- Create an application in our Developer Portal
- Retrieve user’s verification proof using an IDkit library
- Verify the proof
Step 1: Create an application in the Developer Portal
When you create your application you’ll choose External as the integration type. External apps use IDKit to collect proofs from your end-users and return them to your backend for verification.Decide upfront
-
Environment
• Production – Real Human World IDs.
• Staging / Development – internal testing against the test identities. -
Verification target
• Cloud – verify proofs via a REST endpoint.
• On-chain – verify proofs directly inside a smart contract.
Step 2: Retrieve a proof with IDKit
IDKit is available for multiple runtimes so you can collect proofs wherever your users are:| Platform | Docs |
|---|---|
| Web (React) | Integrate on the web |
| Web (Vanilla) | Integrate on the web |
| Mobile (React Native, Swift, Kotlin) | Integrate on mobile |
Find a full list of supported SDKs here
- Initiate a verification session with a minimum
verification_level - User will be redirect or prompted to use the World App
- When the user succeeds you receive a proof object containing
merkle_root,nullifier_hash,proof, and the user’sverification_level.
ISuccessResult
Retrieving the proof is not enough. You must verify the proof in Step 3 to
prevent replay attacks. Without verification, your application could be
vulnerable to malicious actors reusing old proofs.
Step 3: Verify the proof
Choose where you want to verify proofs:| Target | Recommended when | Docs |
|---|---|---|
| Cloud verifier | You already maintain a backend server and prefer a simple REST call | Verify via REST |
| On-chain verifier | You need trust-minimized verification inside a smart contract | Verify on-chain |
Cloud verifications from the Developer portal automatically handle
sybil-resistance for you, ensuring that a user cannot perform the same action
more than a set amount. If you want to verify proofs on-chain you need to
handle this, more details here