Logging
iProov recommends logging the following as part of your API implementationn:
- Error codes and failure reasons
- Retry state and attempts
- For every transaction:
- Resource ID
- Tokens
- User ID
- Validate result
- User device or browser
- SDK version
Store tokens and results iProov strongly recommends persisting all of the following data elements:
| Value | Source | Persistence type | Description |
|---|---|---|---|
| token (enroll and verify) | POST /claim/enrol/token POST /claim/verify/token | - Audit logging -Transient storage for client SDK and validate operations. | The token provided is used to launch the client SDK. |
| user_id | Generated by your system. | Store with user record. | - |
| Retry count | iProov recommends a maximum of 3 retry attempts. This may be different depending on your contract. | - Audit logging - Transient for operation. | The number of permitted Genuine Presence Assurance® (GPA) and Liveness Assurance™ (LA) user attempts. |
| Validated result | POST /claim/enrol/validate POST /claim/verify/validate | - Store with the user record. - Audit logging | The verified transaction outcome. For GPA and LA the validate requests are one time transactions and the results must be stored. |