LoomAPIBETA

Test Mode

Learn how to use the mock verification provider for development and testing.

What is Test Mode?

LoomAPI includes a built-in mock verification provider for development and testing. This allows you to test your integration without connecting to a real identity verification service like Veriff.

The mock provider simulates the verification flow and returns realistic responses, making it perfect for local development, CI/CD pipelines, and integration testing.

How Test Mode Works

When a tenant is configured to use the mock provider (instead of Veriff), the verification process works as follows:

  1. Start verification: Call POST /verify/startas normal. The mock provider accepts any userAgent and IP address.
  2. Complete verification: Call POST /verify/completewith your evidence. The mock provider will approve if the evidence contains an age field >= 18, otherwise it rejects.
  3. Token validation: Tokens from mock verifications work exactly like production tokens and can be validated using POST /tokens/validate.

Important: Mock provider verifications are not real identity verifications. They are only for testing your integration logic, not for compliance or production use.

Mock Provider Behavior

Approval Criteria

The mock provider approves verifications when:

  • The evidence object contains an age field
  • The age value is greater than or equal to 18

Rejection Criteria

The mock provider rejects verifications when:

  • The evidence object does not contain an age field
  • The age value is less than 18
  • The evidence structure is invalid

Example Usage

Here's an example of using the mock provider in your test code:

javascript
// Example: Using mock provider for testing
const response = await fetch('https://project-halo-api.onrender.com/verify/complete', {
  method: 'POST',
  headers: {
    'Content-Type': 'application/json',
    'x-tenant-api-key': 'your-api-key-here',
  },
  body: JSON.stringify({
    verificationId: 'test-verification-id',
    evidence: {
      // Mock provider accepts any evidence structure
      // In production, this would be Veriff evidence
      mock: true,
      age: 25, // Simulated age
    },
  }),
});

const data = await response.json();
// Mock provider will approve if age >= 18
console.log('Status:', data.status); // 'approved' or 'rejected'
console.log('Token:', data.token); // JWT token if approved

Switching Between Mock and Production

The verification provider (mock or Veriff) is configured at the API level. Test accounts use the mock provider by default, while production accounts use Veriff when configured.

For Test Accounts: Mock provider is enabled automatically. No configuration needed.

For Production Accounts: Contact support to configure Veriff provider. You'll need to provide your Veriff API credentials.

Note: Per-tenant provider configuration is planned for a future release. Currently, the provider is set at the API instance level.

⚠️ Important Notes

  • Mock provider tokens are valid JWT tokens but represent simulated verifications only
  • Do not use mock provider tokens for production access control
  • Mock provider does not perform real identity verification or compliance checks
  • Always test with real providers before going to production