One-time verification flow

Unlike the passwordless login and web login flows, the One-time verification flow performs identity checks without requiring the user to create a Digidentity account. Once the verification has been completed, a report of the user's personal details can be retrieved by the client within the retention period (30 days by default), after which time the user's details are automatically deleted.

One-time verification flow

sequenceDiagram
    participant USR as End-user
    participant CFE as Client frontend<br>(webpage/email/letter)
    participant CBE as Client<br>backend
    participant DBE as Digidentity<br>backend

    loop Once per day
        CBE ->>+ DBE: Request application token (1)
        DBE ->>- CBE: Application token
    end

    CBE ->>+ DBE: Request QR code URL (2)
    DBE ->>- CBE: URL and<br>user pseudonym
    CBE -->> CFE: Present URL<br>as QR code
    CBE ->>+ DBE: Poll for identity report<br>with application token<br>and user pseudonym (3)
    USR -->> CFE: Scan QR code
    USR -->> USR: Upload document<br>with Digidentity app
    DBE ->>- CBE: Identity report
    CBE -->> CFE: Notify user

---

• (1) /oauth2/token.json
• (2) /api/v1/anonymous_onboarding
• (3) /api/v1/reports.json