Overview
The UAE KYC Toolkit integrates into your existing channels (web and mobile) through a secure, token-based flow. This page explains the main building blocks so you know where UAE KYC fits in your architecture before diving into the details. For a step‑by‑step sequence diagram, see the Communication Flow.Key Components
Main actors
| Component | Role |
|---|---|
| Client Application | Your web or mobile front‑end where users start KYC journeys |
| Client Backend Server | Authenticates requests and calls UAE KYC APIs |
| Client Proxy / Gateway | Optional reverse proxy/WAF layer that enforces access policies (for example, iRules) and forwards traffic to UAE KYC |
| Secure Channel | MPLS / VPN / whitelisted IP ensuring traffic stays on approved paths |
| UAE KYC (ICP Server) | UAE KYC platform that hosts SDKs, runs checks, and stores results |
High-level integration flow
-
Initiate a journey
- Your backend calls the Create Journey API.
- UAE KYC returns a short‑lived journey token.
-
Launch the SDK
- Your web or mobile app initializes the UAE KYC SDK using the journey token.
- The SDK connects securely to UAE KYC using the configured FQDN and network path.
-
Complete verification & fetch results
- The user completes the journey in the SDK (documents, biometrics, checks).
- Your backend retrieves results using:
Security at a glance
- Network: All traffic runs over your approved secure channel (MPLS, VPN, or IP whitelisting).
- Transport: HTTPS with SSL termination within your environment or proxy.
- Tokens: Short‑lived journey tokens help prevent replay and limit exposure.
- Proxy / Gateway: Optional reverse proxy adds an extra control layer between your systems and UAE KYC.
- WAF / gateway policies: Clients typically enforce hostname and path rules (for example, iRules) at the edge to ensure UAE KYC traffic stays on the approved route.