Silent Authentication is a powerful tool designed to make logging into Mercuryo frictionless for end-users. By passing a secure token in the URL, users can skip manual login steps in the widget with no need to enter credentials, resulting in a smoother and faster experience.
How Silent Authentication works
Silent Authentication supports two main onboarding scenarios for partners:
Silent Sign-Up: For partners who do not conduct their own KYC (Know Your Customer) procedures, users can be registered and logged in silently with just their email and acceptance of terms.
Silent Sign-Up + SumSub KYC: For partners using SumSub for KYC, users are registered silently, and their KYC status is shared with Mercuryo using a one-time share token.
Partner requirements
To enable Silent Authentication, partners must add Mercuryo’s terms and policy agreement to their front end and ensure users accept these terms before sharing any data. They must also formally agree with Mercuryo on using user data for registration and third-party services.
Error handling
- Tokens expire after first use or one hour.
- If invalid or expired, users see a standard login/registration flow.
- If parameters are incorrect or already registered, an error is returned.
Special cases
US Residents: US users are handled via ZeroHash (ZH) for KYC. If KYC fails or ZH cannot create the applicant, the process is paused until resolved.
Silent registration settings: Partners can enable or disable silent registration for email (and phone for SaaS partners). If disabled, silent login/registration is not allowed.
Benefits of Silent Authentication
- Better user experience: no need for manual credential entry.
- Flexible integration: both KYC and non-KYC partner flows are supported.
- Secure and Compliant: user data is always handled according to the correct regulatory requirements.
For full technical details, refer to Mercuryo’s API documentation or contact your integration manager.
