Skip to main content

Document ID signing (v2)

Preview

DOC_ID_SIGNING:v2 is in preview. The Verification data block implementation is not yet finalized and may change before general availability.

Identity verification combined with qualified or contract electronic signature via document-based process.

Combines document-based identity verification (Sphinx AutoIdent or VideoIdent) with electronic signature capabilities. Verifies the end user's identity through document analysis and then issues an electronic signature (either QES for qualified signatures under eIDAS or standard contract signing). Results are returned as a unified Verification data block describing the checks applied, the provider, and the assurance level achieved.


Key features

  • Document-based identity verification — Uses Sphinx (VideoIdent or AutoIdent) to verify identity through document analysis, security feature checks, face matching, and liveness detection.
  • Qualified Electronic Signature (QES) — Issues legally binding signatures under the eIDAS framework with the same legal effect as a handwritten signature. Requires strict identity verification before signature creation.
  • Contract signing mode — Issues standard electronic signatures on customer-supplied contract documents without QES requirements.
  • Unified Verification data block — Produces a structured record describing the identity verification checks performed, the provider, and the trust framework and assurance level achieved. (v2 only — v1 produces the legacy DocumentVerification data block instead.)
  • Signed documents package — Returns the signed documents and audit trail from the signature process.

Step versions

VersionStatusOutput verification data block
DOC_ID_SIGNING:v1Current/StableDocumentVerification
DOC_ID_SIGNING:v2PreviewVerification

Use DOC_ID_SIGNING:v1 for all production flows. DOC_ID_SIGNING:v2 is in preview — its implementation is not yet finalized and is not recommended for new flows.


Configuration

ParameterTypeRequiredDescription
signingModestring (enum)YesSigning mode: QES (Qualified Electronic Signature) or CONTRACT_SIGNING (standard contract signing).
config.live.shortnamestringYesSphinx shortname for the live environment. Provided by IDnow during onboarding.
config.staging.shortnamestringYesSphinx shortname for the staging environment. Provided by IDnow during onboarding.
handoffbooleanNoWhen true, redirects the player immediately when the identification enters a pending review state (REVIEW_PENDING, CHECK_PENDING, or FRAUD_SUSPICION_PENDING) and resumes polling in the background. Uses the session redirectUrl if configured; otherwise shows a submission-complete message. Default: false.
webJourneyOnlybooleanNoWhen true, the redirect URL returned to the player is constructed as the Sphinx web journey URL (derived from the onboarding base URL, shortname, and identification ID) instead of the channel chooser redirect URL. Default: false.
inputSourcesobjectYesMaps upstream step IDs to input data blocks. See Input mapping.
inputSources.basicIdentitystringYesID of an upstream step whose BasicIdentity output provides identity data for verification and signing.
inputSources.documentsToSignstringConditionalID of an upstream step whose DocumentsToSign output provides the documents to sign. Required when signingMode is CONTRACT_SIGNING; not required for QES.

Example

QES mode (no contract documents required):

{
"signingMode": "QES",
"config": {
"live": {
"shortname": "acme-live"
},
"staging": {
"shortname": "acme-staging"
}
},
"inputSources": {
"basicIdentity": "SPHINX"
}
}

Contract signing mode (requires documents):

{
"signingMode": "CONTRACT_SIGNING",
"config": {
"live": {
"shortname": "acme-live"
},
"staging": {
"shortname": "acme-staging"
}
},
"inputSources": {
"basicIdentity": "SPHINX",
"documentsToSign": "COLLECT_DOCUMENTS"
}
}

Input data blocks

Data blockRequiredModeDescription
BasicIdentityYesBothIdentity data from the upstream node (typically Sphinx). Used for verification and as signer identification in the signature process.
DocumentsToSignConditionalCONTRACT_SIGNINGDocuments to sign. Required when signingMode is CONTRACT_SIGNING; not required for QES.
File size limit

Each file referenced in DocumentsToSign must not exceed 20 MB. Exceeding this limit returns HTTP 422 with error code FILE_TOO_LARGE at session creation.


Verdicts

VerdictDescription
verifiedIdentity verification succeeded and documents were signed successfully. Status from the signature service is either SUCCESS or SUCCESS_DATA_CHANGED.
fraud_detectedIdentity verification failed due to fraud detection. Fraud was detected and confirmed after review. Identity data and verification information may be available for further analysis.

Output data blocks

VerdictData blocks produced
verifiedBasicIdentity, ExtendedIdentity, DocumentData, DocumentImages, Verification, BiometricSamples, SignedDocumentsPackage
fraud_detectedBasicIdentity, ExtendedIdentity, DocumentData, DocumentImages, Verification, BiometricSamples

Verification data block (v2)

The Verification data block produced by DOC_ID_SIGNING:v2 contains the outcome and the checks applied during the identity verification and signature process.

FieldTypeDescription
statusstringVerification status. One of: verified, rejected, fraudDetected, canceled, aborted, error.
providerstringAlways "IDnow Trust Services".
trustFrameworkstring | nullRegulatory framework. "eidas" when achieving eIDAS compliance (QES); null for standard processes.
assuranceLevelstring | nullIdentity assurance level achieved. "high" for eIDAS-compliant QES processes; null for standard modes.
verifiedAtstringISO 8601 timestamp at which the verification and signature process completed.
verificationProcessIdstring | nullSession or transaction reference from the provider.
terminationReasonobject | nullPresent when the process ended before completion. Contains code (string) and message (string | null).
methodsarrayVerification methods applied. Contains one documentCheck method and one electronicSignature method.

methods[].documentCheck

Describes the identity verification checks performed on the document and user biometrics.

FieldTypeDescription
typestringAlways "documentCheck".
checksarrayTechniques applied during the process. See below.
evidencearrayReferences to evidence artifacts (e.g. liveness recordings, analysis reports) stored in the Vault.

Checks

Checks are reason-driven, not session-type-driven. A successful session produces checks: []. A failed or fraud-detected session produces exactly one check entry for the technique that the IDnow DocIDV reason code maps to, with outcome: failed.

TechniqueReason codes (examples)Description
securityFeaturesID_SECURITY_FEATURE, WARNING_DIGITAL_DOCUMENT, WARNING_FAKED_MANIPULATED_ID, …Physical or visual document security element failed.
documentValidityID_BROKEN, ID_DAMAGED, ID_EXPIRED, ID_NOT_SUPPORTED, WARNING_FAKED_SPECIMEN, …Document format, integrity, or validity check failed.
dataCrosscheckID_BLURRY, ID_DATA, ID_WRONG_SIDE, WARNING_MANIPULATED_DATA, …MRZ/OCR/VIZ reading or data consistency check failed.
faceMatchSELFIE_BLURRY, USER_OBSCURED, WARNING_SELFIE_DISGUISED, …Portrait-to-live-capture comparison failed.
livenessWARNING_SELFIE_NO_REAL_PERSON, WARNING_SELFIE_REAL_PERSONLive person detection failed.
agentReviewWARNING_IDENTITY_THEFT, WARNING_FRAUD_OTHER, WARNING_MONEY_MULEGeneric fraud or compliance conclusion raised during agent review.

Reason codes that describe process interruptions (USER_CANCELLATION_*, APP_CANCELLATION_*, TSP_*, PAY_*, IDENT_*) do not produce a check — they populate terminationReason only.

methods[].electronicSignature

Describes the electronic signature method used and the signature metadata.

FieldTypeDescription
typestringAlways "electronicSignature".
signatureTypestring | nullSignature qualification level from the PAdES certificate. "qes_eidas" for QES, "aes_eidas" for AES; null if absent.
issuerstring | nullQTSP common name from the signing certificate. null if not available.
serialNumberstring | nullSigning certificate serial number. null if not available.
issuedAtstring | nullISO 8601 datetime — certificate signing time from the PAdES structure. null if not available.
evidencearrayReferences to evidence artifacts (e.g. signed PDFs, PAdES structures) stored in the Vault.

Signing modes

QES (Qualified Electronic Signature)

Issues legally binding signatures under the eIDAS framework with the same legal effect as a handwritten signature. Requires strict identity verification via document analysis before the signature is created. The Verification data block will have assuranceLevel: "high" and trustFramework: "eidas".

CONTRACT_SIGNING

Issues standard electronic signatures on customer-supplied contract documents without strict eIDAS requirements. The Verification data block will have assuranceLevel: null and trustFramework: null.


Testing

Before going live, it is important to verify that your integration handles the full range of identification outcomes correctly — from successful verifications to fraud detections, aborts, and review delays.

IDnow provides a Test-Robot service on the TEST environment that simulates the agent side of an identification automatically. This lets you trigger and observe different end-to-end scenarios — such as a happy path, a fraud case, or a canceled ident — and confirm that your application correctly receives and processes the results (e.g. via webhook or API response). Test-Robot is not a replacement for QA engineers, but a tool to validate your integration during development.

Two identification types are supported: