1. Credentials 방식 (보안성 낮음)

Untitled

const KYC_TARGET_ORIGIN = "<https://kyc.useb.co.kr>";
const KYC_URL = "https://[kyc.useb.co.kr/auth](<http://kyc.useb.co.kr/auth?token=%ED%86%A0%ED%81%B0%EA%B0%92>)";
const params = {"customer_id": <고객사id>, "id": "<client_id>", "key": "<client_secret>"};

const kycIframe = document.getElementById("kyc_iframe");

kycIframe.onload = function () {
    let encodedParams = btoa(encodeURIComponent(JSON.stringify(params)));     // how to make a token by using base64 and url encoding
    kycIframe.contentWindow.postMessage(encodedParams, KYC_TARGET_ORIGIN);
    hideLoadingUI();
    startKYC();
    kycIframe.onload = null;
};

kycIframe.src = KYC_URL;
const KYC_TARGET_ORIGIN = "<https://kyc.useb.co.kr>";
const KYC_URL = "https://[kyc.useb.co.kr/auth](<http://kyc.useb.co.kr/auth?token=%ED%86%A0%ED%81%B0%EA%B0%92>)?token=";
const params = {"customer_id": <고객사id>, "id": "<client_id>", "key": "<client_secret>"};

let encodedParams = btoa(encodeURIComponent(JSON.stringify(params)));     // how to make a token by using base64 and url encoding
window.open(KYC_URL + encodedParams);

2. Access Token 방식 (보안성 높음)

Untitled

<aside> 💡 고객사의 eKYC 사용 계정 정보가 노출되지 않으므로 보안상 더 안전합니다.

</aside>

🧭 고객사 Server Side : kyc.useb.co.kr/sign-in API를 활용하여, useB.auth(useB.인증 서버)에 Access Token 발급을 요청합니다.

<aside> 💡 POST https://kyc-api.useb.co.kr/sign-in

</aside>

Request Body

{ 

    "customer_id": <customer_id>,   //number, 고객사id
    "username": "<id>",             //string, client_id
    "password": "<key>"             //string, client_secret
}

Response

{
    "api_response": {
        "result_code": "N100",
        "result_message": "OK."
    },
    "company": {
        "name": "id",
        "industry": 2,
        "phone_number": "1500-0002"
    },
    "expire": "2022-08-17T11:10:29Z",
    "is_temp_password": true,
    "name": "",
    "role": 2,
    "token": "<access_token>",     // Access Token 획득
    "username": "<client_id>"
}

🧭 고객사 Client Side : 발급받은 Access Token을 활용하여 useB.eKYC 솔루션에 접근합니다.