Yoti Python SDK

Welcome to the Yoti Python SDK. This repo contains the tools and step by step instructions you need to quickly integrate your Python back-end with Yoti so that your users can share their identity details with your application in a secure and trusted way.

Table of Contents

1. An Architectural view - High level overview of integration

2. References - Guides before you start

3. Requirements - Everything you need to get started

4. Installing the SDK - How to install our SDK

5. SDK Project import - How to install the SDK to your project

6. Configuration - Entry point explanation

7. Handling Users - How to manage users

8. Running the examples - How to retrieve a Yoti profile using the token

9. API Coverage - Attributes defined

10. Support - Please feel free to reach out

An Architectural View

Before you start your integration, here is a bit of background on how the integration works. To integrate your application with Yoti, your back-end must expose a GET endpoint that Yoti will use to forward tokens. The endpoint can be configured in the Yoti Hub when you create/update your application. For more information on how to create an application please check our developer page.

The image below shows how your application back-end and Yoti integrate into the context of a Login flow. Yoti SDK carries out for you steps 6, 7 and the profile decryption in step 8.

Yoti also allows you to enable user details verification from your mobile app by means of the Android (TBA) and iOS (TBA) SDKs. In that scenario, your Yoti-enabled mobile app is playing both the role of the browser and the Yoti app. Your back-end doesn't need to handle these cases in a significantly different way. You might just decide to handle the User-Agent header in order to provide different responses for desktop and mobile clients.

References

• AES-256 symmetric encryption
• RSA pkcs asymmetric encryption
• Protocol buffers
• Base64 data

Requirements

To see the versions of Python this SDK is compatible with, see the the GitHub workflow tests file file.

Installing the SDK

To import the Yoti SDK inside your project, simply run the following command from your terminal:

pip install yoti

SDK Project Import

You can reference the project URL by adding the following import:

import yoti_python_sdk

Configuration

After creating your application on the Yoti Hub, you need to download the .PEM key and save it outside the repo (keep it private).

The variables required for the SDK to work are found in the tabs on your Yoti application's settings page (Yoti Hub). These are:

• YOTI_SCENARIO_ID - This is used to configure the Yoti Login Button (see Front End Integration).
• YOTI_CLIENT_SDK_ID - This is the SDK identifier generated by Yoti Hub in the Key tab when you create your app. Note this is not your Application Identifier which is needed by your client-side code.
• YOTI_KEY_FILE_PATH - This is the path to the application .pem file, we recommend keeping your .pem file outside of your repository. It can be downloaded only once from the Keys tab in your Yoti Hub. (e.g. /home/user/.ssh/access-security.pem).

Please do not open the pem file as this might corrupt the key and you will need to create a new application.

One way to configure these environment variables is to use an .env file. There are .env.example files supplied in the Django and Flask example projects, which you can rename to .env and enter your settings into this file. Do not use quotes when entering your environment variables

Example Initialisation

from yoti_python_sdk import Client
@app.route('/profile')
def auth():
    client = Client(YOTI_CLIENT_SDK_ID, YOTI_KEY_FILE_PATH)
    activity_details = client.get_activity_details(request.args['token'])

Handling Users

When you retrieve the user profile, you receive a user ID generated by Yoti exclusively for your application. This means that if the same individual logs into another app, Yoti will assign her/him a different ID. You can use this ID to verify whether (for your application) the retrieved profile identifies a new or an existing user. Here is an example of how this works:

client = Client(YOTI_CLIENT_SDK_ID, YOTI_KEY_FILE_PATH)
activity_details = client.get_activity_details(token)

profile = activity_details.profile
        
selfie = profile.selfie.value
given_names = profile.given_names.value
family_name = profile.family_name.value
full_name = profile.full_name.value
phone_number = profile.phone_number.value
date_of_birth = profile.date_of_birth.value
postal_address = profile.postal_address.value
structured_postal_address = profile.structured_postal_address.value
gender = profile.gender.value
nationality = profile.nationality.value
email_address = profile.email_address.value
        
remember_me_id = activity_details.user_id
parent_remember_me_id = activity_details.parent_remember_me_id
receipt_id = activity_details.receipt_id
timestamp = activity_details.timestamp
base64_selfie_uri = activity_details.base64_selfie_uri

You can retrieve the anchors, sources and verifiers for each attribute as follows:

given_names_attribute = profile.given_names

given_names_anchors = given_names_attribute.anchors
given_names_sources = given_names_attribute.sources
given_names_verifiers = given_names_attribute.verifiers

You can also retrieve further properties from these respective anchors in the following way:

source_anchor = given_names_sources[0]
value = source_anchor.value
sub_type = source_anchor.sub_type
timestamp = source_anchor.signed_timestamp
origin_server_certs = source_anchor.origin_server_certs

If you have chosen Verify Condition on the Yoti Hub with the age condition of "Over 18", you can retrieve the user information as follows:

age_verification_attribute = profile.get_attribute("age_over:18")

You can retrieve the sources and verifiers in the same way as detailed above.

Running the Examples

From the Yoti Hub:

1. Set the application domain of your app to localhost:5000
2. Set the scenario callback URL to /yoti/auth

With Docker

To run the Flask or Django container:

1. Clone this repository
2. Change directory to the example project directory with
   • cd examples/yoti_example_flask for Flask
     OR
   • cd examples/yoti_example_django for Django
3. Make sure the environment variables YOTI_SCENARIO_ID, YOTI_CLIENT_SDK_ID and YOTI_KEY_FILE_PATH are set using an .env file (instructions in the Configuration section). Please note that with Docker, the .pem file must reside in a location within where docker is being run from, so it should be placed somewhere under the respective yoti_example_flask/yoti_example_django folders.
4. Rebuild the images if you have modified the docker-compose.yml file with
   • docker-compose build --no-cache
5. Start the container with docker-compose up
6. Navigate to https://localhost:5000

Running Locally

Follow instructions in the README for each example:

• Profile - Django
• Profile - Flask
• Doc Scan

API Coverage

• Activity Details
  • Remember Me ID user_id
  • Parent Remember Me ID parent_remember_me_id
  • ReceiptID receipt_id
  • Timestamp timestamp
  • Profile profile
    • Photo selfie
    • Given Names given_names
    • Family Name family_name
    • Full Name full_name
    • Mobile Number phone_number
    • Email Address email_address
    • Date of Birth date_of_birth
    • Address postal_address
    • Structured Postal Address structured_postal_address
    • Gender gender
    • Nationality nationality
  • Application Profile application_profile
    • Name application_name
    • URL application_url
    • Logo application_logo
    • Receipt Background Color application_receipt_bg_color
  • Base64 Selfie URI base64_selfie_uri

Support

For any questions or support please email clientsupport@yoti.com. Please provide the following to get you up and working as quickly as possible:

• Computer type
• OS version
• Version of Python being used
• Screenshot

Once we have answered your question we may contact you again to discuss Yoti products and services. If you’d prefer us not to do this, please let us know when you e-mail.

Windows Configuration

If you're using Windows and you haven't installed Cryptography before, you might need to set two environment variables for Cryptography to install (it is a requirement of the Yoti package):

set LIB=C:\OpenSSL-Win64\lib;%LIB%
set INCLUDE=C:\OpenSSL-Win64\include;%INCLUDE%

Where OpenSSL-Win64 is the location that you have installed OpenSSL to. See here for more information.