Onfido API

What is Onfido?

Onfido is a cloud platform for digital identity verification and compliance that helps organizations onboard customers and employees securely. Teams use Onfido to capture and validate identity documents, perform facial similarity and liveness checks, run watchlist/sanctions (AML/KYC) screenings, and determine eligibility for right-to-work/right-to-rent—powered by SDKs, orchestration workflows, and machine learning with optional human review.

Core product areas include:

• Identity Verification (Document Capture & Validation, Facial Similarity, Liveness)
• AML/KYC Screening (Sanctions, PEP, Adverse Media, Watchlists)
• Employment & Tenant Compliance (Right to Work, Right to Rent)
• Workflow Orchestration (Multi-step verification flows, decisioning)
• Fraud Prevention (Repeat attempt detection, device signals, tamper checks)
• Developer Tooling (SDKs, webhooks, sandbox/testing, artifact downloads)

Common data entities:

• Applicants (PII, contact info, consent, metadata)
• Checks (grouping of reports executed for an applicant)
• Reports (document, facial_similarity, watchlist_aml, right_to_work)
• Artifacts (document images, selfie/video captures, signed URLs)
• Decisions and Risk Scoring (statuses, recommendations, manual review)
• Workflow Runs and Events (step outcomes, transitions, webhooks)

The Onfido Integration Challenge

Compliance teams rely on Onfido daily, but turning portal- and SDK-driven flows into headless automation requires careful handling:

• PII stewardship: Sensitive identity data and artifacts must be accessed with least privilege and audited
• Asynchronous report lifecycles: Checks return in stages with partial results, retries, and manual review
• Variant logic by region: Document types, sanctions lists, and right-to-work rules vary by country and program
• Workflow-first UX: Capture flows and step sequencing are optimized for front-end SDKs, not backend jobs
• Authentication complexity: SSO/MFA and short-lived URLs complicate durable integrations
• Event reliability: Webhook ordering, deduplication, and replays impact downstream compliance SLAs

How Supergood Creates Onfido APIs

Supergood reverse-engineers authenticated browser flows and network interactions to deliver a resilient API endpoint layer for your Onfido tenant.

• Handles username/password, SSO/OAuth, and MFA (SMS, email, TOTP) securely
• Maintains session continuity with automated refresh and change detection
• Normalizes responses so you can integrate once and rely on consistent objects across modules
• Aligns with customer entitlements, data retention policies, and role-based permissions to ensure compliant access
• Streams verification events and artifacts with durable delivery and redaction options

Getting Started

• Schedule Integration Assessment

Book a 30-minute session to confirm your modules, licensing, and authentication model.

• Supergood Builds and Validates Your API

We deliver a hardened Onfido adapter tailored to your workflows and entitlements.

• Deploy with Monitoring

Go live with continuous monitoring and automatic adjustments as Onfido evolves.