Skip to main content

Overview

UIP provides biometric identity verification and signature capabilities through a simple API. This guide walks you through everything you need to start integrating UIP into your application.
Two-step setup: Create your UIP identity, then generate API keys. No complex registration or approval process required.

What You’ll Need

Before you begin, make sure you have:

A Smartphone

iOS 13+ or Android 8+ with biometric capability (fingerprint or face recognition)

Government ID

Valid passport, driver’s license, or national ID for identity verification

Development Environment

Your preferred development setup to integrate the API

5 Minutes

That’s all it takes to get fully set up and ready to build

Step 1: Create Your UIP Identity

Your UIP identity is your biometric-secured digital identity. You’ll use it to authenticate to the developer console and as a test account during development.

Download the UIP App

Get the UIP mobile app for your device:

Download on iOS

Requires iOS 13.0 or later

Download on Android

Requires Android 8.0 or later

Complete Setup

1

Open the app

Launch UIP and tap “Create New Identity”
2

Biometric enrollment

Follow the prompts to enroll your fingerprint or face recognition. This happens entirely on your device.
3

Identity verification

  • Scan your government ID (passport, driver’s license, or national ID)
  • Take a live selfie for biometric matching
  • Didit, our verification partner, will confirm your identity (typically under 60 seconds)
4

Done!

Your UIP identity is now active. You’ll receive a unique UIP ID and can start using it immediately.
Privacy first: Your biometric data never leaves your device. UIP uses cryptographic keys generated from your biometrics without storing the actual biometric templates.

Verification Requirements

To ensure security and compliance, identity verification requires:
  • Passport (from any country)
  • Driver’s License (select countries)
  • National ID Card (select countries)
Documents must be current (not expired) and clearly legible.
  • Good lighting (not too dark or bright)
  • Clear focus (not blurry)
  • No glare or reflections
  • All corners visible
  • No filters or edits
During the selfie capture, you’ll be asked to:
  • Look directly at the camera
  • Follow simple prompts (turn head, blink, etc.)
  • This prevents fraud from photos or videos
  • Instant: Most verifications complete in under 60 seconds
  • Manual review: Some cases require manual review (1-24 hours)
  • Status updates: You’ll receive notifications in the app

Step 2: Get API Keys

Once you have your UIP identity, you can create API keys. No separate developer registration needed — authenticate with your UIP identity and you’re in.

Access Developer Console

Open Developer Console

Authenticate with your UIP identity to access the developer console

Authentication Flow

1

Navigate to console

Visit business.uip.digital and click “Developer Access”
2

Scan QR code

A QR code appears on screen. Open your UIP app and scan it.
3

Approve access

Review the permissions request in your app and authenticate with your biometric
4

You're in!

You’re now logged into the developer console

Create an API Key

1

Navigate to API Keys

In the developer console, go to Settings > API Keys
2

Create new key

Click “Create New API Key” and configure:
  • Name: Descriptive name for your key (e.g., “Production API”, “Development”)
  • Permissions: Select which APIs to enable (Identify, Sign, Message)
3

Save securely

Your API key appears once. Copy it immediately and store it securely:
  • Use environment variables
  • Never commit to version control
  • Store in secrets management system
Security critical: Your API key has full access to your account. Treat it like a password. If compromised, revoke it immediately and generate a new one.

API Environment

UIP provides a production API environment:
  • Base URL: https://api.uip.digital/v1
  • Real users: Actual biometric verification and signatures
  • Usage-based billing: Pay for what you use
  • SLA: 99.9% uptime guarantee
  • Signup bonus: $5 in credits to test and implement your integration

Integration Checklist

Before you start building, review this checklist:

Prerequisites

  • UIP identity created and verified
  • API keys generated
  • API keys stored securely in environment variables
  • Development environment set up
  • Familiarized with API documentation
  • Decided which UIP APIs to use (Identify, Sign, Message)
  • Planned user flow (QR code vs. deep link based on device)
  • Designed authentication/signature UX
  • Planned polling strategy (2-3 second intervals)
  • Planned error handling strategy
  • API keys stored as environment variables (never in code)
  • HTTPS enforced for all API calls
  • Webhook signature verification implemented (for message/authorize flows)
  • User data handling complies with GDPR/privacy laws
  • Audit trail storage planned for signatures
  • Use $5 signup credit for initial testing
  • Your own UIP identity created for testing
  • Error scenarios covered in tests
  • QR code expiration handling tested
  • Device detection for mobile/desktop tested

Understanding the Integration Flow

Here’s how a typical UIP integration works:

Authentication Flow

1

User initiates login

User clicks “Login with UIP” in your application
2

Create session

Your backend calls POST /v1/identify and receives a session_id, qr_code, and expires_at
3

Display QR code or deep link

Desktop: display the QR code image. Mobile: show an “Open UIP” button linking to https://www.uip.id/{session_id}
4

User scans and authenticates

User opens UIP app, scans the QR code (or taps the deep link), and authenticates with their biometric
5

Poll for result

Your backend polls GET /v1/identify/:id every 2-3 seconds until status is completed
6

Receive verified data

When completed, the poll response includes all requested identity data (name, DOB, etc.) and an audit_id
7

Create session

Your application creates a user session and logs them in

Signature Flow

1

User needs to sign

User completes a form, agreement, or transaction requiring signature
2

Create sign session

Your backend calls POST /v1/sign with intent and signature information
3

Display QR or deep link

Show QR code on desktop or “Open UIP” button on mobile
4

User reviews and signs

User opens UIP app, reviews the signing request, and signs with biometric verification
5

Poll for result

Poll GET /v1/sign/:id until status is completed
6

Store proof

Save the audit_id and uip_id from the completed response for permanent audit trail access

Common Questions

Yes. Every user who will authenticate or sign via your app needs their own UIP identity. This is a one-time setup that takes about 2 minutes.You can embed the UIP signup flow in your onboarding process. Direct users to download the UIP app during account creation.
Use your $5 signup credit and your own UIP identity for testing. Create your UIP identity during onboarding, then use it to test the complete authentication and signature flows.This gives you the full end-to-end experience before deploying to production.
Users can recover their UIP identity on a new device by:
  1. Downloading the UIP app on the new device
  2. Selecting “Recover Identity”
  3. Re-verifying with their government ID and biometric
All historical audit records remain intact and accessible.
  • Signup bonus: $5 in credits when you join UIP
  • Identify API: $0.01 per identification
  • Sign API: $0.03 per signature
  • Message API: 0.03withoutattachment,0.03 without attachment, 0.10 with attachment
  • Audit API: Always free
See full pricing details for more information.
  • Identify/Sign sessions: Expire after 5 minutes
  • API keys: Never expire (but can be revoked)
  • Audit records: Permanent, never expire
Not for Identify or Sign. These use a simple poll-based flow — just poll GET /v1/identify/:id or GET /v1/sign/:id until completed.Webhooks are used for:
  • Message signature events (user signs or declines a message)
  • Authorize completion events (delegation token granted)
  • Delegation revocation events
See the Webhooks guide for details.

Best Practices

Use Your Signup Credit

Use your $5 signup credit to test your integration with real UIP infrastructure

Device Detection

Detect mobile vs desktop and show the appropriate UX — QR code for desktop, deep link button for mobile

Handle Errors Gracefully

User cancellations and timeouts are normal — provide clear retry options

Store Audit IDs

Always save audit IDs from completed sessions for audit trail access later

Test Edge Cases

Test QR expiration, user cancellation, network errors, and timeout scenarios

Monitor Usage

Use the dashboard to track API usage, errors, and performance metrics

Next Steps

Quickstart

Build your first integration with working code examples

QR Integration Guide

Device detection, QR display, and deep linking best practices

API Reference

Complete API documentation with request/response examples

Error Handling

Handle errors gracefully with proper retry logic

Need Help?

Contact Support

Our team is here to help. Email us with any questions or integration issues.