Worldcoin

Introduction

Quick Start

Fastest way to integrate and use World ID. Find instructions below for both Sign in with Worldcoin and Anonymous Actions.

  1. Sign up to the Developer Portal.

  2. Create your first app and configure it (initial config cannot be changed, but you can always create more apps):

  • Select the environment to use, staging or production. If you are trying things out, select staging. If you are ready to go live, select production.
  • Select whether you want this action to be cloud-based or on-chain.

Most use cases use the cloud engine. Select on-chain only if you are using a smart contract to verify a user's World ID.

You'll need your app ID (also called client ID) later. It looks something like app_GBkZ1KlVUdFTjeMXskrX.

Sign in with WorldcoinAnonymous Actions

The default way of using World ID is an authentication mechanism. If you already have an OIDC-compatible authentication engine, you can connect as follows:

Typical OIDC-compatible authentication engines include Auth0, Okta, AWS Cognito, CloudFlare Access, OneLogin and many more. Most languages and frameworks have simple open source packages for this too. A few examples: For Next.JS, for Django, for Go.

  1. Configure your OIDC authentication engine to use World ID as an Identity Provider (IdP), you will need the following information:
  • Discovery endpoint: https://id.worldcoin.org/.well-known/openid-configuration (if supported by your OIDC client engine, this will set everything automatically, continue below otherwise)

Required inputs

  • Client ID: your app id from the Developer Portal (e.g. app_GBkZ1KlVUdFTjeMXskrX).
  • Client secret: app secret, obtained from the "Sign In" tab in the Developer Portal (e.g. sk_6f07e1566ee4b765fe23d8c8).
  • Authorize endpoint: https://id.worldcoin.org/authorize
  • Response type: depends on how you want to authenticate, follow the recommendations of your engine. We recommend auth code flow for server-side apps and implicit flow for client-side apps
  • Supported response types: code (authorization flow), id_token (implicit flow), token, or a combination of them (hybrid flow).

Optional inputs

  • (Optional for implicit flow). Token endpoint: https://id.worldcoin.org/token
  • (Optional). User info endpoint: https://id.worldcoin.org/userinfo
  • (Optional). Introspect endpoint: https://id.worldcoin.org/introspect

This will use the default World ID login page. If you instead want to build your own authentication page, check out the Sign In docs.

  1. Once you have configured this, you can start the authentication flow from your app or authentication engine.

Testing your integration

Last step is test your entire integration. Open the widget where you'll see a QR code (or "Open Worldcoin app" button if on mobile).

  • If you created a Production action, use the World App from the App Store or Google Play to scan the QR code.
  • If you created a Staging action, use the Simulator to scan the QR code.