SDK Integration

Action Approval SDK
for iOS & Android

Get signed proof your backend can verify before executing high-risk actions.

In Short

How do you integrate the Yuthent SDK?

Your app calls the SDK with an actionType, actionContextId, and riskLevel. The device verifies the human and returns a signed proof. Biometric data never leaves the device. Your backend verifies the ACK with Yuthent and executes only on success. One SDK call client-side, verify the ACK server-side. A thin layer.

What You Build

What You Build with Yuthent

Yuthent is not just login. It is action-level human verification with signed proof your backend can trust.

Protect Any Action

Login, account recovery, privileged admin actions, approvals, transfers. Not just authentication. Action authority.

Proof Bound to Context

Every approval is tied to a specific action context (actionContextId). Proof cannot be replayed for a different action.

Your Backend Enforces

Your server verifies the proof and decides whether to execute. The app is never the source of truth.

Integration Flow

How Integration Works

Four steps from action request to backend enforcement. Your app collects approval. Your server enforces it.

01

Request Approval

Your app calls the SDK with an actionType, actionContextId, and riskLevel. No PII required.

02

On-Device Verification

The SDK verifies the human on-device and produces a signed proof bundle. Biometric data never leaves the device.

03

Backend Verification

Your backend sends the proof reference to Yuthent Cloud and receives a verified decision (ACK or REJECT).

04

Execute or Block

Your backend executes the action only after verification succeeds. Your server stays the enforcement point.

No biometric data leaves the device at any step.

Capability Policy

Policy-Driven Escalation

Your backend policy engine determines the capability level required. The capability determines how proof is validated.

LOWMEDIUM

Offline-First

Approvals are produced on-device and queued. Your backend syncs the proof later and audits it. Connectivity is not required at action time.

Example: clock-in, field approvals, low-value actions

HIGHCRITICAL

Real-Time Required

Your backend must verify the proof with Yuthent Cloud before executing the action. The action is blocked until verification succeeds.

Example: login, transfers, admin actions, account recovery

Data & Privacy

We Don't Need Your Business Data

Biometrics Stay On-Device

Biometric data is never transmitted. Your backend sees decisions and proof references, not biometrics.

Context IDs, Not PII

Payloads use actionType, actionContextId, and riskLevel. No user names, emails, or transaction amounts.

Minimal Payload

The SDK sends only what is needed for verification. Your business logic and user data stay in your system.

For Existing Customers

Already a customer? Use the customer portal for API keys, environments, and monitoring.

Ready to Integrate?

We work directly with engineering teams building security-critical applications. Request SDK access and start a pilot.