Migrating From Sandbox

In this article, we will walk you through the purpose of ID.me Sandbox environment and the key variables to test when switching to Production

What are ID.me’s Sandbox Environments?

Sandbox - Credential Validation (Group Verification & Vaccine Verification)

When you create an ID.me Developer account, it automatically defaults to a sandbox version of the production environment. This default sandbox environment provides our partners, such as you, to begin testing our credential validation capabilities with OAuth 2.0, OpenID Connect, and SAML. For more details on how to integrate ID.me’s credential validation solution, please visit the OAuth Integration Guide.

Test Credentials

Please note, the default sandbox environment will only allow you to verify successfully using the specified test user at the time of account creation. If you would like to request additional test users for a particular group, please contact your Sales Engineer or email partner support, at: [email protected].

Sandbox - Identity Verification

ID.me has a separate sandbox environment for its identity verification solutions. This environment will allow you to test our identity verification policies such as:

  • KBA Replacement
  • Fortified Identity
  • IAL2
  • eRX/EPCS

To request access to this environment, please reach out to your Sales Engineer or email partner support, at: [email protected].

For more details on how to integrate ID.me’s identity verification solution, please visit the OpenID Connect Integration Guide or OAuth Integration Guide. Please note, the endpoints highlighted in the integration guide are not the same as the endpoints leveraged for the sandbox environment and will be provided to you by your dedicated Sales Engineer.

Test Credentials

Once you have access to your Sandbox Environment details, you can simply go through the process of creating a new ID.me user account as shown below. The account creation process in the identity verification sandbox environment provides clickthrough capabilities to successfully verify as a test user.

When uploading proof of identity documentation, you do not need to leverage a real piece of identity documentation in the sandbox environment. The only requirement is the image file does need to be between 40 KB and 16 MB.

Testing Sandbox Environment

Our goal is to make the transition from Sandbox to Production as seamless as possible. In order to ensure you have fully tested the integrity of your sandbox integration, please ensure you completed the following checklist before requesting production access.

Sandbox Integration Checklist

  • A user can successfully verify through the authorization endpoint (Verify with ID.me button)
  • The ID.me authorization code is successfully captured by the client
  • The ID.me authorization code is exchanged for an Access Token from our Token endpoint
  • The Access Token is successfully captured and stored by the client’s backend server
  • The Access Token is exchanged for the User’s Attributes from our Attribute Endpoint
  • The JSON Payload is received and stored successfully by the client and stored appropriately in a CRM/database
  • The user is redirected to a friendly page, clearly highlighting the user verified successfully
  • The integration is following ID.me’s Brand Guidelines

Please note, the checklist above highlights an OAuth 2.0 explicit flow. If you are leveraging OpenID Connect, an OAuth Implicit Flow, or an ID.me Hosted Landing Page, your checklist may change.

Switching to Production

To find out more on how to switch your Sandbox environment to production, please see Requesting Production Access.