This post assumes you’ve already created an IDPartner account and set up a sandbox application, either through our GitHub repository or the Sample Application that gets you up and running in 10 minutes.
In our sample application, you saw that the user was asked to consent to share their email, first and last name, date of birth, and address.
This was as a result of the set of “scopes” identified in the request object found in js index in routes
Let’s say you really don’t need all that stuff. We are passionate about protecting users’ privacy and one of those principles is minimal disclosure: only ask for what you need. So this is the screen where you’ll amend the scopes to, say, verify only the address.
Take out all those extra data points and, now, when your user is presented a consent screen, they will see:
Now, you can amend your success screen in success.ejs (in Views)
This includes all the copy and how to handle all the data objects that will come back following the request.
Now that the user has authenticated and consented via the bank’s OpenID Connect provider (OP), you have access to a set of claims - defined by you in js index (in routes). These claims are pieces of information, like name, email, address, and other profile details returned from the userinfo endpoint of the OP. Let’s say that your application is being used in your registration flow and you want to use those claims to create a new user in your system.
You’ll do this by sending the claims to your users API endpoint (api/v1/users). Typically, this is a POST request with the user claims included in the request body. Doing this ensures that the data you need in your system is aligned to the verified information provided by the bank’s OP.
An example might look like:
const axios = require('axios');
// Example user claims obtained from the Banks OIDC provider
const userClaimsFromBank = {
given_name: 'John',
family_name: 'Doe'
email: 'rockstar1977@hotmail.com',
};
const usersApiEndpoint = 'https://api.example.com/api/v1/userendpoint';
And the response
axios.post(usersApiEndpoint, userClaimsFromBank)
.then(response => {
console.log('User created/updated successfully:', response.data);
})
.catch(error => {
console.error('Error creating/updating user:', error.response ? error.response.data : error.message);
});
Whether you’re creating or updating users, verifying an address for input into an order system, it’s pretty simple to send the claims in the IDPartner jwt to other services.