--- title: Verification flow description: When using the PingOne Verify IdP Adapter through the PingFederate authentication application programming interface (API), the following flow is used for verification requests. component: pingone page_id: pingone:pingone_verify_integration_kit:pf_p1_verify_ik_verification_flow canonical_url: https://docs.pingidentity.com/integrations/pingone/pingone_verify_integration_kit/pf_p1_verify_ik_verification_flow.html revdate: June 20, 2024 section_ids: identity-verification: Identity verification --- # Verification flow When using the PingOne Verify IdP Adapter through the PingFederate authentication application programming interface (API) *(tooltip: \
\

A specification of interactions available for building software to access an application or service.\

\
)*, the following flow is used for verification requests. ## Identity verification ![A diagram of the verification API flow.](_images/kvd1658525311158.png) 1. The user completes first-factor authentication or begins the registration flow. ID verification begins when using the PingOne Verify IdP Adapter is triggered in the PingFederate authentication or registration flow. 2. PingFederate returns a status of `ID_VERIFICATION_DEVICE` or `ID_VERIFICATION_OPTIONS`. The user selects how they want to proceed with the verification process. | | | | - | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | | `ID_VERIFICATION_OPTIONS` is not always present in the flow. It appears if the user has an email address or mobile number tied to the account. The email address or phone number can come from authentication policy attributes or from a LDAP server.Also, if your configuration forces the email or phone option, the adapter skips the selection step. | 3. PingFederate returns a status of `ID_VERIFICATION_REQUIRED` in the response to the API client and provides a QR code and a verification code. 4. The API client displays the QR code and verification code to the user. 5. The user completes the ID verification process in mobile web. 6. The API client invokes the poll action. 7. PingFederate returns the status of `ID_VERIFICATION_IN_PROGRESS` to the API client. 8. The poll action repeats until one of the following statuses occurs: * `ID_VERIFICATION_REQUIRED` * Verification failed, but a retry is allowed * The user can complete (or retry) the verification process with the provided QR code and verification code * There are two options available to the API client: 1. Continue polling by calling `poll` and wait for the status to change 2. Cancel the verification request by calling `cancelAuthentication` * `ID_VERIFICATION_FAILED` * Verification failed, and a retry is not allowed * The authentication request is cancelled * `ID_VERIFICATION_TIMED_OUT` * Verification timed out * There are two options available to the API client: 1. Retry by calling `retryVerification` 2. Cancel the verification request by calling `cancelAuthentication` * `ID_VERIFICATION_COMPLETED` * Verification succeeded * The API client continues the flow by calling `continueAuthentication` * PingFederate returns the transaction status and user data to the API client