Iframe Embedding
Embed Owl Eyes verification directly in your page using an iframe for maximum compatibility.
Overview
Iframe embedding is the simplest way to add identity verification to your site. It works with any framework or static HTML and requires minimal setup.
Maximum Compatibility
Works with any website regardless of framework or technology stack.
Isolation
Runs in a sandboxed environment, isolated from your page scripts.
Easy Updates
Always uses the latest version without code changes on your end.
Basic Iframe Embed
Create a verification link in your dashboard or via API, then embed it:
allow="camera; microphone" attribute is required for the verification to access the camera for document capture and liveness detection.Dynamic Iframe with JavaScript
Create the iframe dynamically after getting a verification link from your backend:
Listening for Events
Listen for postMessage events from the iframe to track verification status:
URL Parameters
Customize the iframe experience with URL parameters:
| Parameter | Description | Example |
|---|---|---|
theme | Light or dark mode | ?theme=dark |
primaryColor | Primary accent color (hex without #) | ?primaryColor=D4A853 |
hideHeader | Hide the Owl Eyes header | ?hideHeader=true |
hideProgress | Hide the progress indicator | ?hideProgress=true |
lang | Language code | ?lang=es |
redirectUrl | URL to redirect after completion | ?redirectUrl=https://... |
Responsive Sizing
Make the iframe responsive with CSS:
Full-Page Redirect
Instead of embedding, redirect users to the verification page:
Security Best Practices
Always verify the message origin
Only trust postMessage events from
https://verify.owl-eyes.com.Don't trust client-side results
Always verify results on your backend via webhooks or API calls.
Use server-side session creation
Create verification links on your backend to prevent tampering.
Implement CSP headers
Add
frame-src verify.owl-eyes.comto your Content Security Policy.