World
Home
Mini Apps
External Integrations
World Chain

ID Kit

Integrating World ID

We created the IDKit libraries, to help you integrate World ID into your app in 3 simple steps:

  1. Create an application in our Developer Portal
  2. Retrieve user's verification proof using an IDkit library
  3. Verify the proof

Step 1: Create an application in the Developer Portal

When you create your application you'll choose External as the integration type. External apps use IDKit to collect proofs from your end-users and return them to your backend for verification.

Decide upfront

  1. Environment
    Production – Real Human World IDs.
    Staging / Development – internal testing against the test identities.

  2. Verification target
    Cloud – verify proofs via a REST endpoint.
    On-chain – verify proofs directly inside a smart contract.

Once you create the application you'll need to create an incognito action.

Step 2: Retrieve a proof with IDKit

IDKit is available for multiple runtimes so you can collect proofs wherever your users are:

PlatformDocs
Web (React)Integrate on the web
Web (Vanilla)Integrate on the web
Mobile (React Native, Swift, Kotlin)Integrate on mobile
Find a full list of supported SDKs here

Regardless of the platform the flow is the same:

  1. Initiate a verification session with a minimum verification_level
  2. User will be redirect or prompted to use the World App
  3. When the user succeeds you receive a proof object containing merkle_root, nullifier_hash, proof, and the user's verification_level.

ISuccessResult

{
	"merkle_root": "0x1f38b57f3bdf96f05ea62fa68814871bf0ca8ce4dbe073d8497d5a6b0a53e5e0",
	"nullifier_hash": "0x0339861e70a9bdb6b01a88c7534a3332db915d3d06511b79a5724221a6958fbe",
	"proof": "0x063942fd7ea1616f17787d2e3374c1826ebcd2d41d2394...",
	"verification_level": "orb"
}

Retrieving the proof is not enough. You must verify the proof in Step 3 to prevent replay attacks. Without verification, your application could be vulnerable to malicious actors reusing old proofs.

Step 3: Verify the proof

Choose where you want to verify proofs:

TargetRecommended whenDocs
Cloud verifierYou already maintain a backend server and prefer a simple REST callVerify via REST
On-chain verifierYou need trust-minimized verification inside a smart contractVerify on-chain

Cloud verifications from the Developer portal automatically handle sybil-resistance for you, ensuring that a user cannot perform the same action more than a set amount. If you want to verify proofs on-chain you need to handle this, more details here