Create Session
Sessions
Create Session
Create a new identity verification session
POST
Create Session
Request
Headers
| Header | Required | Description |
|---|---|---|
x-api-key | Yes | Your API key |
Content-Type | Yes | application/json |
Body parameters
Both camelCase and snake_case parameter names are accepted. If both are provided for the same field, the camelCase value takes priority.| Parameter | Alias | Type | Required | Description |
|---|---|---|---|---|
first_name | firstName | string | Yes | Applicant’s first name |
last_name | lastName | string | Yes | Applicant’s last name |
email | — | string | Yes | Applicant’s email address |
phone | — | string | Yes | Applicant’s phone number in E.164 format (e.g. +15192223333) |
external_id | externalId | string | No | Your internal reference ID for this session |
send_email_invite | sendEmailInvite | boolean | No | Send an email invitation to the applicant. Defaults to true |
send_phone_invite | sendPhoneInvite | boolean | No | Send an SMS invitation to the applicant. Defaults to true |
workflow_id | workflowId | string | No | ID of the workflow to use. If omitted, runs as a standalone verification |
redirect_url | redirectUrl | string | No | HTTPS URL to redirect the end-user to after the verification session ends. Must be a valid HTTPS URL |
Example request
Response
200 — Success
| Field | Type | Description |
|---|---|---|
id | string | Unique identifier for the created session |
session_url | string | Base URL where the applicant completes verification |
externalId | string | Your external ID (only returned if provided in the request) |
links | array | Associated verification links |
Error responses
| Status | Description |
|---|---|
400 Bad Request | Invalid request body — check required fields and phone format |
401 Unauthorized | Missing or invalid API key |
402 Payment Required | Insufficient token balance |
404 Not Found | Workflow ID not found |
429 Too Many Requests | Rate limit exceeded |
Redirect URL
When aredirect_url is provided in the request, the returned session_url will include it as an encoded query parameter:
redirect_url with the following query parameters appended:
| Parameter | Type | Description |
|---|---|---|
session_id | string | The session ID |
status | string | The outcome of the session |
reason | string | Additional context for the outcome (omitted when status is success) |
Status values
| Value | Description |
|---|---|
success | Verification session was completed and submitted successfully |
failed | Session encountered an error during the verification process |
abandoned | User manually exited the session without completing |
Reason values
| Value | Description |
|---|---|
document_unreadable | The uploaded ID document could not be processed (blurry, glare, wrong doc type, etc.) |
face_mismatch | Liveness/selfie did not match the document photo |
session_expired | The session timed out before the user completed verification |
internal_error | An unexpected server-side error occurred |
user_cancelled | User explicitly chose to leave/cancel the verification |
unknown | Catch-all for any unclassified failure |
The
reason parameter is omitted when status=success. When
status=abandoned, the reason will typically be user_cancelled. New reason
values may be added in the future — your integration should handle unknown
reasons gracefully.