iOS SDK
How It Works?
Register your app at https://verifykit.com and get your client keys and server key.
Add VerifyKit SDK to your app
Configure and start VerifyKit SDK
When verification is complete, send sessionId which VeriyfKit SDK gives you to your backend service.
At your server side, get user's phone number from VerifyKit service with serverKey and sessionId. You can check Rest Api Docs.
IMPORTANT NOTE
ServerKey is used for getting info from VerifyKit service.
Please keep ServerKey safe. Do not include it in your client's code base.
VerifyKit Flow

Installation
Requirements
Xcode 11.0+
iOS 10.3+
CocoaPods
You can install framework via CocoaPods.
pod 'VerifyKit'
Configure Info.plist
To successfully use the framework, you need to add VerifyKitKey
and VerifyKitSecret
to your plist file. This step is mandatory.
To open a third party messaging app from your application, you need to add their url schemes to LSApplicationQueriesSchemes
key in your plist file. After iOS14, to open Associated Domain URLS in a device which uses a different default browser then Safari, you also need to add https
as url scheme.
Open your Info.plist as source code and insert the following XML snippet into the body of your file just before the final dict
element.
<key>VerifyKitKey</key>
<string>{your-verifykit-key}</string>
<key>VerifyKitSecret</key>
<string>{your-verifykit-secret-key}</string>
<key>LSApplicationQueriesSchemes</key>
<array>
<string>whatsapp</string>
<string>telegram</string>
<string>viber</string>
<string>https</string>
</array>
Deep Link
After a successful validation with a third party messaging app, the user needs to return to main app. If your application has an Associated Domain, we can add a deeplink to our message for easy and quick redirect.
If you support Associated Domains, please fill out Deeplink field at VerifyKit portal with your domain.
If you don't support Associated Domains, you can enter a custom link with your application's url scheme to Deeplink field, like yourapp://welcome. However, some messaging apps doesn't recognize url schemes as clickable links, so quick redirect may not work in this scenario.
Usage and Configuration
You can get the result via VerifyKitDelegate
protocol.
VerifyKit only dismisses viewControllerForLogin()
automatically when didSuccess
delegate is called.
To give user a chance to try other validation methods or to start again, viewControllerForLogin()
doesn't get dismissed on didFail
. If you want to dismiss it on some specific error type, you can do that manually.
import VerifyKit
let kit = VerifyKit()
let viewController = kit.viewControllerForLogin()
self.present(viewController, animated: true, completion: nil)
viewController.kitDelegate = self
extension ViewController: VerifyKitDelegate {
func didSuccess(with sessionCode: String) {
print("VerifyKitDelegate didSuccess with sessionCode:(sessionCode)")
}
func didFail(with error: VerifyKitError) {
print("VerifyKitDelegate didFail with error:(error)")
}
}
// configuration
let options = VerifyKitOptions(logActive: true)
let kit = VerifyKit(options: options)
Objective-C
#import "ViewController.h"
@interface ViewController () <VerifyKitObjCDelegate>
@end
@implementation ViewController
- (void)viewDidLoad {
[super viewDidLoad];
// Do any additional setup after loading the view.
VerifyKitOptions *options = [[VerifyKitOptions alloc] initWithEnvironment: VerifyKitEnvironmentDebug logActive: YES deviceID: nil];
VerifyKitInstance *kit = [[VerifyKitInstance alloc] init];
UIViewController<VerifyKitObjCViewController> *controller = [kit viewControllerForLogin_objC];
[controller setKitObjCDelegate: self];
[self presentViewController:controller animated:YES completion:nil];
}
- (void)didFailWith:(VerifyKitNSError * _Nonnull)nsError {
NSLog(@"%@", nsError.localizedDescription);
}
- (void)didSuccessWith:(NSString * _Nonnull)sessionCode {
NSLog(@"%@", sessionCode);
}
@end// Some code
Interrupted Session
There may be a case when user chooses a third party messaging app for validation, sends a message, but doesn't return to main app and kills it. In that case, that user is verified with VerifyKit but the main app doesn't know it yet.
To fix this, we have a method to check interrupted session status. Using this method is optional and up to you.
VerifyKit will handle the interrupted verification even if you don't implement this method.
VerifyKit.checkInterruptedSession { [weak self] sessionCode in
guard let sessionCode = sessionCode else {
// Start VerifyKit flow or do what your app needs
return
}
// You have an interrupted sessionCode from last time.
// Tell your API.
print("sessionCode (sessionCode)")
}
For Objective-C
[VerifyKitInstance checkInterruptedSessionWithCompletion:^(NSString * _Nullable sessionCode) {
if (sessionCode == nil) {
// Start VerifyKit flow or do what your app needs
} else {
// You have an interrupted sessionCode from last time.
// Tell your API.
NSLog(@"sessionCode %@", sessionCode);
}
}];
VerifyKitOptions Struct
You can change the settings declared in VerifyKitOptions
struct.
public struct VerifyKitOptions {
var environment: VerifyKitEnvironment = .debug // default
var logActive: Bool = true // default
var deviceID: String? // optional
var countryCode: String? // optional ("US")
var phoneCode: String? // optional ("1") or ("+1")
var phoneNumber: String? // optional ("1234567890")
}
public enum VerifyKitEnvironment {
/// Stage environment for debug
case debug
/// Production environment for distribution
case release
}
If the host application wants to let the user input their phone number and then pass it to the SDK, it can be done using the countryCode
, phoneCode
and phoneNumber
parameters.
Other Notes
Before your app release, please change the VerifyKitEnvironment to 'release' instead of 'debug'. This product includes software(CyrptoSwift) developed by Marcin Krzyzanowski.
Backend Integration
When the verification is complete, in order to get information of the verified user, you should integrate with VerifyKit Rest API. After receiving the sessionID variable from the Web SDK, you can fetch your client's data, such as phone numbers , from VerifyKit Rest API service.
This integration requires a ServerKey token that is unique to your application in VerifyKit and used as both an identifier and a security measure. For this reason, you have to use your ServerKey token in backend integration. You can not use ServerKey on your client-side.
For further info on how to integrate this part please click here.

Last updated