Technical reference
- Web SDK
- Android SDK
- iOS SDK
- API Reference
- SDK 9
- - 9.2.0
- - 9.1.0
- - 9.0.0
- SDK 8
- - 8.1.0
- - 8.0.0
- SDK 7
- - 7.3.0
- - 7.2.0
- [9.2.0] - 2021-03-15
- [9.1.0] - 2021-02-25
- [9.0.0] - 2021-02-15
- [8.1.0] - 2021-02-03
- [8.0.0] - 2020-12-16
- [7.4.0] - 2020-10-20
- [7.3.0] - 2020-08-27
- [7.2.0] - 2020.07.06
- [7.1.0] - 2020.06.25
- [7.0.0] - 2020-06-15
- [6.0.0] - 2020-04-30
- [5.6.0] - 2020-03-16
- [5.5.1] - [enterprise] - 2020-03-06
- [5.5.0] - 2020-02-17
- [5.4.0] - 2020-01-23
- [5.3.3] - 2020-01-08
- [5.3.2] - [enterprise] - 2019-12-18
- [5.3.1] - 2019-12-16
- [5.3.0] - 2019-11-28
- [5.2.0] - 2019-11-12
- [5.1.0] - 2019-10-14
- [5.0.1] - 2019-09-06
- [5.0.0] - 2019-08-20
- [4.11.1] - 2019-11-07
- [4.11.0] - 2019-08-12
- [4.11.0-rc.1] - 2019-08-09
- [4.10.0] - 2019-07-18
- [4.9.0] - 2019-06-11
- [4.8.1] - 2019-06-20
- [4.8.0] - 2019-04-04
- [4.7.0] - 2019-03-05
- [4.6.0] - 2019-02-14
- [4.5.1] - 2019-01-28
- [4.5.1-rc.2] - 2019-01-25
- [4.5.1-rc.1] - 2018-12-20
- [4.5.0] - 2018-12-12
- [4.4.0] - 2018-09-06
- [4.3.0] - 2018-07-17
- [4.2.0] - 2018-06-25
- [4.1.0] - 2018-05-17
- [4.0.0] - 2018-04-23
- [3.0.0] - 2018-04-05
- [2.4.0]
- [2.3.0]
- Changed
- [2.2.0]
- [2.1.0]
- [2.0.0]
- [1.0.0]
- [0.9.2]
- [0.9.1]
- [0.9.0]
- [0.8.0]
- [0.7.1]
- [0.7.0-rc.3] - 2018-03-28
- [0.7.0-rc.2] - 2018-02-16
- [0.7.0-rc.1]
- [0.6.0]
- [0.5.0]
- [0.4.0]
- [0.3.1]
- [0.3.0]
- [0.2.2]
- [0.2.1]
- [0.2.0]
- [0.1.1]
- [0.1.0]
- [0.0.5]
- `9.0.0` -> `9.1.0`
- `8.1.0` -> `9.0.0`
- `7.4.0` -> `8.0.0`
- `7.3.0` -> `7.4.0`
- `7.0.0` -> `7.1.0`
- `6.0.0` -> `7.0.0`
- `5.6.0` -> `6.0.0`
- `5.5.0` -> `5.6.0`
- `5.3.3` -> `5.4.0`
- `4.5.0-F5` -> `5.3.2` - [enterprise]
- `5.2.0` -> `5.3.0`
- `5.1.0` -> `5.2.0`
- `5.0.1` -> `5.1.0`
- `5.0.0` -> `5.0.1`
- `4.11.0` -> `5.0.0`
- `4.8.0` -> `4.11.0`
- `4.7.0` -> `4.8.0`
- `4.6.0` -> `4.7.0`
- `4.5.1` -> `4.6.0`
- `3.0.0` -> `4.0.0`
- `2.4.0` -> `3.0.0`
- `2.0.0` -> `2.1.0`
- `1.0.0` -> `2.0.0`
- `0.9.2` -> `1.0.0`
Overview
This SDK provides a drop-in set of screens and tools for Android applications to allow capturing of identity documents and face photos/live videos for the purpose of identity verification. The SDK offers a number of benefits to help you create the best onboarding/identity verification experience for your customers:
- Carefully designed UI to guide your customers through the entire photo/video-capturing process
- Modular design to help you seamlessly integrate the photo/video-capturing process into your application flow
- Advanced image quality detection technology to ensure the quality of the captured images meets the requirement of the Onfido identity verification process, guaranteeing the best success rate
- Direct image upload to the Onfido service, to simplify integration*
* Note: the SDK is only responsible for capturing and uploading photos/videos. You still need to access the Onfido API to create and manage checks.
Getting started
The SDK supports API level 21 and above (distribution stats).
Version 7.4.0 was the last version that supports API level 16 and above.
Our configuration is currently set to the following:
minSdkVersion = 21
targetSdkVersion = 28
android.useAndroidX=true
Kotlin = 1.3+
compileOptions { sourceCompatibility JavaVersion.VERSION_1_8 targetCompatibility JavaVersion.VERSION_1_8 }
1. Obtaining an API token
In order to start integration, you will need the API token. You can use our sandbox environment to test your integration, and you will find these two sandbox tokens inside your Onfido Dashboard. You can create sandbox tokens inside your Onfido Dashboard.
1.1 Regions
Onfido offers region-specific environments. Refer to the Regions section in the API documentation for token format and API base URL information.
2.1 onfido-capture-sdk
Complete, input quality-focused solution suited for better captures and faster IDV flows. This is the recommended integrated option. This version provides advanced on-device, real-time glare and blur detection as well as auto-capture (passport only) on top of a set of basic image validations.
repositories { jcenter() } dependencies { implementation 'com.onfido.sdk.capture:onfido-capture-sdk:+' }
Due to the advanced validation support stated above, in the form of C++ code, we recommend that the integrator app performs multi-APK split to optimise the app size for individual architectures.
2.1.1 Multi-APK split
C++ code needs to be compiled for each of the CPU architectures (known as "ABIs") present on the Android environment. Currently, the SDK supports the following ABIs:
armeabi-v7a
: Version 7 or higher of the ARM processor. Most recent Android phones use thisarm64-v8a
: 64-bit ARM processors. Found on new generation devicesx86
: Most tablets and emulatorsx86_64
: Used by 64-bit tablets
The SDK binary contains a copy of the native .so
file for each of these four platforms.
You can considerably reduce the size of your .apk
by applying APK split by ABI, editing your build.gradle
as the following:
android { splits { abi { enable true reset() include 'x86', 'x86_64', 'arm64-v8a', 'armeabi-v7a' universalApk false } } }
More information on the Android documentation
Average size (with Proguard enabled):
ABI | Size |
---|---|
armeabi-v7a | 5.34 Mb |
arm64-v8a | 6.23 Mb |
2.2 onfido-capture-sdk-core
Lighter, app size-friendly version. This version provides a set of basic image validations mostly provided by the backend. Since there are no real-time validations on-device, ABI split is not needed.
repositories { jcenter() } dependencies { implementation 'com.onfido.sdk.capture:onfido-capture-sdk-core:+' }
Average size (with Proguard enabled):
ABI | Size |
---|---|
universal | 2.81 Mb |
The sizes stated above were measured by building the minimum possible wrappers around our SDK, using the following stack. Different versions of dependencies such as Gradle or NDK may result in slightly different values.
Notes:
Until these packages get approved to be included in JCenter, the following snippet must be used to instruct gradle to search for them on Bintray:
repositories { maven { url "https://dl.bintray.com/onfido/maven" } }
Warning: In order to improve the security of our clients, we upgraded our infrastructure and SDK client SSL configurations to support TLSv1.2 only. According to the relevant Google documentation, this support comes enabled by default on every device running Android API 20+. In case you need to support devices older than that in your integration with the Onfido Android SDK, we need to access Google Play Services to install the latest security updates, which enable this support. As such, if you don't use Google Play Services on your integration yet, we require you to add the following dependency:
compile ('com.google.android.gms:play-services-base:x.y.z') { exclude group: 'com.android.support' // to avoid conflicts with your current support library }
3. Creating an applicant
You must create an Onfido applicant before you start the flow.
You must create applicants on your server. For a document or face check, the minimum applicant details required are first_name
and last_name
:
$ curl https://api.onfido.com/v3/applicants \ -H 'Authorization: Token token=YOUR_API_TOKEN' \ -d 'first_name=Theresa' \ -d 'last_name=May'
The JSON response has an id
field containing an UUID that identifies the applicant. Once you pass the applicant ID to the SDK, documents and live photos/videos uploaded by that instance of the SDK will be associated with that applicant.
Note: If you're using API v2, please check out API v2 to v3 migration guide to understand which changes need to be applied before starting to use API v3.
4. Configuring SDK with Tokens
We now support two token mechanisms:
SDK token
Mobile token
We strongly recommend using a SDK token. It provides a more secure means of integration, as the token is temporary and applicant id-bound. Note that, if you're using an SDK token, you shouldn't call withApplicantId function.
4.1 SDK Token
You will need to generate and include a short-lived JSON Web Token (JWT) every time you initialise the SDK. To generate an SDK Token you should perform a request to the SDK Token endpoint in the Onfido API:
$ curl https://api.onfido.com/v3/sdk_token \ -H 'Authorization: Token token=YOUR_API_TOKEN' \ -F 'applicant_id=YOUR_APPLICANT_ID' \ -F 'application_id=YOUR_APPLICATION_ID'
Make a note of the token value in the response, as you will need it later on when initialising the SDK.
Warning: SDK tokens expire 90 minutes after creation. The SDK token configurator function has an optional tokenExpirationHandler
parameter. It will be called when sdk token expires and you can use it to pass a new one.
Note: If you're using API v2, please check out API v2 to v3 migration guide to understand which changes need to be applied before starting to use API v3.
Kotlin
class ExpirationHandler : TokenExpirationHandler { override fun refreshToken(injectNewToken: (String?) -> Unit) { TODO("Your network request logic to retrieve SDK token goes here") injectNewToken("NEW_SDK_TOKEN") // if you pass `null` sdk exit with token expired error } } val config = OnfidoConfig.builder(context) .withSDKToken("YOUR_SDK_TOKEN_HERE", tokenExpirationHandler = ExpirationHandler()) // ExpirationHandler is optional
Java
class ExpirationHandler implements TokenExpirationHandler { @Override public void refreshToken(@NotNull Function1<? super String, Unit> injectNewToken) { //Your network request logic to retrieve SDK token goes here injectNewToken.invoke("NEW_SDK_TOKEN"); // if you pass `null` sdk exit with token expired error } } OnfidoConfig.Builder config = new OnfidoConfig.Builder(context) .withSDKToken("YOUR_SDK_TOKEN", new ExpirationHandler()); // ExpirationHandler is optional
Note: If you want to use tokenExpirationHandler
you should pass concrete class instance, you should not pass an anonymous or activity class instance.
4.2 Mobile Token
Note: Mobile token usage is still supported, but it will be removed in the future. If you are starting a project, we would strongly recommend that you use SDK tokens instead.
In order to start integration, you will need the API token and the mobile token. You can use our sandbox environment to test your integration, and you will find these two sandbox tokens inside your Onfido Dashboard.
Warning: You MUST use the mobile token and not the API token when configuring the SDK itself.
6. Starting the flow
// start the flow. 1 should be your request code (customise as needed) onfido.startActivityForResult(this, /*must be an Activity or Fragment (support library)*/ 1, /*this request code will be important for you on onActivityResult() to identity the onfido callback*/ config);
Congratulations! You have successfully started the flow. Carry on reading the next sections to learn how to:
- Handle callbacks
- Customise the SDK
- Create checks
Handling callbacks
To receive the result from the flow, you should override the method onActivityResult
on your Activity/Fragment. Typically, on success, you would create a check on your backend server.
@Override protected void onActivityResult(int requestCode, int resultCode, Intent data) { ... onfido.handleActivityResult(resultCode, data, new Onfido.OnfidoResultListener() { @Override public void userCompleted(Captures captures) { //communicate with your backend and initiate the check } @Override public void userExited(ExitCode exitCode) { //User left the sdk flow without completing it } @Override public void onError(OnfidoException exception) { // An exception occurred during the flow } }); }
When the user has successfully completed the flow, and the captured photos/videos have been uploaded, the userCompleted
method will be invoked. The Captures
object contains information about the document and face captures made during the flow.
With the applicant id, you can then create a check for the user via your backend. On the other hand, if the user exits the flow without completing it, the userExited
method will be invoked. Note that some images may have already been uploaded by this stage.
ExitCode |
---|
USER_LEFT_ACTIVITY |
USER_CONSENT_DENIED |
CAMERA_PERMISSION_DENIED (Deprecated) |
Sample of a Captures
instance returned by a flow with FlowStep.CAPTURE_DOCUMENT
and FlowStep.CAPTURE_FACE
:
Document: Front: DocumentSide(id=document_id, side=FRONT, type=DRIVING_LICENCE) Back: DocumentSide(id=document_id, side=BACK, type=DRIVING_LICENCE) Type: DRIVING_LICENCE Face: Face(id=face_id, variant=PHOTO)
Note type
property refers to DocumentType
, variant refers to FaceCaptureVariant
As part of userCompleted
method, the DocumentType
property can only contain the values which are supported by Onfido backend APIs. Please check out our API documentation
1. Flow customisation
You can customise the flow of the SDK via the withCustomFlow(FlowStep[])
method. You can remove, add and shift around steps of the SDK flow.
final FlowStep[] defaultStepsWithWelcomeScreen = new FlowStep[]{ FlowStep.WELCOME, //Welcome step with a step summary, Optional FlowStep.USER_CONSENT, //User Consent Page, Optional FlowStep.CAPTURE_DOCUMENT, //Document Capture Step FlowStep.CAPTURE_FACE, //Face Capture Step FlowStep.FINAL //Final Screen Step, Optional }; final OnfidoConfig config = OnfidoConfig.builder() .withCustomFlow(defaultStepsWithWelcomeScreen) .withSDKToken("YOUR_SDK_TOKEN") .build();
Also, by calling the exitWhenSentToBackground()
method of the OnfidoConfig.Builder
, you can determine that the flow should be exited whenever the user sends the app to background.
This exit action will invoke the userExited(ExitCode exitCode)
callback described in the handling callbacks section.
User Consent Step
This step contains a screen to collect the user's privacy consent and is an optional step in the SDK flow. It contains the required consent language as well as links to Onfido's policies and terms of use. The user must click "Accept" to get past this step and continue with the flow. The content is available in English only, and is not translatable.
Note that this step does not automatically inform Onfido that the user has given their consent. At the end of the SDK flow, you still need to set the API parameter privacy_notices_read_consent_given
outside of the SDK flow when creating a check.
If you choose to disable this step, you must incorporate the required consent language and links to Onfido's policies and terms of use into your own application's flow before your user starts interacting with the Onfido SDK.
For more information about this step, and how to collect user consent, please visit onfido-privacy-notices-and-consent.
Document Capture Step
In this step the user can pick which type of document to capture, the document origin country, and then use the phone camera to capture it.
To customise a document capture step you can use DocumentCaptureStepBuilder
class's functions for the corresponding document types.
Document Type | Configuration function | Configurable Properties |
---|---|---|
Passport | forPassport() | |
National Identity Card | forNationalIdentity() | - country - documentFormat |
Driving Licence | forDrivingLicence() | - country - documentFormat |
Residence Permit | forResidencePermit() | - country |
Visa | forVisa() | - country |
Work Permit | forWorkPermit() | - country |
Generic | forGenericDocument() | - country |
Note GENERIC
document type doesn't offer an optimised capture experience for a desired document type.
Configuring Document Format
This configuration allows you to specify format of document such as Card and Folded
Note: You can specify folded document format for only French driving licence, South African national identity and Italian national identity. If you would configure the SDK with unsupported
country configuration the SDK will throw InvalidDocumentFormatAndCountryCombinationException
If you would like to specify country and document format for driving license
Kotlin
val drivingLicenceCaptureStep = DocumentCaptureStepBuilder.forDrivingLicence() .withCountry(CountryCode.FR) .withDocumentFormat(DocumentFormat.FOLDED) .build()
Please be aware that we don't support every document - country combination, and unsupported documents will not be verified. So if you decide to bypass the default country selection screen by replacing the FlowStep.CAPTURE_DOCUMENT
with a CaptureScreenStep
, please make sure that you are specifying a supported document.
We provide an up-to-date list of the documents we support here
Face Capture Step
In this step the user can capture either a photo of his/her face, or a live video by using the front camera. In case of choosing the second option,
the user will be prompted to perform some simple challenges. The photo option can be instantiated with FlowStep.CAPTURE_FACE
or
FaceCaptureStepBuilder.forPhoto()
and the video option with FaceCaptureStepBuilder.forVideo()
.
By default both face and video variants show an introduction screen. You can disable the intro using withIntro(false)
function.
FlowStep faceCaptureStep = FaceCaptureStepBuilder.forVideo() .withIntro(false) .build();
If you would like to not display the recorded video on the confirmation screen, you could hide it using withConfirmationVideoPreview
function.
FlowStep faceCaptureStep = FaceCaptureStepBuilder.forVideo() .withConfirmationVideoPreview(false) .build();
In case both types of FaceCaptureStep
are added to the same custom flow, a custom IllegalArgumentException
will be thrown at the beginning of the flow,
with the message "Custom flow cannot contain both video and photo variants of face capture"
.
2. Theme customisation
In order to enhance the user experience on the transition between your application and the SDK, you can provide some customisation by defining certain colors inside your own colors.xml
file:
onfidoColorPrimary
: Defines the background color of the Toolbar
which guides the user through the flow
onfidoColorPrimaryDark
: Defines the color of the status bar above the Toolbar
onfidoTextColorPrimary
: Defines the color of the title on the Toolbar
onfidoTextColorSecondary
: Defines the color of the subtitle on the Toolbar
onfidoColorAccent
: Defines the color of the FloatingActionButton
which allows the user to move between steps, as well as some details on the
alert dialogs shown during the flow
onfidoPrimaryButtonColor
: Defines the background color of the primary action buttons (e.g. proceed to the next flow step, confirm picture/video, etc),
the color of the text on the secondary action buttons (e.g. retake picture/video) and the background color of some icons and markers during the flow
onfidoPrimaryButtonColorPressed
: Defines the background color of the primary action buttons when pressed
onfidoPrimaryButtonTextColor
: Defines the color of the text inside the primary action buttons
4. Localisation
Onfido Android SDK already comes with out-of-the-box translations for the following locales:
- English (en) :uk:
- Spanish (es) :es:
- French (fr) :fr:
- German (de) :de:
You could also provide custom translations for locales that we don't currently support, by having an additional XML strings file inside your resources folder for the desired locale (e.g. res/values-it/onfido_strings.xml
for :it: translation), with the content of our strings.xml file, translated for that locale.
By default, we infer the language to use from the device settings.
However, you can also use the withLocale(Locale)
method of the OnfidoConfig.Builder
to select a specific language.
Notes:
- If the strings translations change it will result in a MINOR version change, therefore you are responsible for testing your translated layout in case you are using this feature. If you want a locale translated you can also get in touch with us at android-sdk@onfido.com.
- When adding custom translations, please make sure you add the whole set of keys we have on strings.xml.
In particular,
onfido_locale
, which identifies the current locale being added, must be included. The value for this string should be the ISO 639-1 2-letter language code corresponding to the translation being added. Examples:Copy- When adding a translations file inside `values-ru` (russian translation), the `onfido_locale` key should have `ru` as its value. - When adding a translations file inside `values-en-rUS` (american english translation), the `onfido_locale` key should have `en` as its value.
Without this string correctly translated, we won't be able to determine which language the user is likely to use when doing the video liveness challenge. It may result in our inability to correctly process the video, and the check may fail.
Creating checks
As the SDK is only responsible for capturing and uploading photos/videos, you would need to start a check on your backend server using the Onfido API.
1. Obtaining an API token
All API requests must be made with an API token included in the request headers. You can find your API token (not to be mistaken with the mobile token) inside your Onfido Dashboard.
Refer to the Authentication section in the API documentation for details. For testing, you should be using the sandbox, and not the live, token.
2. Creating a check
You will need to create a check by making a request to the create check endpoint, using the applicant id. If you are just verifying a document, you only have to include a document report as part of the check. On the other hand, if you are verifying a document and a face photo/live video, you will also have to include a facial similarity report with the corresponding values: facial_similarity_photo
for the photo option and facial_similarity_video
for the video option.
$ curl https://api.onfido.com/v3/checks \ -H 'Authorization: Token token=YOUR_API_TOKEN' \ -d 'applicant_id=YOUR_APPLICANT_ID' \ -d 'report_names=[document,facial_similarity_photo]'
Note: you can also submit the POST request in JSON format.
You will receive a response containing the check id instantly. As document and facial similarity reports do not always return actual results straightaway, you need to set up a webhook to get notified when the results are ready.
Finally, as you are testing with the sandbox token, please be aware that the results are pre-determined. You can learn more about sandbox responses here.
Note: If you're using API v2, please check out API v2 to v3 migration guide to understand which changes need to be applied before starting to use API v3.
3. Setting up webhooks
Refer to the Webhooks section in the API documentation for details.
Overriding the hook
In order to expose the user's progress through the SDK an hook method must be overridden in the UserEventHandler.kt
object that's stored in the Onfido.kt
interface. This can be done anywhere within your application and might look something like the following:
Java:
Onfido.Companion.setUserEventHandler(new UserEventHandler() { @Override public void handleEvent(@NotNull String eventName, @NotNull Properties eventProperties) { // Your code here } });
Kotlin:
Onfido.userEventHandler = object: UserEventHandler() { override fun handleEvent(eventName: String, eventProperties: Properties) { // Your code here } }
The code inside of the overridden method will now be called when a particular event is triggered, usually when the user reaches a new screen. For a full list of events see TRACKED_EVENTS.md.
The parameters being passed in are as follows:
eventName
: AString
indicating the type of event. This value will always return user's visiting SDK screen name. In the future more event types, such as other user actions inside the SDK screens, may become available for tracking.properties
: AMap
object containing the specific details of an event. This will contain things such as thename
of the screen visited.
Going live
Once you are happy with your integration and are ready to go live, please contact client-support@onfido.com to obtain live versions of the API token and the mobile token. We will have to replace the sandbox tokens in your code with the live tokens.
A few things to check before you go live:
- Make sure you have set up webhooks to receive live events
- Make sure you have entered correct billing details inside your Onfido Dashboard
Cross platform frameworks
We provide integration guides and sample applications to help customers integrate the Onfido Android SDK with applications built using the following cross-platform frameworks:
We don't have out-of-the-box packages for such integrations yet, but these projects show complete examples of how our Android SDK can be successfully integrated in projects targeting these frameworks. Any issue or question about the existing integrations should be raised on the corresponding repository and questions about further integrations should be sent to android-sdk@onfido.com.
Migrating
You can find the migration guide in MIGRATION.md file.
Certificate Pinning
We provide integrators the ability to pin any communications between our SDK and server, through a .withCertificatePinning()
method in
our OnfidoConfig.Builder
configuration builder. This method accepts as parameter an Array<String>
with sha-1/sha-256 hashes of certificates' public keys.
In case you are interested in using this feature, for more information about the hashes, please reach out to us at android-sdk@onfido.com.
Accessibility
The Onfido Android SDK has been optimised to provide the following accessibility support by default:
- Screen reader support: accessible labels for textual and non-textual elements available to aid TalkBack navigation, including dynamic alerts
- Dynamic font size support: all elements scale automatically according to the device's font size setting
- Sufficient color contrast: default colors have been tested to meet the recommended level of contrast
- Sufficient touch target size: all interactive elements have been designed to meet the recommended touch target size
Refer to our accessibility statement for more details.
Getting notified about releases
In case you want to get notified about our releases, feel free to access our Bintray page and click the Watch
button.
Licensing
Due to API-design constraints, and to avoid possible conflicts during the integration, we bundle some of our 3rd party dependencies as repackaged versions of the original libraries.
For those, we include the licensing information inside our .aar
, namely on the res/raw/onfido_licenses.json
.
This file contains a summary of our bundled dependencies and all the licensing information required, including links to the relevant license texts contained in the same folder.
Integrators of our library are then responsible for keeping this information along with their integrations.
Sample App
We have included sample app to show how to integrate the Onfido SDK. Please check out our sample app
API Documentation
Further information about the underlying Onfido API is available in our documentation here.
Support
Please open an issue through GitHub. Please be as detailed as you can. Remember not to submit your token in the issue. Also check the closed issues to check whether it has been previously raised and answered.
If you have any issues that contain sensitive information please send us an email with the ISSUE: at the start of the subject to android-sdk@onfido.com.
Previous version of the SDK will be supported for a month after a new major version release. Note that when the support period has expired for an SDK version, no bug fixes will be provided, but the SDK will keep functioning (until further notice).
Copyright 2018 Onfido, Ltd. All rights reserved.
Change Log
All notable changes to this project will be documented in this file.
The format is based on Keep a Changelog and this project adheres to Semantic Versioning.
Note: If the strings translations change it will result in a MINOR version change, therefore you are responsible for testing your translated layout in case you are using custom translations. More on language localisation
Added
- Public: Added an option to hide the recorded video on the confirmation screen. For more information, please visit our README
Changed
- Public: Renamed most of the localisation keys. Now, names are more explicit in which screens they are being used. Please visit our MIGRATION.md
- Public: Remove duplication in the README file
Changed:
- UI: Changed Onfido watermark design
- UI: Realtime glare detection is disabled for the backside of Romanian national identity card
- UI: Updated auto-capture manual fallback alert
- Internal: Migrated to AndroidX. For more information, please visit our MIGRATION.md
- Internal: Bump OkHttp version to 3.12.12 to avoid potential Android 11 issues
Changed:
- Public: Now using API v3 for communication with the backend
- Internal: Extended basic device information logging to all relevant API requests
Fixed:
- UI: Fixed document template overlay and edge detection message overlapping issue
- UI: Fixed a bug that caused the
no face found
warning to not display on the selfie capture screen - Public: Fixed localization problems on liveness instructions
- Public: Fixed supported folded document types explanation on README
- Public: Fixed a bug that threw
InvalidDocumentFormatAndCountryCombinationException
onNationalIdentityCaptureStepBuilder
andDrivingLicenceCaptureStepBuilder
when configured with country code and document format except CountryCode.FR and CountryCode.IT - Public: Fixed a bug that was causing sending not supported document type property to the Onfido backend.
Added:
- Public: Added
Fragment
support to be able to start the SDK using aFragment
instance - Public: Added integrator defined event hook to allow integrators to collect user analytics
- Public: Added
DocumentCaptureStepBuilder
andFaceCaptureStepBuilder
to createFlowStep
in order to customise SDK flow. For more information, please visit our README.md - UI: Now showing error message when passport MRZ is cut off in captured image
Changed:
- Public: Updated code snippets and descriptions related to API V3 in README
- Public: Changed 'mobile sdk token' expression with 'mobile token' in README to prevent confusion
- Public: Updated full and core SDK implementation code snippets in README
- Internal: Updated the following network libraries on
onfido-api-client
:com.squareup.retrofit2:retrofit:2.1.0 -> com.squareup.retrofit2:retrofit:2.6.4
com.squareup.okhttp3:okhttp:3.3.0 -> com.squareup.okhttp3:okhttp:3.12.8
com.jakewharton.retrofit:retrofit2-rxjava2-adapter-> io.reactivex.rxjava2:rxandroid:2.1.1
- UI: Now using grey Onfido logo with higher contrast for accessibility
- UI: Screen reader order has been changed for better accessibility
- UI: Document guide overlay will be kept on the screen for longer
Deprecated:
- Public: The
CaptureScreenStep
class deprecated. For more information, please visit our MIGRATION.md - Public: The
FaceCaptureStep
class deprecated. For more information, please visit our MIGRATION.md
Added:
- Public:
Face
property added intoCaptures
class - Public: Added
sample-app
directory, in order to show sample usage of the sdk - UI: Added folded document template for French driving license and Italian identity document
- UI: Updated README.md to clarify mobile token usage
Added:
- Public:
DocumentType.GENERIC
type added. For more information, please visit our README.md
Changed:
- UI: Updated README to clarify
APPLICATION_ID
term and how to obtain sandbox token - UI: Manual capture button showed after the user click retake or back button for passport and US DL
- UI: For passports and US Driving Licenses (DL) the manual capture button is shown after the user clicks on retake or on the back button.
- UI: The manual fallback countdown changed
- Internal: Changed token expiration identifier for the
onfido-api-client
Removed
- Public: Removed the
withUSDLAutocapture()
method from theOnfidoConfig.Builder
. The autocapture of the United States' driving license is now enabled by default - Public: Removed applicant creation using the SDK, along with the
withApplicant(Applicant)
method of theOnfidoConfig.Builder
. The applicant should always from now on be created outside of the SDK and its id used to initialise the flowwithApplicant(String)
on theOnfidoConfig.Builder
[4.11.1] - 2019-11-07
Note Changes in this version are the changes applied on v5.0.1 to 4.11.0
Added:
- Internal: Support new token format
- Public: Added certificate pinning support. For more information, please visit our README.md
Added:
- Public: Added the ability to skip the selfie intro screen by adding the
FaceCaptureVariantPhoto
that can be passed as an argument to aFaceCaptureStep
- Public: Added the ability for integrators to specify a
Locale
for the flow to be displayed with, instead of inferring it from the device settings - Public: Added the ability for integrators to enable an "exit when sent to background" mode in the SDK flow through the
exitWhenSentToBackground()
in theOnfidoConfig.Builder
. This mode enforces that the flow will automatically exit through theuserExited()
callback whenever the app is sent to background mid-flow - Public: Added support for preselection of work permit documents, through the
DocumentType.WORK_PERMIT
enum value. This is a beta feature
Fixed:
- Public: Fixed crash when initialising the capture screen and system returned a null camera to the SDK
- Public: Fixed crash in the liveness confirmation screen, related with the usage of a vector drawable as the background of a button
- Public: Fixed a crash when initialising the capture screen and we are not able to retrieve the camera parameters from the system
- Public: Fixed crash happening when the activity
android:label
property is required to be non-blank
Fixed:
- Public: Fixed crash when the SDK was wrongly doing operations with unknown request codes when transitioning from the capture screen to the flow screen
- Public: Fixed crash when the SDK tries to access a view after the app was sent to background
- Public: Fixed a crash when uploading the liveness video when the filename contains characters not supported by OkHttp
- Public: Fixed a crash happening when face detection or tracking started on a device/emulator without Play Services
- Public: Fixed a crash when reporting an error during the video recording back to the user while the error callback is
null
- Public: Fixed crash when checking for front camera support for selfie/video purposes throws a
RuntimeException
- UI: Fixed the issue of text getting cropped when going over 2 lines in bullet views. The text can now go up to 3 lines and shows an ellipsis if the content is longer than that.
Added:
- Public: Added the ability to preselect just a document type, without specifying any info about the country of origin nor ask the user to select it
- UI: Added video review feature after live video recording
- UI: Added face detection and automatic recording on liveness capture
- UI: Added live face tracking during liveness challenges recording
Changed:
- UI: Revamped liveness control buttons to provide a more explicit and easy to follow flow
- Internal: Simplified analytics by removing lifecycle-aware events
- Internal: Improved the repackaging method for our 3rd party dependencies
- Internal: Updated the map for the supported countries for each document
Added:
- Public: Added the ability to customise action buttons and icons colors
- Public: Added instructions for integrators to get notified about releases
- UI: Added permission request and recovery screens for camera and microphone permissions
- Internal: Now bundling Proguard rules with the SDK, removing the need for the host application to specify those rules for themselves
Changed:
- UI: Revamped flow final screen
- UI: Revamped the flat action button according to a new, more accessible design specification
- UI: Revamped liveness control buttons to provide a more explicit and easy to follow flow
- Internal: Changed our analytics solution from an external provider to an in-house service
Fixed:
- Public: Fixed a crash happening when the host app forces a support library version below ours
27.1.0
- UI: Fixed a bug which allowed users to dismiss the bottom sheet on the country selection screen
- UI: Fixed a bug of misalignment of video capture instructions happening when a longer than usual custom translation is provided
- UI: Fixed a bug which caused a crop on the document validation bubble when non-regular font sizes are set
Fixed
- Public: Fixed bug which caused an unexpected behaviour when pressing back during a preselected document as first flow step
- Public: Fixed bug causing a crash when an unexpected error body is returned from the API
- UI: Fixed bug during autocapture causing the information bottom sheet to enter an inconsistent state whenever the app was sent to background after the manual fallback threshold was triggered
Added
- Public: Added post capture barcode detection for United States driving license captures
- Public: Added
strings.xml
as a public file, in order to enable custom localisation. More information can be found in our README.md - Public: Added out-of-the-box Portuguese (
pt
) translation
[4.0.0] - 2018-04-23
Note: This version contains breaking changes and is not backwards-compatible. Migration notes can be found in MIGRATION.md
[3.0.0] - 2018-04-05
Note: This version contains breaking changes and is not backwards-compatible. Migration notes can be found in MIGRATION.md
Added
- UI: Added post capture blur detection for every document type
- UI: Added zoom & pan feature for document and face on confirmation screen
- Public: Added cross platform frameworks section in README.md
- Public: Added support for Singaporean residence permits as identity documents
- Public: Added
onError(OnfidoException exception, Applicant applicant)
callback on theOnfido
interface, used to track flow completion
Changed
- UI: Changed confirmation screen layout and buttons
- UI: Refactored colours across UI elements on the whole flow.
- Internal: Upgraded API client to make use of enhanced document detection feature on backend
- Internal: Restricted support for TLS 1.2 only on every network call, improving communication security
Fixed
- Internal: Fixed crash on returning from the capture screen to the country list and to the document selection right after
- Internal: Fixed crash occasionally happening when closing the camera view (https://github.com/onfido/onfido-android-sdk/issues/12)
- Internal: Fixed crash when requesting focus repeatedly on capture screen
- Internal: Fixed crash occasionally happening when opening the camera view (https://github.com/onfido/onfido-android-sdk/issues/10)
- Internal: Fixed crash occasionally happening when starting the camera preview (https://github.com/onfido/onfido-android-sdk/issues/11)
- Internal: Fixed crash occasionally happening when the host app background process is killed while the SDK was running (https://github.com/onfido/onfido-android-sdk/issues/9)
[2.0.0]
Note: This version contains breaking changes and is not backwards-compatible. Migration notes can be found in MIGRATION.md
Added
- Public: Added
FaceCaptureStep(FaceCaptureVariant variant)
, which is a custom object to add a face capture step to the flow, with a variant of eitherFaceCaptureVariant.PHOTO
orFaceCaptureVariant.VIDEO
. Currently, the previousFlowStep.CAPTURE_FACE
is still available and is equivalent tonew FaceCaptureStep(FaceCaptureVariant.PHOTO)
- UI: Added new video face capture screen as an alternative to photo face capture screen
- Permissions: We now require the
android.permission.RECORD_AUDIO
permission, in order to capture audio from video Face captures - UI: Added Spanish translation
[1.0.0]
Note: This version contains breaking changes and is not backwards-compatible. Migration notes can be found in MIGRATION.md
Added
- Public: Added a
Captures
object on theuserCompleted()
callback method, which contains information about the document captures made during the flow - Internal: Added two parameters,
sdk_source
andsdk_version
, specifying the sdk name and version to every document or face upload calls using the API
Changed
Public: Deprecated
MESSAGE_IDENTIFY_VERIFICATION
FlowStep
, since it is too specific for the purpose of the SDK, which should stay as generic as possiblePublic: Changed the default flow, accessible through
FlowStep.getDefaultFlow()
to include a welcome step, also accessible asFlowStep.WELCOME
Public: Document capture step, accessible through
FlowStep.CAPTURE_DOCUMENT
now features 3 different screens. First, a document type selection screen is shown, followed by a country selection screen for the document origin country to be chosen. Finally, the camera screen for the document capturePublic: Redesign of the message screen which results from a
MessageScreenStep
Internal:
FlowStep.WELCOME
andFlowStep.MESSAGE_FACE_VERIFICATION
now have a bullet points layout with new copyInternal: Added a toolbar as part of the flow UI, with a title describing the current step and the ability to return to the previous step
Internal: Added bottom sheet on Country Selection screen showing instructions for when the user can not find the origin country of his/her document
Internal: Updated Kotlin version to
1.1.1
Fixed
- Internal: Crash on NullPointerException when trying to upload document which came as
null
from the camera. Anull
check is now performed after the picture is taken, and an error message is shown in case it isnull
- Internal: If country and document type selected is India and national id card, only the front of the document will be asked of the user. There was a mistake where this behaviour was happening with the driver's license instead.
Removed
- Public: Removed
FlowStep.MESSAGE
step. Developers should add aMessageScreenStep(String title, String subtitle, String nextButtonText)
to a custom flow instead, specifying which information they want to show on the screen. - Internal: Removed unused
.png
drawables - Internal: Removed unneeded
theme
from the<application>
tag, which could cause conflicts with the host app'stheme
Fixed
- Internal: Crash On RuntimeException for "Could not find requested camera". A message is now presented to the user in such cases, letting him know the camera is not available.
- Internal: Crash On RuntimeException for "takePicture failed". A message is now presented to the user when this happens.
- Internal: Crash on IllegalArgumentException for "meteringAreas is invalid NumFocusAreas must < 4". For devices that have a limit on the number of areas a safeguard clause was added to the code.
Fixed
- Public: Fixed a bug on the confirmation screen where button layout would break when font size was set to the highest size
- Public: Fixed a bug which caused the capture and confirmation screens camera view aspect ratio to be different
- Public: Fixed a bug happening when an upload error had no hash to be parsed
Added
- Public: introduced allowMetrics, which allows the developer to choose whether SDK-only metrics may be taken.
- Public: introduced CaptureScreenStep, which allows preselection of the document type on the flow configuration, hiding the document type selection view during the flow.
- Public:
createIntent
was undeprecated, this is helpful when initiating the sdk from fragments.
Fixed
- Public: Crash bug fixed when the user denies camera permission.
- Internal: Fixed crash bug caused when the main activity got recreated and its applicant became null, which caused exceptions.
- Internal: Fixed the crash problem when another appp is using the camera in the background and the user opens the capture step at the same time. This fix informs the user of the problem, in hope the user will correct the situation.
Added
- Internal: A confirmation step shows up before sending the photo for validation.
- Public: Added both
withBaseUrl(String)
andwithToken(String)
, which allow to customize the base url used when communicating to the backend and the possibility to set the authorization token used when communicating with said back-end.
Fixed
- Public: Removed the colorAccent resource, which was causing dialog buttons to disappear.
- Internal: Auto focus before capture has been removed, due to problems found on some devices.
- Internal: Fixed crash on devices without flash mode.
- Internal: Removed unused image assets.
- Internal: autoFocus crash bug exception fixed.
- Internal: Fixed null pointer exception crash when focus mode gets reverted in certain scenarios.
Added
- Public:
startActivityForResult(Activity, int requestCode, OnfidoConfig)
andhandleActivityResult(int requestCode, int resultCode, Intent, OnfidoResultListener)
have both been added to simplify the callback process. - Public:
createIntent(OnfidoConfig, int requestCode)
has been added to replacecreateIntent(OnfidoConfig config)
Removed
- Public: The check is no longer initiated by the sdk.
extractCheckResult(Intent)
has been removedOnfidoConfig#withAsyncCheck(boolean)
andOnfido#withSyncWaitTime(int)
have been removed since they are related to check initiationFlowStep.SYNC_LOADING
has been removed as one of the possible steps.
- Public: The deprecated
withCustomFlow(FlowAction[])
has been removed
Added
- Capture Screen: Continuous Focus Mode is now always active.
- Capture Screen: It's possible to trigger a manual auto focus cycle by tapping on the screen.
- Capture Screen: A manual auto focus cycle is triggered before taking a picture.
- Capture Screen: Added an exposure metering area equal to the rectangle that encompasses the overlay shape.
Fixed
- Capture Screen: Corrected the size and ratio of the camera preview and improved its resolution, notable effect on the face capture screen.
- Capture Screen: Removed copy that said an automatic capture would be triggered.
- Fixed a crash bug that happened whenever the user pressed back going from the face to the document capture screen in one go.
- Fixed a bug that did not permit the camera to be used by other apps when the sdk was running in the background.
Added
- Breaking: Fabric is now included in the library in order to log crashes, this might require changes in the build process.
- Public: It's now possible to customize the SDK flow although with some restrictions.
- Public: It' now possible to include customizable information screens anywhere in the flow.
Fixed
- Build: Gradle script now supports proper publishing
- UI: Date picker now has a max date
- UI: Date picker style is now consistent with the other input fields (First and last name)
- UI: Date format is now displayed according to the device regional settings
- UI: Fixed the zooming of the face capture, it's now properly centered
- UI: Fixed the button radius, changed it according to UI spec
Breaking changes
- Updated to OkHttp4. In order to prevent runtime issues due to library conflicts, the host app must match the major version of the OkHttp.
Changed Strings:
- ⚠️ Most of the localisation keys have been renamed. If you have customised any of the Onfido SDK's strings in your project, you may use migrate-keys.rb script and key mapping file key_migration_7_3_0_mapping.json to migrate from 7.3.0 to 7.4.0
migrate-keys.rb --files-path <app/src/main/res/> --platform android --key-mapping-file key_migration_7_3_0_mapping.json
#####before
#####after
Breaking changes
- Migrated to AndroidX. If your app hasn't completed AndroidX migration yet, please see AndroidX Migration.
Breaking changes
- Removed out-of-the-box Portuguese (
pt
) translation. If you would like to keep supporting Portuguese by providing your own XML files, please see README - SDK will return
DocumentType.UNKNOWN
to mirror the Onfido API response as part of theCaptures
object which is provided byhandleActivityResult
ifresidence permit
orgeneric
is selected
#####before
#####after
#####before
#####after
Added strings:
onfido_italian_id_capture_title
onfido_french_driving_license_capture_title
onfido_folded_paper_option
onfido_plastic_card_option
onfido_driving_license_type_selection_title
onfido_national_identity_type_selection_title
onfido_folded_paper_front_capture_title
onfido_folded_paper_front_capture_subtitle
onfido_folded_paper_back_capture_title
onfido_folded_paper_back_capture_subtitle
onfido_folded_paper_confirmation_title
onfido_upload_photo
onfido_retake_photo
Breaking changes
- Removed
OnfidoCertificatePinningSettings
class which hasONFIDO_API
parameter to provide root certificate's hash value. For more information, please visit our README.md
Added strings:
onfido_accessibility_camera_document_capture_view
onfido_accessibility_face_confirmation_view
onfido_accessibility_document_confirmation_view
onfido_accessibility_liveness_confirmation_view
onfido_accessibility_video_preview_recorded
onfido_accessibility_liveness_digits
onfido_accessibility_liveness_move
onfido_accessibility_then
onfido_accessibility_liveness_left
onfido_accessibility_liveness_right
onfido_accessibility_liveness_play_pause
onfido_accessibility_take_picture
Deprecation
- The
withApplicant(String)
and thewithToken(String)
methods are deprecated from theOnfidoConfig.Builder
, we now recommend that create a SDK Token on your backend which containsapplicantId
and usewithSDKToken(String)
method to initialise the OnfidoConfig
Before
The initialisation of the SDK by passing the applicant ID and the (static) mobile token:
val OnfidoConfig config = OnfidoConfig.builder() .withToken("YOUR_MOBILE_TOKEN") .withApplicant("YOUR_APPLICANT_ID") .build();
or if you were using the deprecated withApplicant(Applicant)
method:
val applicant = Applicant.builder() .withFirstName("Your first name") .withLastName("Your first name") .build() val onfidoConfig = OnfidoConfig.builder() .withApplicant(applicant) .withToken("YOUR_MOBILE_TOKEN") .build();
The SDK callback where the Applicant
type object was passed:
@Override protected void onActivityResult(int requestCode, int resultCode, Intent data) { ... onfido.handleActivityResult(resultCode, data, new Onfido.OnfidoResultListener() { @Override public void userCompleted(Applicant applicant, Captures captures) { //communicate with your backend and initiate the check } @Override public void userExited(ExitCode exitCode, Applicant applicant) { //User left the sdk flow without completing it } @Override public void onError(OnfidoException exception, @Nullable Applicant applicant) { // An exception occurred during the flow } }); }
After
Neither the (static) mobile token nor the Applicant ID are expected anymore, you are now expected to pass the SDK token which is generated by calling the Onfido API:
val sdkToken: String = createSdkToken() // https://github.com/onfido/onfido-android-sdk/blob/master/README.md#41-sdk-token val onfidoConfig = OnfidoConfig.builder(context) .withSDKToken(sdkToken) .build()
The SDK callback no longer passes an Applicant
object:
@Override protected void onActivityResult(int requestCode, int resultCode, Intent data) { ... onfido.handleActivityResult(resultCode, data, new Onfido.OnfidoResultListener() { @Override public void userCompleted(Captures captures) { //communicate with your backend and initiate the check } @Override public void userExited(ExitCode exitCode) { //User left the sdk flow without completing it } @Override public void onError(OnfidoException exception) { // An exception occurred during the flow } }); }
Added strings:
onfido_label_doc_type_work_permit_up
onfido_message_side_document_front_generic
onfido_message_side_document_back_generic
onfido_message_check_readability_subtitle_generic
onfido_message_document_capture_info_front_generic
onfido_message_document_capture_info_back_generic
onfido_confirm_generic_document
Added Strings:
onfido_label_doc_type_visa
onfido_label_doc_type_visa_up
onfido_message_document_visa
onfido_message_check_readability_subtitle_visa
onfido_confirm_visa
onfido_liveness_intro_subtitle
onfido_liveness_intro_step_1_title
onfido_liveness_intro_step_2_title
onfido_liveness_intro_loading_video
onfido_reload
onfido_unable_load_unstable_network
onfido_unable_load_offline
Removed strings:
onfido_next
onfido_liveness_intro_title
onfido_liveness_intro_subtitle_1_action
onfido_liveness_intro_subtitle_2_actions
onfido_liveness_intro_subtitle_some_actions
onfido_liveness_intro_third_subtitle_1_action
onfido_liveness_intro_third_subtitle_2_actions
onfido_liveness_intro_third_subtitle_some_actions
onfido_liveness_challenge_open_mouth_title
onfido_liveness_challenge_next
onfido_liveness_challenge_stop
onfido_stop
onfido_liveness_challenge_recording
onfido_video_recorded
onfido_camera_access_recover_instructions_subtitle
3.0.0
-> 4.0.0
- Changed the
Applicant
parameter on theuserCompleted(Applicant applicant, Captures captures)
callback to be a non-nullable field, meaning that we guarantee this field will always contain information about the applicant whenever this callback is called. Any null check being applied may now be deleted. - Changed the
Applicant
parameter on theonError(OnfidoException exception, @Nullable Applicant applicant)
callback to be a nullable value, meaning that depending on the error originating the callback, the applicant details might benull
. Therefore, developers should add the correspondent null check before accessing its information.
2.4.0
-> 3.0.0
Added
onError(OnfidoException exception, Applicant applicant)
method on theOnfido
object, used to get the result of the identity verification flow. This callback will be called whenever an exception that the end-user should not be able to overcome by itself occurs during the flow. The new method should be implemented and the exception handled accordingly.Upgraded our infrastructure and SDK client SSL configurations to support TLSv1.2 only. According to the relevant Google documentation, this support comes enabled by default on every device running Android API 20+. In case you need to support devices older than that in your integration with the Onfido Android SDK, we need to access Google Play Services to install the latest security updates, which enable this support. As such, if you don't use Google Play Services on your integration yet, we require you to add the following dependency:
gradleCopycompile ('com.google.android.gms:play-services-base:x.y.z') { exclude group: 'com.android.support' // to avoid conflicts with your current support library }
Breaking changes
- Removed the
allowMetrics(boolean)
method from theOnfidoConfig.Builder
object. Every call to this method should be deleted - Removed the previously deprecated
FlowStep.MESSAGE_IDENTIFY_VERIFICATION
enum instance, as it was too specific for our generic flow intentions. Every previous inclusion of this object on a flow should be replaced by a customMessageScreenStep