LogoLogo
  • fidentity public documentation
  • Dashboard
  • API
    • Authentication documentation
    • Create a new fidentity process
    • Update a new document for signature
    • URL Management and authentication
  • Use Cases
    • QES
      • Variations
        • Main
        • Split
        • Single run
      • Verification methods
      • QES System URLs
      • Sign hashes
    • SimpleIdent
      • Process steps
      • System URLs
  • Others
    • Compatibility
    • Incident management
    • Release Management
      • Feature Preview
      • Patch Releases
      • Release Notes
        • May 2025
        • April 2025
        • March 2025
        • February 2025
        • January 2025
        • December 2024
        • November 2024
      • Major Releases
    • Change Management
    • Passkeys
    • Custom Domain
    • Dashboard SSO
    • Compliance
      • finma RS2016/7
      • VSB20
      • TAV BAKOM
      • ETSI 119 461
Powered by GitBook
On this page
  • Is there a rate limit?
  • Is it possible to generate a new URL for the same process?
  • Can the URL of the identity process only be retrieved via this POST interface?
  • Can the GET functions redisplay the URL?
  • Do you provide a long living accessToken?
  • What is the expected renewal process for the authentication token?
  • Is there a way to retrieve the data after data retention?
  1. API

URL Management and authentication

Is there a rate limit?

You are only allowed to call authentication once per minute (from the same IP). The limit for the requests are set for two requests per second.

For your implementation, please consider:

  • Cache JWT token

  • Don’t run test scripts against our API

  • Don’t poll our endpoints to check for state changes

Is it possible to generate a new URL for the same process?

Yes, a new call with the same extId resets the process and generates a new URL.

Can the URL of the identity process only be retrieved via this POST interface?

Yes

Can the GET functions redisplay the URL?

No

Do you provide a long living accessToken?

For security reasons, we don’t provide a long living accessToken, but a long living one time token (14 days). And as soon as the process is started by the customer, he gets an accessToken (valid four hours) to complete the process. As soon as the user clicks on the link three times, he is redirected to the errorUrl on the fourth call.

What is the expected renewal process for the authentication token?

Automated renewal process based on the expiry time.

Is there a way to retrieve the data after data retention?

No

Last updated 10 months ago

Page cover image