GBG Developers

Guides   |   Introduction


Introducing GBG Identity Solution

Identity verification from GBG offers security, and exciting new revenue generation opportunities to businesses worldwide. As businesses expand, create new services or accept new customers, and as regulations change or customers demand better identity-related services, GBG Identity Solution can be rapidly integrated to enable these opportunities.

The GBG Identity Solution platform gives you access to a wide range of checks and reference data sets, and helps you to ensure your on-boarding and identification processes are both legally compliant, and as frictionless as possible.

GBG Identity Solution offers a suite of functionality to build new solutions, expand into new markets, improve security and compliance, and to increase revenue. Identity Solution is the engine that powers billions of personalized lookups every year, helping your customers to maintain their trust in you and delighting them with innovative new solutions.

GBG Identity Solution: How does it work?

Underlying GBG Identity Solution is a collection of thousands of databases with billions of aggregate entries, and an engine that can chain and analyse results to form an intelligent real-time response to real-world input such as images and video, document data and fragments of information concerning humans and locations. The underlying chain of database checks and algorithms is called a journey or profile, and it greatly simplifies integration of Identity Solution to meet any specific business needs and customer handling or machine-to-machine (M2M) workflows. As needs change, additional journeys or profiles can be used, so that they are always precisely in step with your requirements and software.

For developers working with enabling their applications for Identity Solution, the Application Programming Interface (API) flow is always user-centric. The APIs will not restrict the developer to particular customer handling workflows. The way this works is by using a consistent identifier for a person across multiple checks. Identity Solution builds a combined score for that person and provides you with a final result of Pass, Fail, or Refer based upon the checks that have been performed. This gives you the flexibility to decide on how to handle that customer. For example, a customer that completes your verification journey with a Pass result might go straight through and gain access to your application or service, while a user that gets a Refer result could be handed over to an investigations team before they will be allowed access.

GBG Identity Solution does not enforce the order in which you make checks against your customers’ data. This means it can adapt to fit with any user experience you want to create. Identity Solution fits to your journey, it doesn't dictate its own.

Benefits for developers

  • No unusual software or network requirement - GBG Identity Solution runs in the cloud and is accessed with an Application Programming Interface (API) using secure HTTP or a software development kit (SDK) for iOS, Android or Web applications. Any software platform or programming language can be used with the API and your application can be local or in the cloud, using any provider platform
  • Multiple authentication and authorization methods, optimized for Machine-to-Machine (M2M) using a username and password, and browser-based apps using Single Sign-On (SSO) techniques
  • Consistent, well-established API implementation using standards-based HTTPS, OpenAPI format interfaces, plain text (JSON), and standards-based image encoding in HTML requests
  • Software Development Kits (SDKs) for fast web and mobile app integration
  • Online Browser-based tools for instant verifications with no coding required
  • Fully-Featured – use the same authorization for all verification requirements (including verification queries using data fragments, document images and video)
  • Consistent Schema - from one API to another, the same models and schema are used. This greatly simplifies building a collection of verification checks
  • Easy Auditing not only allows for checking of every person through GBG Identity Solution, but it also provides for verifying the integrity of the application. By adding an identifier (i.e. person-id) to your internal records, you can easily determine what checks were performed and review the results of those checks

How to get started

See the next topics in the Getting Started instructions for more detail, but in a nutshell the process is:

  1. Contact GBG and provide (along with a few general pieces of information) one essential piece of information, which is the Uniform Resource Locator (URL) of your own, or your identity provider’s, Single Sign-On or OAuth OpenID Connect service.
  2. Use Delegated Authentication (M2M or Single Sign-On) or a Pre-Generated Token to obtain an IDP Access Token (it is in a Javascript Web Token or JWT format, although that’s not necessary to know). This is detailed in the Authentication Methods section, Message detail for SSO and Python demo with M2M authentication.
  3. Perform Authorization: Send a HTTP request in your code to exchange the IDP Access Token for a GBG Access Token. The GBG Access Token is also in JWT format.
  4. Make API calls and supply the GBG Access Token. You can use any of the APIs in any order, the flow is up to you. The important thing is the person identifier (person-id) field. Your first request will generate a person identifier for you, and this should then be supplied with each subsequent call. Using the person identifier will allow GBG Identity Solution to tie all of your requests to a single person, and allow for things like combined scoring and triangulation to work correctly. Eventually the token will expire, and you’ll need to retrieve a new token to make additional API calls
  5. Use the combined verification result in your application. For each API call, GBG Identity Solution will provide you with a combined result including all of the verification requests up to and including the current request. Therefore the response to your final request will contain your final combined decision. Your applications and processes can use this to decide how to support your customer!


The table here shows the stages required to make verification requests. Use the left-side menu to navigate through to see how to perform Authentication, Authorization and Verification Requests.