Canonical Identity/Namespace Engine/Identity Assurance/Federation APIs/Access Federation/Verification/Embedded Issuance/Workforce Continuity/Cross-System Identity/Canonical Identity/Namespace Engine/Identity Assurance/Federation APIs/Access Federation/Verification/Embedded Issuance/Workforce Continuity/Cross-System Identity/Canonical Identity/Namespace Engine/Identity Assurance/Federation APIs/Access Federation/Verification/Embedded Issuance/Workforce Continuity/Cross-System Identity/Canonical Identity/Namespace Engine/Identity Assurance/Federation APIs/Access Federation/Verification/Embedded Issuance/Workforce Continuity/Cross-System Identity/
wrk.id logo
Request Demo
▸ 05 / Developers · Embedded Identity Infrastructure

Embedded Identity Infrastructure.

Issue, verify, and federate workforce identity from inside any workforce software platform. WRK runs the canonical identity infrastructure beneath your product so every identity you issue is part of the global workforce identity network.

▸ Developer accessTalk to engineering

01/Embed WRK into your platform

Three primitives
/E01

Issue

Issue canonical workforce identity from inside your platform.

/E02

Verify

Run verification workflows that produce a portable assurance tier.

/E03

Federate

Federate identity events across the workforce identity network.

Workforce platforms can present identity issuance as a native feature of their own product. The customer-facing surface — the namespace format, the verification flow, the branding — is yours. The canonical identity infrastructure underneath is WRK.

This is white-label workforce identity issuance. Your platform issues identities to your customers' workforces; WRK ensures every identity is canonical, federated, and continuous across the rest of the network.

▸ Embedded issuance
POST /v1/identities
{
  "type": "worker",
  "org": "demo_enterprise",
  "alias_format": "DEMO_ENTERPRISE-EMP-####",
  "tier": "verified"
}

→ {
  "canonical": "WRK-H-9X82K1P3",
  "alias":     "DEMO_ENTERPRISE-EMP-00188",
  "tier":      2,
  "status":    "active"
}
Conceptual example · subject to change

02/Federation APIs

Workforce software

A focused API surface for identity federation.

Issue, look up, verify, and federate canonical identity from your own product. One surface, every workforce system.

/API · 01
Identity issuance
Create canonical identity with an optional namespace alias and assurance tier.
/API · 02
Namespace creation
Define custom identity formats per organization, mapped to canonical.
/API · 03
Verification
Trigger and consume workforce verification workflows.
/API · 04
Webhooks
Receive identity events for downstream workforce systems.
/API · 05
Access federation
Bind canonical identity to access and attendance events.

03/Webhooks

Identity events

Subscribe to identity events to keep downstream workforce systems in sync. Identity creation, verification tier changes, namespace reassignments, suspensions, and reconciliations all stream through a unified event surface.

/event
identity.created
/event
identity.verified
/event
identity.reconciled
/event
identity.suspended
/event
alias.assigned
/event
alias.released
/event
access.granted
/event
access.revoked

04/Access Federation APIs

Operational systems

Bind identity to access events.

Access systems, attendance systems, and visitor systems consume canonical identity as the reference for who is on site, who is permitted, and what happened.

▸ Access event
POST /v1/access/events
{
  "identity": "WRK-H-9X82K1P3",
  "site":     "PORT-NYC-01",
  "type":     "entry",
  "ts":       "2026-05-20T08:12:04Z"
}

→ { "ok": true, "permitted": true }
Conceptual example
▸ Join early access