium
inventore repellendus similique!

  bas_gw: "",
  container_id: "bas-widget-container",
  ui: {
      width: "100%",
      height: "108px",
      style: "",
  options: {
      onLoad: function(){
          console.log("BAS AS loaded");
      onManualCheck: function(result) {
          if (result.status === "ok"){
            // User data sending success
            // ... Add Your code here ...

2. Result

Upon successful/unsuccessful end of the user registration via Widget, you will receive an
object called
Possible values of the “result” object:
• status – request status;
• user_hash – unique string user ID;
If a user has successfully registered, result looks like:

status: 'ok',
user_hash: '27c5728a-7130-408d-b0a1-d55ed8ae7b2f'

In case if registration has been cancelled:

{status: 'canceled'}

3. Callback


BASIS ID is using the callback method to transfer the statuses of the verification to the
client’s platform.

There are various types of callbacks BASIS ID is able to send, each designed for a specific stage of the
verification process. A client has to set up a callback URL from where their system will collect the
statuses of the verification process.

An example of such a callback:


In response to a callback, you have to send back the status “200OK” with any
text, for example, “OK”.

If a response has not been received or it did not contain “200OK”, the
system stops sending requests for 3
minutes. After 3 attempts the system will delay the next attempt by an hour.

4. Signature

Every callback contains a signature that allows verifying that the callback is genuine and comes from the

The signature is a sha256 concatenation of the values/text in all the fields
of a callback and API Secret
Key 2, available in the Widget Designer:


Java signature example:

String sign256hex = 
  org.apache.commons.codec.digest.DigestUtils.sha256Hex(BASIS_API_SECRET2 + user_id + user_hash + status + autocheck_bad_reasons);
if (sign256hex.equals(signature)) {
  // Signed ...

PHP signature example:

$signature = hash('sha256', BASIS_API_SECRET2 . $inp['user_id'] . $inp['user_hash'] . $inp['status'] . $inp['autocheck_bad_reasons']);
if ($signature == $inp['signature']) {

5. Autocheck bad reasons

The reasons for the profile to be automatically declined. You can have one reason or many comma separated
reasons in “autocheck_bad_reasons” field:

  • pep – politically exposed person
  • law enforcement
  • regulatory enforcement
  • other bodies
  • sanctions – government etc sanctions
  • black_list – A person with the same name is mentioned in blacklist.
  • video – The passport/ID picture and face on the video are not similar. No
    match in facial recognition or
    failed liveness check.
  • mrz – The first name/surname/middle name/date of birth do not match with
    passport’s machine readable
    (MRZ) or the document is not valid.

6. Callback settings

The callback can be sent at various points of the verification process. Please select when would you like
to receive callbacks to your URL.

At what stage/s the callback needs to be sent:

Callback type Status values
A When a new user is registered in the system 2
B When the AML/Sanction screening is completed 10/11
C When the full verification is completed 10/11
D When a user is requested to provide additional data 3

Callback Examples

"Status": 2,

"Status": 2,

"Status": 2,

This site uses cookies to provide the best online experience. By using this site, you agree that we may store and access cookies on your device.