Application
The Applications page is where you configure key settings and credentials needed to interact with our Public API and Webhooks. This guide will walk you through creating and managing applications:
Last updated
The Applications page is where you configure key settings and credentials needed to interact with our Public API and Webhooks. This guide will walk you through creating and managing applications:
Last updated
You can create new and manage existing applications through the Applications section in Workplace:
As soon as your application is created you can open it anytime and get the details required for further integration.
Each application contains essential parameters for API authentication, webhook integration, and user redirection:
Purpose: The unique name used to identify your application.
Usage: This field is mandatory and must be filled in when creating an application. Choose a name that clearly represents your application’s purpose.
Purpose: Provides additional context about the application.
Usage: This field is optional but can be used to store notes or details about the application's purpose, functionality, or integration details.
Purpose: Specifies the URL where users will be redirected after completing the applicant flow.
Usage: This should point to a page in your application where users continue their process after verification.
How to Set the Redirect URL
In the Application Details section, locate the Redirect URL field.
Enter the URL where applicants should be redirected after verification (e.g., https://www.yourapp.com/success).
Click Save changes to confirm.
Purpose: Specifies the encryption algorithm used to protect sensitive data associated with a particular application.
Usage: Choose between AES-256-CBC and AES-256-GCM based on your security and performance needs. This setting helps ensure compliance with security standards and allows you to align encryption preferences with internal policies or partner requirements. - AES-256-CBC – A widely adopted and secure encryption standard, suitable for most use cases. - AES-256-GCM – Offers improved performance and built-in authentication, recommended when additional integrity protection is needed.
After the application is created and saved, the system generates the following unique keys:
Purpose: A unique identifier for your application.
Usage: This ID is used internally within the system to reference your application during API interactions.
Purpose: Used for encrypting and decrypting data exchanged between your application and our services.
Usage: Retrieve this key to securely transmit sensitive data.
Purpose: Required for authentication when interacting with the Public API.
Usage: Include this key in API requests to ensure secure and authorized access.
The Webhook tab allows you to set up notifications and event tracking for your application.
Purpose: Defines a Webhook URL where our system will send real-time event notifications about applicant status and other updates.
Usage: Provide a URL that can handle requests from our system. These notifications help automate workflows and keep your application up-to-date.
Purpose: Add custom response headers to ensure secure and authenticated communication between your application and the webhook receiver.
Usage: Multiple headers can be added to support security and other necessary configurations.
How to Configure Webhooks
Navigate to the Webhook tab in the Application Settings.
Click Add notifications via webhook to create a new webhook connection.
Enter a Webhook Name and Webhook URL
To add custom headers:
Click Add response headers
Enter a Key and Value pair (e.g., Authorization: Bearer <token>).
Repeat this step to add multiple response headers if needed.
Click Save changes to apply the configuration.
The Failed Webhook Deliveries section provides insights into webhook events that failed due to issues on the client side. This feature helps users identify errors and troubleshoot their webhook configurations.
Navigate to the Webhook tab in the Application Settings.
Scroll down to the Failed Webhook Deliveries section.
Click View Failed Webhooks to open the failure log.
The failure log displays:
EVENT_ID – A unique identifier for each failed event.
EVENT_TYPE – The type of webhook event (e.g., APPLICANT_COMPLETED, APPLICANT_DUPLICATE_DOCUMENT).
ERROR_MESSAGE – A description of why the webhook request failed (e.g., "Expired document").
