Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.fingerprint.com/llms.txt

Use this file to discover all available pages before exploring further.

If you have the Open Client Response enabled on your account, you can unseal the identification result response from Fingerprint API in your custom proxy integration.
Missing mobile SDKs supportOpen client response is only supported in the Fingerprint JavaScript agent for now. The iOS and Android SDKs currently do not support open client response.

Using a Server SDK

If your proxy integration’s runtime allows you, we recommend using one of our server-side SDKs to unseal the result.

Using a custom implementation

If the runtime limitations of your proxy integration prevent you from using our server-side SDK, you will need to write the implementation to unseal the result yourself. Adjust your proxy function for the identification request like this:

1. Parse the response text and JSON

Parse the text and JSON from the identification response: 
const identificationResponse = await fetch(identificationUrl, {
  headers: headers,
  method: "POST",
  body: await request.blob(),
})

// Get the response contents
const identificationResponseText = await identificationResponse.text()
const identificatonResponseJson = JSON.parse(identificationResponseText)

const data = await unsealData(identificatonResponseJson.sealedResult)

2. Unseal the result

Unseal the contents of the sealedResult according to the Sealed client results guide. 
// This example uses the "@noble/ciphers" package which provides encryption API
// that works in environments where the Node.js "crypto" library is not available
import { gcm } from "@noble/ciphers/aes"
import { inflateRaw } from "pako"

const SEALED_HEADER = new Uint8Array([0x9e, 0x85, 0xdc, 0xed])

// Utility function that converts base64 string to Uint8Array
function base64StrToUint8Array(str: string) {
  const binary = atob(str)
  const data = new Uint8Array(binary.length)

  for (let i = 0; i < binary.length; i++) {
    data[i] = binary.charCodeAt(i)
  }

  return data
}

// Function that decrypts sealed data using AES-256-GCM
function decrypt(sealedData: Uint8Array) {
  // Get the decryption key generated in the Fingerprint dashboard
  const decryptionKey = base64StrToUint8Array(process.env.DECRYPTION_KEY)

  const nonceLength = 12
  const nonce = sealedData.slice(
    SEALED_HEADER.length,
    SEALED_HEADER.length + nonceLength,
  )
  const ciphertext = sealedData.slice(SEALED_HEADER.length + nonceLength)

  const aes = gcm(decryptionKey, nonce)
  const data = aes.decrypt(ciphertext)
  const decompressed = inflateRaw(data)

  return new TextDecoder().decode(decompressed)
}

async function unsealData(rawSealedData: string) {
  try {
    const sealedData = base64StrToUint8Array(rawSealedData)
    const result = decrypt(sealedData, key)
    return JSON.parse(result)
  } catch (e) {
    console.error("failed to unseal data", e)
    return null
  }
}
Note: The example above uses TypeScript for better readability. Remove type annotations if you want to adapt it for JavaScript.

3. Use the unsealed result and forward the original text response

Process the unsealed result and return the identification response text to the JavaScript agent without modifying it: 
const data = await unsealData(identificatonResponseJson.sealedResult)

if (data) {
  processResponseData(data)
}

return new Response(identificationResponseText, {
  status: identificationResponse.status,
  statusText: identificationResponse.statusText,
  headers: identificationResponse.headers,
})
If you have any questions, please contact our support team.