Orchestrator
In-browser face captures go straight to the backend via enrollFace. USB / contactful actions run on a physical HWS workstation and are dispatched asynchronously through the orchestrator (/v1/orchestrator/jobs/):
dispatch → poll getJob until terminal → read result / errorReach it via sdk.orchestrator (an OrchestratorClient).
Actions
capture.fingerprint · enroll.fingerprint · match.fingerprint · verify.fingerprint · search.fingerprint · inventory
Example
const job = await sdk.orchestrator.run(
{
workstationId: 'WS-LAGOS-03',
action: 'capture.fingerprint',
payload: { position: 1 }, // schema owned by the HWS
idempotencyKey: crypto.randomUUID(),
},
{ pollIntervalMs: 1000, timeoutMs: 60000 },
);
// job.status === 'succeeded'; job.result holds the HWS payload.run() is dispatch() + awaitJob(). Use them separately if you want to surface the dispatched state before polling, or cancel(jobId) to request cancellation.
Terminal states
awaitJob resolves on succeeded and throws on the rest: SladeIDError(JOB_FAILED), SladeIDError(JOB_CANCELLED), or NetworkError(TIMEOUT) if the deadline passes first.
Attribution (X-Integrator-Id)
A keycloakClientCredentials token authenticates as a tenant-less service account, so the backend needs an explicit integrator to attribute the job. Set integratorId in your config — the SDK sends it as X-Integrator-Id and dispatch() fails fast with CONFIG_INVALID if it’s missing. A tenant-scoped tokenProvider token resolves its own integrator server-side, so the header is optional there.
The per-action
payloadandresultschemas are defined by the HWS, not the backend — the backend forwards the payload opaquely. Treat them as open records until the HWS contract is published.