POST
Submit KYC With Token

Authorizations

app-id
string
header
required

A unique identifier assigned to each application.

secret-key
string
header
required

A secure token associated with the app-id.

Body

application/json
email
string
required

The contact's email used for verification.

token
string
required

Usage Notes:

  • You must call the Generate share token using Sumsub API first to obtain this token.
  • This token is a unique identifier linking the contact to their KYC verification process.
  • It is a required field and must be a valid token provided by Sumsub.
  • The token is time-sensitive and may expire after a certain period if the KYC process is not completed.
  • If the token is invalid or expired, the API will return an error.
webhook_notification
object
required

Merchant Callback Details

Callbacks

POST
{$request.body#/endpoint_url}KYCStatusChanged

Body

application/json
email
string

Contact's email

first_name
string

Contact's first name

last_name
string

Contact's last name

type
enum<string>

The type of contact (e.g., individual or organization)

Available options:
individual,
organization
Example:

"individual"

dob
string

Contact date of birth format 'yyyy-mm-dd'

phone
string

Contact's phone

Example:

"+61-412345678"

reg_no
string

Contact registration number.

gender
enum<string>

Contact's gender

Available options:
male,
female
Example:

"male"

street
string

The primary name of an address's street.

city
string

Name of an address's city or town.

postal_code
string

The address's postcode

state
string

The address's state / province / county.

country
string

ISO 3166-1 alpha-2 country code.

identity
object

Contains the most recent KYC submission details for the contact.

kyc_statuses
object[]

An array of KYC statuses for the contact, containing multiple KYC instances with status and message.

Response

200

The merchant's server should return this code

Response

KYC submission successful

status
string