HomeIntegration

5N ID Integration

Seamlessly integrate 5N ID into your system using our REST API or TypeScript/JavaScript SDK and build trust from the first step.

background

Before
You Begin

Request 5N ID access

Your client account to access the API and SDK.

Get Authorized

Use your Client ID and Client Secret to obtain OAuth2 access tokens via client_credentials flow. For API requests, include the Bearer token in the Authorization header. The SDK handles this automatically.

Overview

5N ID allows youto integrate secure identity verification directly into your website, application, or mobile app. Our technology ensures seamless customer onboarding and Credentials compliance while serving as the unified identity layer for the Canton ecosystem

Key Features:

  • 5N ID acts as the single source of truth for user identity across the Canton network, enabling consistent and verifiable user data across applications.
  • User identity information is securely stored and managed via smart contracts, ensuring tamper-proof records and auditability.
  • Simple integration using either the REST API with standardized HTTP requests and responses, or the TypeScript/JavaScript SDK for type-safe, developer-friendly integration.
  • Designed to work seamlessly with Canton's privacy-focused blockchain infrastructure, enabling compliant data sharing between permissioned nodes.

If you have any questions or need further assistance, please don't hesitate to contact our support team.

Guide

This guide helps you integrate your system with the 5N ID Credentials application. Choose between using the REST API directly or the TypeScript/JavaScript SDK for a more developer-friendly experience. Both use OAuth2 client_credentials authentication for secure access.

01

Contact Us

Fill in the application form to initiate the process. After your account is created, you'll receive an email with your login credentials and temporary password.
02

Log in to the Application

  • Go to the login page;
  • Enter your email and temporary password;
  • Change your password upon first login.
03

Access Client ID and Client Secret

You will receive a unique Client ID and Client Secret. Use them to obtain OAuth2 access tokens for authenticating your API requests, or pass them directly to the SDK which handles token management automatically.
04

Choose Integration Method

Choose how you want to integrate:
  • REST API: Use HTTP requests directly for maximum control;
  • SDK: Install @fivenorth/id-sdk for type-safe, simplified integration with automatic token management;
  • Both methods use the same OAuth2 authentication and provide the same functionality.
05

Front-End Adjustments

You must update your front-end to support:
  • Triggering Credentials flow after user actions;
  • Displaying verification status to users;
  • Handling errors and responses visually.
06

Test the Integration

Use the sandbox environment to:
  • Test API/SDK authentication;
  • Simulate Credentials flows;
  • Validate all error scenarios;
  • Ensure that all functionality works end-to-end before going live.
07

Complete Integration

Once integration is tested and verified, your system will be ready to manage users and initiate Credentials processes in production.

API Overview

Use this section to understand the core technical specifications of the 5N ID API before diving into specific endpoints.

Current API Version
v1.0.0
Update Frequency
Real-time sync after every Credentials action
Base URL
https://id.devnet.cantonloop.com/api/v1
Data Formats
All requests and responses use JSON
Authentication
All requests must be authenticated using OAuth2 client_credentials flow with Bearer tokens

SDK Reference

SDK Benefits

The 5N ID SDK provides a type-safe, developer-friendly wrapper around the 5N ID API:

  • Automatic OAuth2 token management (acquisition, caching, and refresh)
  • Type-safe methods with full TypeScript support
  • Network configuration (devnet/mainnet) with automatic URL resolution
  • Comprehensive error handling with specific error types
  • Simplified API calls without manual token management

Package Information

Key information about the SDK package:

  • Package name: @fivenorth/id-sdk
  • Available on npm: https://www.npmjs.com/package/@fivenorth/id-sdk
  • The SDK uses the same OAuth2 client_credentials flow as the API.
  • All SDK methods correspond to API endpoints and provide the same functionality.
  • The SDK automatically handles token expiration and retries failed requests.

To integrate using the SDK, follow the steps below.

1. Installation

Package@fivenorth/id-sdk

Description

Install the 5N ID SDK package from npm to get started with type-safe, easy-to-use methods for interacting with the 5N ID API.

Installation

Install using npm:
npm install @fivenorth/id-sdk
Or using yarn:
yarn add @fivenorth/id-sdk
Or using bun:
bun add @fivenorth/id-sdk

2. Initialization

MethodidSdk.connect()

Description

Create and authenticate a connection to the 5N ID service. The SDK automatically handles OAuth2 token management, including token acquisition, caching, and refresh.

Parameters

  • clientId – your Client ID (required)
  • clientSecret – your Client Secret (required)
  • network – network environment: "devnet" or "mainnet" (optional, defaults to "mainnet")

Network Configuration

The SDK supports two networks: mainnet (production, default) and devnet (development). URLs are automatically resolved based on the network.

Example

Connect to mainnet (default):
import { idSdk } from '@fivenorth/id-sdk';

// Connect to mainnet (default)
const connection = await idSdk.connect({
  clientId: 'your-client-id',
  clientSecret: 'your-client-secret',
});
Connect to devnet:
import { idSdk } from '@fivenorth/id-sdk';

// Connect to devnet
const devConnection = await idSdk.connect({
  clientId: 'your-client-id',
  clientSecret: 'your-client-secret',
  network: 'devnet',
});

3. Create Credentials Request

Methodconnection.createCredentialsRequest()

Description

Request credentials from a user by creating a credentials access request (proposal). This sends a request to the user to share their credentials.

Parameters

  • partyId – the party ID of the user whose credentials you are requesting (required)
  • providers – array of credential providers: ["GOOGLE", "LINKEDIN", "GITHUB", "DISCORD", "TWITTER"] (required)

Example

Request credentials from a user:
await connection.createCredentialsRequest({
  partyId: 'party::123',
  providers: ['GOOGLE', 'LINKEDIN', 'GITHUB'],
});

Response

Returns void on success. Indicates that a proposal was successfully created for the user.

4. Get All Institution Credentials

Methodconnection.getCredentials()

Description

Retrieve all approved credentials that your institution has access to, with pagination support. Returns credentials with freshness status and metadata.

Parameters (optional)

  • offset – number of records to skip (default: 0)
  • limit – maximum number of records to return (default: 10)

Example

Get all credentials with default pagination:
// Get first page (default: offset=0, limit=10)
const allCredentials = await connection.getCredentials();

console.log(allCredentials.items); // Array of credentials
console.log(allCredentials.pagination); // { offset, limit, total }
Get credentials with custom pagination:
// With pagination
const page2 = await connection.getCredentials({
  offset: 10,
  limit: 20,
});

Response

Returns a CredentialsListResponse object containing an array of credentials and pagination information.

Response Example

{
  "items": [
    {
      "contractId": "008064f25bcfa1dff5129a3e5cbf68553cf48400dda996bfd58b5c21c5bca454ecca11122025436ea2b81f3558afe832a943f9b92a864104cc8d53f3f9fc6ae4e48b119e7a",
      "provider": "GOOGLE",
      "kycStatus": "APPROVED",
      "expirationDate": "2024-12-31T23:59:59.000Z",
      "issuedAt": "2024-01-01T00:00:00.000Z",
      "freshness": "FRESH",
      "metadata": {
        "email": "user@example.com",
        "firstName": "John",
        "lastName": "Doe"
      }
    },
    {
      "contractId": "00b16e63ea75e5ace293f7bd0df8af9dea49e021883387a3120871617eb9e8fbf5ca111220e702bde51f70c5c1915dab37c288e617786296506ef8eb201ef54693f7323395",
      "provider": "LINKEDIN",
      "kycStatus": "APPROVED",
      "expirationDate": "2024-12-31T23:59:59.000Z",
      "issuedAt": "2024-01-05T00:00:00.000Z",
      "freshness": "MODERATE",
      "metadata": {
        "email": "user@example.com",
        "firstName": "Jane",
        "lastName": "Smith"
      }
    }
  ],
  "pagination": {
    "offset": 0,
    "limit": 10,
    "total": 25
  }
}

The response includes:

  • items – array of credential objects, each containing:
    • contractId – unique identifier for the credential contract
    • provider – credential provider (GOOGLE, LINKEDIN, GITHUB, DISCORD, TWITTER)
    • kycStatus – status of the credential (APPROVED, REJECTED, etc.)
    • expirationDate – when the credential expires
    • issuedAt – when the credential was issued
    • freshness – freshness status (FRESH, MODERATE, STALE, REVOKED)
    • metadata – provider-specific credential data
  • pagination – pagination information:
    • offset – current offset
    • limit – number of items per page
    • total – total number of credentials available

Note

For additional details including request headers, query parameters, and cURL examples, see the corresponding endpoint in the API Reference section.

5. Get Credentials by Party ID

Methodconnection.getCredentialsByPartyId()

Description

Get credentials disclosed by a specific user to your institution. Returns an array of all credentials for the specified party ID.

Parameters

  • partyId – the party ID of the user (required)

Example

Get credentials for a specific user:
const userCredentials = await connection.getCredentialsByPartyId('party::123');

userCredentials.forEach(credential => {
  console.log(credential.provider); // 'GOOGLE', 'LINKEDIN', etc.
  console.log(credential.kycStatus); // 'APPROVED', 'REJECTED', etc.
  console.log(credential.metadata.email); // User's email
  console.log(credential.freshness); // 'FRESH', 'MODERATE', 'STALE', 'REVOKED'
});

Response

Returns an array of Credential objects, each containing provider, kycStatus, metadata, freshness status, and other credential information.

Response Example

Retrieves the credential results disclosed by the user to the institution. Example:
[
  {
    "provider": "GOOGLE",
    "kycStatus": "APPROVED",
    "expirationDate": "2026-11-06T08:05:34.576Z",
    "contractId": "04a5835d6cc470817989e9acc1f20c0a::12200d35764b9b490251e499af00626b54516c4f3f1c021c2eb72bf7c72f38662cb0",
    "metadata": {
      "email": "user@example.com",
      "lastName": "Doe",
      "firstName": "John",
      "providerId": "114130885620656351623",
      "verifiedAt": "2025-11-06T08:05:27.056Z",
      "emailVerified": true,
      "profilePicture": "https://lh3.googleusercontent.com/a/xxx"
    }
  },
  {
    "provider": "GITHUB",
    "kycStatus": "APPROVED",
    "expirationDate": "2026-11-06T08:05:51.597Z",
    "contractId": "04a5835d6cc470817989e9acc1f20c0a::12200d35764b9b490251e499af00626b54516c4f3f1c021c2eb72bf7c72f38662cb1",
    "metadata": {
      "email": "user@example.com",
      "lastName": "Doe",
      "username": "johndoe",
      "firstName": "John",
      "providerId": "8937226",
      "verifiedAt": "2025-11-06T08:05:44.262Z",
      "profilePicture": "https://avatars.githubusercontent.com/u/xxxx?v=4"
    }
  }
]

Note

For additional details including request headers, path parameters, and cURL examples, see the corresponding endpoint in the API Reference section.

6. Generate Verification Link

Methodconnection.generateVerificationLink()

Description

Generate a short-lived verification link for a specific credential. The link can be shared with third parties to verify the credential status.

Parameters

  • contractId – the contract ID of the specific credential (required)

Example

Generate a verification link:
const verification = await connection.generateVerificationLink({
  contractId: '008cb3c4e71260967ef...',
});

console.log(verification.verificationUrl); // URL to share
console.log(verification.token); // Token for status checking

Response

Returns a GenerateVerificationLinkResponse object containing verificationUrl and token.

7. Generate Verification Links (Batch)

Methodconnection.generateVerificationLinksBatch()

Description

Generate verification links for multiple credentials in a single request. Useful for bulk verification operations. Maximum 100 requests per batch. Each item is processed independently - partial failures are returned in the response.

Parameters

  • requests – array of verification link requests (required, max 100 items)
  • Each request object contains:
  • - contractId – the contract ID (required)

Example

Generate verification links in batch:
const batchResult = await connection.generateVerificationLinksBatch({
  requests: [
    { contractId: '00020bf30f6b3714bff...' },
    { contractId: '008cb3c4e71260967ef...' },
  ],
});

batchResult.results.forEach(result => {
  if (result.result) {
    console.log(`Success: ${result.result.verificationUrl}`);
  } else if (result.error) {
    console.error(`Error: ${result.error.message}`);
  }
});

Response

Returns a BatchGenerateVerificationLinkResponse object containing an array of results. Each result contains either a verification link response or an error for failed requests.

8. Check Verification Status

Methodconnection.checkVerificationStatus()

Description

Check the verification status for a verification token. This is a public endpoint (no authentication required) and is typically used by third parties who received a verification link.

Parameters

  • token – the verification token from the verification URL (required)

Example

Check verification status (public endpoint, no authentication required):
const status = await connection.checkVerificationStatus('verification-token');

console.log(status.status); // 'strong', 'moderate', 'weak', etc.
console.log(status.color); // 'green', 'amber', 'red'
console.log(status.isActive); // boolean
console.log(status.credentialData); // Original credential metadata

Response

Returns a VerificationStatusResponse object containing status, color, isActive flags, credential data, and other verification information.

Response Example

Response example:
{
  "status": "strong",
  "color": "green",
  "contractId": "008cb3c4e71260967ef",
  "issuedAt": "2025-01-15T10:30:00Z",
  "expiredAt": "2025-02-15T10:30:00Z",
  "isActive": true,
  "isArchived": false,
  "isSuperseded": false,
  "isRevoked": false,
  "message": "Credentials verified successfully",
  "kycProvider": "GOOGLE",
  "credentialData": {
    "email": "user@example.com",
    "firstName": "John",
    "lastName": "Doe"
  }
}

Note

For additional details including path parameters and cURL examples, see the corresponding endpoint in the API Reference section.

9. Get Human Score

Methodconnection.getHumanScore()

Description

Retrieve the human score calculation for a specific party. The human score is a composite metric that evaluates identity verification based on account age, social metrics, email consistency, and provider connections. Returns a total score (0-100+), confidence level, score breakdown, earned badges, and detailed metrics.

Parameters

  • partyId – the party ID of the user to get the human score for (required)

Example

Example:
import idSdk from '@fivenorth/id-sdk';

const connection = await idSdk.connect({
  clientId: 'YOUR_CLIENT_ID',
  clientSecret: 'YOUR_CLIENT_SECRET',
  network: 'mainnet' // or 'devnet'
});

const humanScore = await connection.getHumanScore('party::identifier');

console.log('Total Score:', humanScore.totalScore);
console.log('Confidence Level:', humanScore.confidenceLevel);
console.log('Badges:', humanScore.badges);

Response

Returns a HumanScoreResult object containing totalScore, confidenceLevel, breakdown (score components), badges (earned badges array), and details (detailed metrics including accountAges, socialMetrics, emailConsistency, providerCount, allUserInfo, and allTokenClaims).

Response Example

Returns the human score calculation for the authenticated user. Example:
{
  "totalScore": 91,
  "confidenceLevel": "high",
  "breakdown": {
    "accountAgeScore": 35,
    "socialMetricsScore": 16,
    "emailConsistencyScore": 20,
    "providerCountScore": 20
  },
  "badges": [
    {
      "id": "account-age-veteran",
      "name": "Veteran",
      "description": "Verified account older than 10 years",
      "level": "platinum",
      "category": "Account Age"
    },
    {
      "id": "email-perfect",
      "name": "Perfect",
      "description": "Same email across all providers",
      "level": "platinum",
      "category": "Email Consistency"
    },
    {
      "id": "provider-all-star",
      "name": "All-Star",
      "description": "Connected 5+ verification providers",
      "level": "platinum",
      "category": "Provider Count"
    },
    {
      "id": "verified-status-verified",
      "name": "Verified",
      "description": "Has at least one verified account",
      "level": "gold",
      "category": "Verified Status"
    },
    {
      "id": "developer-beginner",
      "name": "Beginner",
      "description": "1+ public repositories",
      "level": "bronze",
      "category": "Developer Activity"
    }
  ],
  "details": {
    "accountAges": [
      {
        "provider": "GITHUB",
        "ageInDays": 4129
      },
      {
        "provider": "DISCORD",
        "ageInDays": 99
      },
      {
        "provider": "TWITTER",
        "ageInDays": 82
      }
    ],
    "socialMetrics": [
      {
        "provider": "GITHUB",
        "ageInDays": 4129,
        "email": "user@example.com",
        "accountCreatedAt": "2014-09-27T08:47:46.000Z",
        "githubRepos": 1,
        "githubFollowers": 6,
        "followingCount": 5
      },
      {
        "provider": "DISCORD",
        "ageInDays": 99,
        "email": "user@example.com",
        "accountCreatedAt": "2025-10-09T08:13:32.713Z",
        "verified": true
      },
      {
        "provider": "TWITTER",
        "ageInDays": 82,
        "email": "@username",
        "accountCreatedAt": "2025-10-25T18:11:26.000Z",
        "followersCount": 8,
        "followingCount": 1,
        "postsCount": 0,
        "verified": false
      }
    ],
    "emailConsistency": {
      "uniqueEmails": [
        "user@example.com"
      ],
      "consistencyScore": 20
    },
    "providerCount": 5,
    "allUserInfo": [],
    "allTokenClaims": []
  }
}

Note

For additional details including request headers and cURL examples, see the corresponding endpoint in the API Reference section.

10. Resolve Credentials

Methodconnection.resolveCredentials()

Description

Resolve credentials using a single method. The behavior depends on the options provided: use `q` (email/username) for forward lookup or `partyId` for reverse lookup. Forward lookup finds credentials when you have a user's email or username. Reverse lookup finds all credentials associated with a specific party ID. This is a unified method that automatically determines whether to perform forward or reverse lookup based on the provided options.

Parameters

  • options – ResolveCredentialsOptions object containing either:
  • - q – email address or username for forward lookup (case-insensitive)
  • - partyId – party ID for reverse lookup (e.g., "party::12200d35764b9b490251e499af00626b54516c4f3f1c021c2eb72bf7c72f38662cb0")
  • Note: Provide exactly one of q or partyId, but not both.

Example

Example:
import idSdk from '@fivenorth/id-sdk';

const connection = await idSdk.connect({
  clientId: 'YOUR_CLIENT_ID',
  clientSecret: 'YOUR_CLIENT_SECRET',
  network: 'mainnet' // or 'devnet'
});

// Forward lookup: Find credentials by email or username
const result1 = await connection.resolveCredentials({
  q: 'user@example.com'
});

console.log('Found credentials:', result1.credentials);
console.log('Party ID:', result1.credentials[0]?.partyId);

// Reverse lookup: Find all credentials by party ID
const result2 = await connection.resolveCredentials({
  partyId: 'party::12200d35764b9b490251e499af00626b54516c4f3f1c021c2eb72bf7c72f38662cb0'
});

console.log('All credentials for this party:', result2.credentials);

Response

Returns a ResolveCredentialsResponse object containing an array of credentials. Each credential includes partyId, userId, email, username, kycProvider, contractId, and metadata.

Response Example

Response example:
{
  "credentials": [
    {
      "partyId": "party::12200d35764b9b490251e499af00626b54516c4f3f1c021c2eb72bf7c72f38662cb0",
      "userId": 123,
      "email": "user@example.com",
      "username": "johndoe",
      "firstName": "John",
      "lastName": "Doe",
      "kycProvider": "GOOGLE",
      "contractId": "contract::123",
      "metadata": {
        "emailVerified": true,
        "profilePicture": "https://example.com/avatar.jpg"
      }
    },
    {
      "partyId": "party::12200d35764b9b490251e499af00626b54516c4f3f1c021c2eb72bf7c72f38662cb0",
      "userId": 123,
      "email": "user@example.com",
      "username": "johndoe",
      "kycProvider": "GITHUB",
      "contractId": "contract::456",
      "metadata": {
        "githubFollowers": 150,
        "githubRepos": 25
      }
    }
  ]
}

Usage Notes

  • Forward lookup (q option): Search is case-insensitive and matches against both email and username fields
  • Reverse lookup (partyId option): Returns all credentials associated with the party ID across all providers
  • Only returns credentials that the institution has approved access to
  • Returns empty array if no matches found
  • Can return multiple credentials if user has multiple providers
  • Throws an error if both q and partyId are provided, or if neither is provided

Note

The SDK also provides convenience methods `resolve(query)` and `reverseResolve(partyId)` for simpler use cases. For additional details including request headers, query parameters, and cURL examples, see the corresponding endpoint in the API Reference section.

Join Us in Shaping the Future of Credentials

Call for collaboration, partnerships, or community engagement.

bg