USER VERIFICATION VIA AUTHENTICATE™

User Verification via Authenticate™

Published November 2023

    •    Updated July 2025

Plugin details

Secure your app by formally authenticating your users.

Authenticate.com is a verification platform that provides Knowledge Based Authentication, Photo ID & Passport Verification, Age, Employment, Education & Criminal Background Checks, MVR & DMV Records, Email, SMS, FEIN & SSN Verification.

This plugin leverages the Medallion™ UI to offer clients a single button which redirects a user within the client's application or website to complete an identity verification.

This UI allows a user to securely capture images of their photo ID, passport and themselves to verify their identity with a forensic, forgery and biometric analysis of the document. Or the user can choose to take a knowledge based authentication (KBA) quiz.

Medallion™ is equipped with state-of-the-art auto-image capture to ensure that the images taken of a photo ID or passport are clear enough to be analyzed and verified.

Medallion™ also offers a facial recognition comparison score and a passive liveness check with anti-spoofing technology using the camera on a mobile device to ensure that the person authenticating this identity is the actual individual that identity belongs to.

Demo application : https://authenticatedemo.bubbleapps.io/version-test

Demo Editor: https://bubble.io/page?name=index&id=authenticatedemo-editor&tab=tabs-1

Contact us at [email protected] for any additional feature you would require or support question.

$69

One time • Or $7/mo

5.0 stars   •   1 ratings

5 installs  

This plugin does not collect or track your personal data.

Platform

Web & Native mobile

Contributor details

wise:able

Joined 2020   •   122 Plugins

View contributor profile

Instructions

AUTHENTICATE.COM
======================

DESCRIPTION
------------------------
  AUTHENTICATE.COM allows Knowledge Based Authentication, Photo ID & Passport Verification, Age, Employment, Education & Criminal Background Checks, MVR & DMV Records, Email, SMS, FEIN & SSN Verification.

  The flow starts by creating a unique authentication URL from the user attributes (email, names, date of birth, etc). Once the verification is complete, AUTHENTICATE.COM sends the USER ACCESS CODE via WEBHOOK to your app. You must then query the VERIFICATION RESULTS using this USER ACCESS CODE.
Finally, you may save the VERIFICATION RESULTS to the correct user by matching the user's email address contained in those VERIFICATION RESULTS.

STEP-BY-STEP SETUP
--------------------------------
  0) Create and activate an account on AUTHENTICATE.COM.

  1) a) Set in your PLUGIN SETTINGS your COMPANY ACCESS CODE, available after account activation. The COMPANY ACCESS CODE is set as Public key as it is required to generate the unique URL for a given user from the element, contrary to your API Key which remains secret.

  1) b) Set in your API KEY prefixed by "Bearer ".

  2) Add the AUTHENTICATE.COM element on the page on which you wish to implement user authentication.

  3) Make sure the element is visible.

  4) Create a page to which the user will be redirected to after the verification is complete. Typically you may want to show the VERIFICATION RESULTS on that page.

  5) In a workflow triggered by a button for example, add the GENERATE AUTHENTICATION URL action and set the following fields:

  FIELDS :
  - FIRST NAME : First Name to match against the verification method.
  - MIDDLE NAME : Middle Name to match against the verification method.
  - LAST NAME : Last Name to match against the verification method.
  - DATE OF BIRTH : Date of Birth to match against the verification method.
  - EMAIL : Email of the user to be authenticated.
  - VERIFICATION OPTIONS : EITHER: Lets the user Upload their ID/Passport or answer the Identity Proof Quiz | BOTH: Asks the user to mandatorily Upload their ID/Passport and answer the Identity Proof Quiz | DOCUMENT_ONLY: Upload ID/Passport Only | QUIZ_ONLY: 	Identity Proof Quiz only
  - REDIRECT URL : Redirect URL has to be a valid SSL Secured URL. Typically this URL is a Bubble page displaying the verification results to your user.

  6) Add a new workflow with the triggering event being AUTHENTICATION URL GENERATED. This event fires once the element has generated the unique authentication URL your user will be directed to.

  7) Create a USER ACCESS CODE field (or create the fields containing desired VERIFICATION RESULT data) in the User table of your app.

  8) Use the action "OPEN AN EXTERNAL WEBSITE" to open the URL in the AUTHENTICATION URL of the element. You should now be able to trigger a first authentication request, to be done at step 14.

  10) Now we must create the endpoint from which the USER ACCESS CODE will be received from AUTHENTICATE.COM after the user has completed the verification.
  Go to your APP > BACKEND WORKFLOWS, create a NEW API WORKFLOW, check the options "EXPOSE AS A PUBLIC API WORKFLOW", "THIS WORKFLOW CAN BE RUN WITHOUT AUTHENTICATION", "IGNORE PRIVACY RULES WHEN RUNNING THE WORKFLOW". Set the first action as "RETURN DATA FROM API", "PLAIN TEXT", value "OK.

  11) In "PARAMETERS DEFINITION", set the option to "DETECT REQUEST DATA".

  12) Click on "DETECT DATA", copy the URL.

  13) Go to your AUTHENTICATE.COM USER PORTAL > SETTINGS > WEBHOOK, paste the URL.

  14) Perform a verification by clicking on the button set up earlier in order to send data to the webhook to initialize it.

  15) After the verification is complete, you will notice that the previously created API WORKFLOW has detected incoming data containing the USER ACCESS CODE.

  16) Go back to your AUTHENTICATION.COM USER PORTAL > SETTINGS > WEBHOOK and remove the /initialize part of your WEBHOOK URL.

  17) Finalize the API WORKFLOW you started to implement at step 10 by using the action GET DATA FROM AN EXTERNAL API "AUTHENTICATE.COM - GET TEST RESULTS".

    Inputs Fields :
      - USER ACCESS CODE : USER ACCESS CODE contained in the WEBHOOK payload after the verification has completed.

    Output Fields : VERIFICATION RESULT containing also the user attributes.

  18) At this stage, you may want to save the USER ACCESS CODE (or the desired authentication data) into the User field created at step 7, the user being matched with its email address contained in the response.

  19) Finalize the redirect page created at step 4 by displaying the result of the verification, typically by displaying the VERIFICATION RESULT based on the data stored at the step 18, depending on your implementation.

  20) Remember that the webhook URL contains your branch version (/version-test/ for example). Amend the webhook URL in AUTHENTICATE.COM portal according to the branch you are working on.

IMPLEMENTATION EXAMPLE
======================
Feel free to browse the app editor in the Service URL for an implementation example.

TROUBLESHOOTING
================
Any plugin related error will be posted to the the Logs tab, "Server logs" section of your App Editor.
Make sure that "Plugin server side output" and "Plugin server side output" is selected in "Show Advanced".

> Server Logs Details: https://manual.bubble.io/core-resources/bubbles-interface/logs-tab#server-logs

PERFORMANCE CONSIDERATIONS
===========================
  N/A

QUESTIONS ?
===========
Contact us at [email protected] for any additional feature you would require or support question.

Types

This plugin can be found under the following types:

Api   •   Element   •   Event   •   Action

Resources

Support contact

Documentation

Tutorial

Rating and reviews

Average rating (5.0)

Excellent plug in

November 28th, 2023

Thank you for building this plugin, it is fantastic. I like Authenticate because the ID scan and basic background check only costs $1 per verification

Product

Bubble for

Discover

Learn

Resources

Community

Company

Legal

Bubble uses cookies

Bubble uses cookies. By using our service you consent to all cookies in accordance with our Cookie Policy. Read more

Save & Close

I agree

I disagree

Show details

Strictly necessary

Performance

Targeting

Functionality

Unclassified

Cookie declaration

About cookies

Strictly necessary

Performance

Targeting

Functionality

Unclassified

Strictly necessary cookies allow core website functionality such as user login and account management. The website cannot be used properly without strictly necessary cookies.

Cookie report
Name	Provider / Domain	Expiration	Description
usprivacy	.bubble.io	1 year	This cookie stores the user's consent state regarding tracking and privacy in compliance with the United States privacy regulation.
__cf_bm	Cloudflare Inc. .calendly.com	29 minutes 45 seconds	This cookie is used to distinguish between humans and bots. This is beneficial for the website, in order to make valid reports on the use of their website.
__cf_bm	Cloudflare Inc. .clutch.co	29 minutes 55 seconds	This cookie is used to distinguish between humans and bots. This is beneficial for the website, in order to make valid reports on the use of their website.
li_gc	LinkedIn Corporation .linkedin.com	5 months 4 weeks	Used to store guest consent to the use of cookies for non-essential purposes
__cf_bm	Cloudflare Inc. .transformo.io	29 minutes 57 seconds	This cookie is used to distinguish between humans and bots. This is beneficial for the website, in order to make valid reports on the use of their website.
meta_u1main	.bubble.io	Session
__cf_bm	Cloudflare Inc. .lu.ma	29 minutes 44 seconds	This cookie is used to distinguish between humans and bots. This is beneficial for the website, in order to make valid reports on the use of their website.
meta_live_u2main.sig	.bubble.io	2 days 23 hours
_GRECAPTCHA	Google LLC www.google.com	5 months 4 weeks	Google reCAPTCHA sets a necessary cookie (_GRECAPTCHA) when executed for the purpose of providing its risk analysis.
__cf_bm	Cloudflare Inc. .producthunt.com	29 minutes 57 seconds	This cookie is used to distinguish between humans and bots. This is beneficial for the website, in order to make valid reports on the use of their website.
_GRECAPTCHA	Google LLC www.recaptcha.net	5 months 4 weeks	Google reCAPTCHA sets a necessary cookie (_GRECAPTCHA) when executed for the purpose of providing its risk analysis.
_gd_session	bubble.io	4 hours	This cookie manages user sessions on the website, ensuring that user interactions are recognized across various web requests. This helps in providing a consistent and accurate user experience.
_scid	Snap Inc. .bubble.io	1 year 1 month
opt_out	.postrelease.com	1 year	This cookie is used to track the user's decision to opt out of cookies on the website, indicating they have chosen not to have their data used for tracking and personalisation purposes.
AWSALBCORS	Amazon.com Inc. storm.birdie.so	6 days 23 hours	For continued stickiness support with CORS use cases after the Chromium update, we are creating additional stickiness cookies for each of these duration-based stickiness features named AWSALBCORS (ALB).
VISITOR_PRIVACY_METADATA	YouTube .youtube.com	5 months 4 weeks	This cookie is used to store the user's consent and privacy choices for their interaction with the site. It records data on the visitor's consent regarding various privacy policies and settings, ensuring that their preferences are honored in future sessions.
__cf_bm	Cloudflare Inc. .lumacdn.com	29 minutes 58 seconds	This cookie is used to distinguish between humans and bots. This is beneficial for the website, in order to make valid reports on the use of their website.
_tt_enable_cookie	.bubble.io	2 months 4 weeks	This cookie is used to remember the user's preferences regarding the use of cookies on the website.
AWSALBCORS	Amazon.com Inc. app.birdie.so	1 week	For continued stickiness support with CORS use cases after the Chromium update, we are creating additional stickiness cookies for each of these duration-based stickiness features named AWSALBCORS (ALB).
__cf_bm	Cloudflare Inc. .t.co	29 minutes 44 seconds	This cookie is used to distinguish between humans and bots. This is beneficial for the website, in order to make valid reports on the use of their website.
__cf_bm	Cloudflare Inc. .twitter.com	29 minutes 44 seconds	This cookie is used to distinguish between humans and bots. This is beneficial for the website, in order to make valid reports on the use of their website.
__cf_bm	Cloudflare Inc. .vimeo.com	29 minutes 58 seconds	This cookie is used to distinguish between humans and bots. This is beneficial for the website, in order to make valid reports on the use of their website.
__session	.gitbook.com	1 year 1 month	This cookie is used to maintain an anonymized user session by the server.
meta_live_u2main	.bubble.io	2 days 23 hours
CookieScriptConsent	CookieScript .bubble.io	1 year 1 month	This cookie is used by Cookie-Script.com service to remember visitor cookie consent preferences. It is necessary for Cookie-Script.com cookie banner to work properly.
meta-firebase_workflow	.bubble.io	59 minutes 21 seconds

Performance cookies are used to see how visitors use the website, eg. analytics cookies. Those cookies cannot be used to directly identify a certain visitor.

Cookie report
Name	Provider / Domain	Expiration	Description
X-AB	Stack Exchange Inc. sc-static.net	1 day
_ga_G4MHXCYE4T	.bubble.io	1 year 1 month	This cookie is used by Google Analytics to persist session state.
m	Stripe m.stripe.com	1 year 1 month	This cookie is generally used for performance and optimization of payment processing services, facilitating caching of content on the browser to make pages load faster.
_ttp	.bubble.io	2 months 4 weeks	This cookie is used to track user interaction and behavior on the website for site performance and usage analysis. This information is used to improve the user experience and optimize the website's functionality.
analytics_session_id	Cakemail .bubble.io	1 year	This cookie tracks user behavior throughout the session on the website, collecting data such as how long a visitor stays on a page and what links they click on. This information is used to improve user experience and website performance.
data-c	Media.net .media.net	4 weeks 2 days	This cookie is used to collect information on user behavior and interaction to enhance the user experience and measure website performance.
_gd_visitor	bubble.io	1 year 1 month	This cookie is used to track visitors' interactions with the website, collecting data on their behavior for analytics purposes. It helps in understanding how users engage with the site, which parts of the site are most visited, and how the navigation flow is structured, aiming to improve the user experience and site performance.
_ttp	.tiktok.com	2 months 4 weeks	This cookie is used to track user interaction and behavior on the website for site performance and usage analysis. This information is used to improve the user experience and optimize the website's functionality.
analytics_session_id.last_access	.bubble.io	1 year	This cookie is used to store the time of the last access by a user in an analytics session, helping in understanding user engagement and the effectiveness of the website content.
_ga_BFPVR2DEE2	.bubble.io	1 year 1 month	This cookie is used by Google Analytics to persist session state.
ahoy_visit	Teachable store.bubble.io	4 hours	This cookie is used to track a visitor's session, helping to understand how users interact with the site to improve user experience and functionality.
_ga_5Q4JP8E2X4	.bubble.io	1 year 1 month	This cookie is used by Google Analytics to persist session state.
_ga_CEPZJCHM3K	.bubble.io	1 year 1 month	This cookie is used by Google Analytics to persist session state.
data-c-ts	Media.net .media.net	4 weeks 2 days	This cookie is used to time-stamp and perform a time sync for users' sessions, ensuring accurate session time tracking.
_ga	Google LLC .bubble.io	1 year 1 month	This cookie name is associated with Google Universal Analytics - which is a significant update to Google's more commonly used analytics service. This cookie is used to distinguish unique users by assigning a randomly generated number as a client identifier. It is included in each page request in a site and used to calculate visitor, session and campaign data for the sites analytics reports. By default it is set to expire after 2 years, although this is customisable by website owners.
_ga_Y168TZXEQ5	.bubble.io	1 year 1 month	This cookie is used by Google Analytics to persist session state.
ajs_anonymous_id	Segment.io Inc. .bubble.io	1 year	These cookies are generally used for Analytics and help count how many people visit a certain site by tracking if you have visited before. This cookie has a lifespan of 1 year.
c	.bidswitch.net	1 year	This cookie is used to identify the frequency of visits and how the visitor accesses the website. It collects data on the user's visits to the website, such as which pages have been read.

Targeting cookies are used to identify visitors between different websites, eg. content partners, banner networks. Those cookies may be used by companies to build a profile of visitor interests or show relevant ads on other websites.

Cookie report
Name	Provider / Domain	Expiration	Description
YSC	Google LLC .youtube.com	Session	This cookie is set by YouTube to track views of embedded videos.
personalization_id	Twitter Inc. .twitter.com	1 year 1 month	This cookie carries out information about how the end user uses the website and any advertising that the end user may have seen before visiting the said website.
CMPRO	Casale Media Inc. .casalemedia.com	2 months 4 weeks	These cookies are linked to advertising and tracking the products users were looking at.
_scid_r	.bubble.io	1 year 1 month	This cookie is used for tracking purposes, helping to identify unique visitors across sessions and track their interactions and engagement on the website.
tv_UICR	.tremorhub.com	4 weeks 2 days	This cookie is used to track user interactions and engagement with the website's content to improve the service and content delivery. It can collect data on user behavior and preferences to facilitate targeted advertising and marketing strategies.
VISITOR_INFO1_LIVE	Google LLC .youtube.com	5 months 4 weeks	This cookie is set by Youtube to keep track of user preferences for Youtube videos embedded in sites;it can also determine whether the website visitor is using the new or old version of the Youtube interface.
tvid	Tremor Video DSP .tremorhub.com	1 year	This cookie is used for tracking user interaction and engagement with the website's content, helping in the improvement and optimization of online services provided. It may also be used for delivering personalized advertising experiences.
uid	.criteo.com	1 year	This cookie provides a uniquely assigned, machine-generated user ID and gathers data about activity on the website. This data may be sent to a 3rd party for analysis and reporting.
_uetsid	Microsoft Corporation .bubble.io	1 day	This cookie is used by Bing to determine what ads should be shown that may be relevant to the end user perusing the site.
lidc	Microsoft Corporation .linkedin.com	1 day	This is a Microsoft MSN 1st party cookie that ensures the proper functioning of this website.
_uetvid	Microsoft Corporation .bubble.io	1 year 3 weeks	This is a cookie utilised by Microsoft Bing Ads and is a tracking cookie. It allows us to engage with a user that has previously visited our website.
addshoppers	shop.pe	1 year 1 month	This cookie is used to track user interaction and sharing behavior on social media platforms, enabling personalized marketing and social media sharing capabilities.
_gcl_au	Google LLC .bubble.io	3 months	Used by Google AdSense for experimenting with advertisement efficiency across websites using their services
addshoppers.com	bubble.io	1 year 1 month	This cookie is associated with the AddShoppers social sharing platform, a technology that integrates with websites to enable tracking and sharing capabilities across social networks. It supports social media integration and can gather data regarding sharing and social interactions on the site to help understand user influence and to enhance marketing strategies.
CMID	Casale Media Inc. .casalemedia.com	1 year	These cookies are linked to advertising and tracking the products users were looking at.
bcookie	Microsoft Corporation .linkedin.com	1 year	This is a Microsoft MSN 1st party cookie for sharing the content of the website via social media.
tuuid_lu	.bidswitch.net	1 year	Contains a unique visitor ID, which allows Bidswitch.com to track the visitor across multiple websites. This allows Bidswitch to optimize advertisement relevance and ensure that the visitor does not see the same ads multiple times.
tuuid	.bidswitch.net	1 year	This cookie is mainly set by bidswitch.net to make advertising messages more relevant to the website visitor.
_fbp	Meta Platform Inc. .bubble.io	2 months 4 weeks	Used by Facebook to deliver a series of advertisement products such as real time bidding from third party advertisers
ab	.agkn.com	1 year	This cookie is generally provided by agkn.com and is used for advertising purposes.
demdex	Adobe Inc. .demdex.net	5 months 4 weeks	This cookie helps Adobe Audience Manger perform basic functions such as visitor identification, ID synchronization, segmentation, modeling, reporting, etc.
sc_at	Snap Inc. .snapchat.com	1 year
MUID	Microsoft Corporation .bing.com	1 year	This cookie is widely used my Microsoft as a unique user identifier. It can be set by embedded microsoft scripts. Widely believed to sync across many different Microsoft domains, allowing user tracking.
dpm	Adobe Inc. .dpm.demdex.net	5 months 4 weeks	Adobe Audience Manager - data management platform uses this cookie to record information around synchronisation of IDs.
CMPS	Casale Media Inc. .casalemedia.com	2 months 4 weeks	These cookies are linked to advertising and tracking the products users were looking at.

Functionality cookies are used to remember visitor information on the website, eg. language, timezone, enhanced content.

Cookie report
Name	Provider / Domain	Expiration	Description
ajs_anonymous_id	Segment.io Inc. .loom.com	1 year 1 month	These cookies are generally used for Analytics and help count how many people visit a certain site by tracking if you have visited before. This cookie has a lifespan of 1 year.
loom_anon_comment	Loom .loom.com	1 year 1 month	This cookie is used to differentiate anonymous users when they leave comments on holaspirit.com, enabling the identity of the commenter to remain unknown for privacy.
_cfuvid	.vimeo.com	Session	This cookie is used for purposes of tracking users across sessions to optimize user experience by maintaining session consistency and providing personalized services.
__stripe_mid	Stripe Inc. .bubble.io	1 year	This cookie is set by Stripe to distinguish users and enable secure payment processing during interactions with the website.
_cfuvid	.calendly.com	Session	This cookie is used for purposes of tracking users across sessions to optimize user experience by maintaining session consistency and providing personalized services.
ajs_anonymous_id	Segment.io Inc. demo.arcade.software	1 year	These cookies are generally used for Analytics and help count how many people visit a certain site by tracking if you have visited before. This cookie has a lifespan of 1 year.
__stripe_sid	Stripe Inc. .bubble.io	29 minutes 58 seconds	This cookie is set by Stripe to manage and process payments securely, allowing temporary storage of session related information during a users visit to the website.
loom_referral_video	Loom, Inc. .www.loom.com	Session	This cookie is used to track referrals and video plays across the website, enabling the website to attribute video views to the correct referral sources.
MSPTC	Microsoft .bat.bing.com	1 year	This cookie is used to track user engagement and interaction with the website to enhance customer experience and website functionality. It may collect information about how users navigate and use the site, helping to identify preferences and improve service delivery.
visitor-id	Media.net .media.net	1 year	This cookie is used to identify unique visitors across the website to provide a consistent and personalized experience.

Unclassified cookies are cookies that do not belong to any other category or are in the process of categorization.

Cookie report
Name	Provider / Domain	Expiration
__Secure-ROLLOUT_TOKEN	.youtube.com	5 months 4 weeks
ttcsid	.bubble.io	2 months 4 weeks
intercom-device-id-cz703g22	.bubble.io	8 months 4 weeks
intercom-session-cz703g22	.bubble.io	1 week
kwsu	ciqtracking.com	1 year 1 month
CrossDomainCookieScriptConsent_239	.crossdomain.cookie-script.com	1 year 1 month
__BROWSER__	store.bubble.io	Session
ahoy_visitor	store.bubble.io	1 year 1 month
bubble-certifications_live_u2main	.certification.bubble.io	3 days
_ScCbts	.bubble.io	1 week
_brilliant_session	.bubble.io	Session
bubble-certifications_live_u2main.sig	.certification.bubble.io	3 days
ttcsid_CRGSJIJC77UAMBH9S77G	.bubble.io	2 months 4 weeks
bubble-certifications_u1main	.certification.bubble.io	Session
_iub_cs-57859130-uspr	.bubble.io	1 year
intercom-id-cz703g22	.bubble.io	8 months 4 weeks
muc_ads	Twitter .t.co	1 year 1 month
upgrade_pv_1487181547537x364191731148390400	bubble.io	1 week

Cookies are small text files that are placed on your computer by websites that you visit. Websites use cookies to help users navigate efficiently and perform certain functions. Cookies that are required for the website to operate properly are allowed to be set without your permission. All other cookies need to be approved before they can be set in the browser.

You can change your consent to cookie usage at any time on our Privacy Policy page.

Your consent will also apply to the following websites:

bubble.io
flusk.eu

User Verification via Authenticate™

Plugin details

$69

One time • Or $7/mo

Other actions

Platform

Contributor details

Instructions

Types

Categories

Resources

Rating and reviews

Average rating (5.0)