Skip to main content
Blog
Home/

Recipient IDNow verification with Apex Toolkit

Author Ivan Dinkov
Ivan DinkovSr. Developer Support Advisory Engineer
Summary4 min read

Learn how to configure your Apex app to use IDNow for QES identity verification

    • Using IDNow verification from your Apex app
    • Requirements 
    • Additional requirements 
          •   Additional resources

          Table of contents

          In this blog post, I will show you how to use IDNow from Apex Toolkit, as well as the difficulties you may face with implementation.

          Let’s first look at what IDNow is and why you may need it. IDNow is a web-based platform for identity-proofing, providing Know Your Customer (KYC) and other identity verification services, including document (ID) verification and biometric verification for finance, insurance, government, and other industries. 

          Docusign partners with IDNow to provide identity verification for its electronic signature solutions. To comply with EU industry eSignature standards, including the eIDAS, Docusign delivers EU Advanced Electronic Signatures (AdES) and EU Qualified Electronic Signatures (QES). AdES require identity verification; QES require face-to-face identity verification and are best suited for high-value, regulated, or cross-border agreements. IDNow provides the face-to-face identity verification for Docusign-provided QES.

          Using IDNow verification from your Apex app

          To invoke recipient IDNow verification from Apex, use the withSignatureProviders method:

          Requirements 

          So far, it seems very easy. However, before you request IDNow verification, you need to have some additional conditions in place before making the successful request. Without them, your request will result in an error:

          1. You will need to make sure IDNow is included in your account list of signature providers. The AccountSignatureProviders:list method will return the full list enabled for your account. For Apex to work, you will need the “Pen 25” signature provider in your list. Here’s how that looks in the return JSON from the AccountSignatureProviders:list call:

          2. In addition to having “Pen 25” in your list of signature providers, you need to have an IDNow account. If you don’t already have such an account, contact Docusign Sales when requesting “Pen 25” and discuss any possible configuration details.

            Note: This is required only for “Pen 25” as used by the Apex Toolkit.

            Trying to use IDNow without an account will result in an error like this: 

          3. For testing in the developer environment, it is mandatory to use X-MANUALTEST-HAPPYPATH appended to the recipient username.

            Note: Trying to update the username by removing the X-MANUALTEST-HAPPYPATH in demo may prevent connection to IDNow.

            For example:

            Note: X-MANUALTEST-HAPPYPATH use in production is not supported, and if used will lead to a blank page during the IDNow identification stage.

          Once all conditions are met, you can create a sample request from Apex. After the recipient signs, they are going to be presented with a popup window asking them to continue to the next step.

          IDNow signing: next step

          At this point, the signer will be redirected to IDNow to complete the verification process.

          Additional requirements 

          IDNow requires specific firewall settings in order to establish the connection. Allow communication from the following IP addresses and ports:

          • IPs 213.95.84.37, 213.95.145.0/27

          • Ports UDP 3478, UDP range 6200-7000, TCP 443. UDP protocol is required for IDNow to work. If UDP is not allowed, the workaround will be to use the IDNow mobile app and 4G.

          The connection can be tested using the URL: https://video.idnow.de/call-quality-check

          Supported browsers:

          • Chrome (Recommended)

          • Firefox (Supported)

          Browsers not supported:

          • Edge

          • Internet Explorer

          • Safari

          • Opera

          Now, when you have your code and all requirements in place, IDNow will help you comply with EU regulations and complete your agreements.

            Additional resources

          Author Ivan Dinkov
          Ivan DinkovSr. Developer Support Advisory Engineer
          More posts from this author

          Related posts

          • What Is a Webhook? How They Work
            Developers

            What Is a Webhook? How They Work

          • Explore AI-Driven Agreement Insights with the Navigator API Sample App

            Explore AI-Driven Agreement Insights with the Navigator API Sample App

            Author Julie Gordon
            Julie Gordon
          • How to Set Up JavaScript OAuth Authorization Code Grant with PKCE

            How to Set Up JavaScript OAuth Authorization Code Grant with PKCE

            Author Larry Kluger
            Larry Kluger
          Explore AI-Driven Agreement Insights with the Navigator API Sample App

          Explore AI-Driven Agreement Insights with the Navigator API Sample App

          Author Julie Gordon
          Julie Gordon
          How to Set Up JavaScript OAuth Authorization Code Grant with PKCE

          How to Set Up JavaScript OAuth Authorization Code Grant with PKCE

          Author Larry Kluger
          Larry Kluger

          Discover what's new with Docusign IAM or start with eSignature for free

          Explore Docusign IAMTry eSignature for Free
          Person smiling while presenting