KYC Document API (3.0)
Download OpenAPI specification:Download
The KYC Document API is organized around REST with predictable resource-oriented URLs, standard HTTP response codes, authentication, and verbs. It provides endpoints for authorization, transaction creation, document upload, verification, and retrieval of results.
Biometric notice (e.g., BIPA): Some US states regulate the collection and use of biometric identifiers and information, including facial scan data extracted from photos used in document verification. Customers must implement a notice and consent mechanism and confirm via API that the individual has consented as prescribed. Consult legal counsel for compliance.
For service-specific terms, see: https://www.trulioo.com/legal/SST
Obtain OAuth2 access token (client credentials)
Obtain a Bearer access token using OAuth2 client credentials.
Request Body schema: application/x-www-form-urlencoded
| grant_type required | string Value: "client_credentials" |
| client_id required | string |
| client_secret required | string |
| scope required | string |
Responses
Response samples
- 200
Content type
application/json
{- "access_token": "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9...",
- "token_type": "Bearer",
- "expires_in": 3600,
- "scope": "docv.api.us"
}Create a short code for SDK handoff
Generates a single-use short code (valid for 5 minutes) to continue the verification flow in an SDK. The short code locks the workflow to the same transaction identifier that was generated during authorization.
Authorizations:
AccessToken
header Parameters
| Accept-Version required | string Example: 3.0 API version header. |
Responses
Response samples
- 200
- 401
- 403
- 429
- 500
Content type
application/json
{- "shortCode": "qWinHpfejeezSqek"
}Create and configure a transaction
Creates a transaction with configuration options for document verification, selfie liveness verification, biometric verification, and optional SDK configuration for client-side capture.
Authorizations:
AccessToken
header Parameters
| Accept-Version required | string Example: 3.0 API version header. |
Request Body schema: application/json
object (DocumentVerificationConfig) Document verification configuration. | |
object (SelfieVerificationConfig) Selfie liveness verification configuration. | |
Array of objects (MatcherConfig) | |
object (SubjectInfo) Customer Input Personal Identification Information. | |
Array of objects (SubjectInfo) | |
object (BiometricVerificationConfig) Biometric verification configuration. | |
object (SDK) SDK configuration for client-side capture and UI settings. | |
| webhookUrl | string <uri> Callback URL for webhook notifications |
| clientId | string <= 150 characters Optional client identifier, max length 150 characters |
object (DocumentLivenessConfig) Configuration for document liveness checks. |
Responses
Request samples
- Payload
Content type
application/json
{- "documentVerification": {
- "enabled": true,
- "documentsAccepted": [ ],
- "acceptFrontImageOnly": false,
- "acceptList": [ ],
- "denyList": [ ]
}, - "selfieVerification": {
- "enabled": true
}, - "matcherConfigs": [
- {
- "matchers": [
- {
- "token": "FIRST_NAME",
- "precision": "EXACT_MATCH",
- "strategy": {
- "transliterationMatch": {
- "enabled": false
}, - "tokenMatch": {
- "enabled": false,
- "tokenSimilarityThreshold": 0.75
}, - "basicFuzzyMatch": {
- "enabled": true
}
}
}
], - "active": true
}
], - "subjectInfo": {
- "firstName": "John",
- "middleName": "Smith",
- "lastName": "Doe",
- "fullName": "John Smith Doe",
- "dateOfBirth": "1980-01-01",
- "addressLine1": "123 Main Street",
- "stateProvince": "BC",
- "city": "Vancouver",
- "postalCode": "V5V 0A0",
- "country": "CA",
- "firstLastName": "López",
- "secondLastName": "García",
- "birthLastName": "GABLER",
- "spouseLastName": "Molenaar"
}, - "subjectInfoList": [
- {
- "firstName": "John",
- "middleName": "Smith",
- "lastName": "Doe",
- "fullName": "John Smith Doe",
- "dateOfBirth": "1980-01-01",
- "addressLine1": "123 Main Street",
- "stateProvince": "BC",
- "city": "Vancouver",
- "postalCode": "V5V 0A0",
- "country": "CA",
- "firstLastName": "López",
- "secondLastName": "García",
- "birthLastName": "GABLER",
- "spouseLastName": "Molenaar"
}
], - "biometricVerification": {
- "enabled": false,
- "uniquePersonIdentifier": "",
- "externalUniquePersonIdentifier": ""
}, - "sdk": {
- "captureDocumentEnabled": true,
- "captureSelfieEnabled": true,
- "countrySelectionEnabled": false,
- "jurisdictionSelectionEnabled": false,
- "documentSelectEnabled": true,
- "additionalConsentRequired": false,
- "useDeviceLocale": true,
- "locale": "en-US",
- "theme": {
- "style": "DEVICE",
- "colors": {
- "light": {
- "primary": "#004080",
- "primaryButton": "#0066cc",
- "primaryButtonText": "#ffffff",
- "secondary": "#f2f2f2",
- "background": "#ffffff",
- "surface": "#f9f9f9",
- "error": "#ff0000",
- "onPrimary": "#ffffff",
- "onSecondary": "#000000",
- "onBackground": "#000000",
- "onSurface": "#000000",
- "onError": "#ffffff"
}, - "dark": {
- "primary": "#004080",
- "primaryButton": "#0066cc",
- "primaryButtonText": "#ffffff",
- "secondary": "#f2f2f2",
- "background": "#ffffff",
- "surface": "#f9f9f9",
- "error": "#ff0000",
- "onPrimary": "#ffffff",
- "onSecondary": "#000000",
- "onBackground": "#000000",
- "onSurface": "#000000",
- "onError": "#ffffff"
}
}
}
}, - "clientId": "string",
- "documentLivenessConfig": {
- "screenUsed": {
- "enabled": true,
- "calibration": "MEDIUM"
}, - "printout": {
- "enabled": true,
- "calibration": "MEDIUM"
}, - "portraitSubstitution": {
- "enabled": true,
- "calibration": "MEDIUM"
}, - "skipAlreadyCropped": false
}
}
Response samples
- 201
- 400
- 401
- 403
- 409
- 429
- 500
Content type
application/json
{- "transactionId": "75906707-8c31-479c-b354-aa805c4cefbc"
}Upload a document or selfie image
Upload file(s) for a verification process. Accepts:
- Images: JPEG (
image/jpeg), PNG (image/png) - PDF: (
application/pdf) Maximum file size: 10 MB. Minimum: 20 KB.
Authorizations:
AccessToken
header Parameters
| Accept-Version required | string Example: 3.0 API version header. |
Request Body schema: multipart/form-data
| context required | string Default: "front" Enum: "front" "back" "live" "pdf"
|
| body required | string <binary> The file to upload. Accepts image/jpeg, image/png, or application/pdf. |
Responses
Response samples
- 200
- 400
- 401
- 403
- 413
- 422
- 429
- 500
Content type
application/json
{- "imageId": "bbefe473-c66a-4040-85cf-1c7e6f0b3830"
}Start verification for the current transaction
Starts the verification process and returns the status.
Authorizations:
AccessToken
header Parameters
| Accept-Version required | string Example: 3.0 API version header. |
Responses
Response samples
- 200
- 202
- 400
- 401
- 403
- 404
- 422
- 429
- 500
- 503
Content type
application/json
{- "status": "ACCEPTED"
}Get transaction data
Retrieves detailed information for a verification process by transaction identifier.
Authorizations:
AccessToken
path Parameters
| transactionId required | string <uuid> |
header Parameters
| Accept-Version required | string Example: 3.0 API version header. |
Responses
Response samples
- 200
- 400
- 401
- 404
- 429
- 500
Content type
application/json
{- "transactionId": "28087e85-9c6c-4ce9-83e2-1fb3d66b8cde",
- "clientId": "8005efed-e683-40ab-a803-56eba164b767",
- "timeOfTransaction": "2023-01-01T16:00:00Z",
- "status": "REVIEW",
- "errors": [
- "string"
], - "indicators": [
- {
- "type": "DOCUMENT",
- "result": "REVIEW",
- "description": "Document requires a review.",
- "score": 90,
- "subindicators": [
- {
- "type": "BARCODE",
- "result": "NOT_RUN",
- "description": "Check was skipped.",
- "code": "BARCODE_INTEGRITY"
}
]
}
], - "person": {
- "fullName": "Sherlock Holmes",
- "firstName": "Sherlock",
- "middleName": "Scott",
- "lastName": "Holmes",
- "dateOfBirth": "1859-05-22",
- "placeOfBirth": "London",
- "nationality": "England",
- "gender": "F",
- "location": {
- "fullAddress": "221b Baker St, London, England, NW16XE",
- "addressLine1": "221b Baker St",
- "addressLine2": "London, State, NW16XE",
- "city": "London",
- "stateProvince": "State",
- "country": "England",
- "zipCode": "NW16XE"
}, - "standardizedLocation": {
- "fullAddress": "221b Baker St, London, England, NW16XE",
- "addressLine1": "221b Baker St",
- "addressLine2": "London, State, NW16XE",
- "city": "London",
- "stateProvince": "State",
- "country": "England",
- "zipCode": "NW16XE"
}, - "alternateFirstName": "小明",
- "alternateMiddleName": "大",
- "alternateLastName": "王",
- "alternateFullName": "王大小明",
- "alternateDateOfBirth": "πρώτος Ιανουαρίου",
- "alternateLocation": {
- "fullAddress": "1234バンクーバー通り, バンクーバー, ブリティッシュコロンビア, カナダ, NW16XE",
- "addressLine1": "1234バンクーバー通り",
- "addressLine2": "バンクーバー",
- "city": "バンクーバー",
- "stateProvince": "ブリティッシュコロンビア",
- "country": "カナダ",
- "zipCode": "מיקוד"
}, - "firstLastName": "Silva",
- "secondLastName": "Pereira",
- "alternateFirstLastname": "司",
- "alternateSecondLastName": "徒",
- "birthLastName": "Holmes",
- "spouseLastName": "Smith"
}, - "document": {
- "documentType": "PASSPORT",
- "documentName": "Australia - ePassport (2009) Travel Document",
- "dlCategory": "Class 5",
- "documentNumber": "EX504966",
- "documentNumber2": "A09354726",
- "documentNumber3": "C07321129",
- "documentNumber4": "D06364026",
- "documentCountry": "GB",
- "jurisdictionCode": "ENG",
- "issueDate": "2020-11-17T00:00:00Z",
- "expirationDate": "2030-11-17T00:00:00Z",
- "alternateDocumentNumber": "一百二十三萬四千五百六十七",
- "alternateDocumentNumber2": "一百二十三萬四千五百六十七",
- "alternateDocumentNumber3": "一百二十三萬四千五百六十七",
- "alternateDocumentNumber4": "一百二十三萬四千五百六十七",
- "alternateExpiryDate": "2050 年 1 月 1 日",
- "alternateIssueDate": "2000 年 1 月 1 日",
- "mrzLineOne": "PASGPLEE<<ZHEN<CHENG<<<<<<<<<<<<<<<<<<<<<<<<",
- "mrzLineTwo": "K1167647Z7SGP9112090M2412137S9146294Z<<<<<22",
- "mrzLineThree": "K1167647Z7SGP9112090M2412137S9146294Z<<<<<22"
}, - "images": {
}, - "matcherResults": [
- {
- "results": [
- {
- "matcherToken": {
- "token": "FIRST_NAME",
- "pii": {
- "customerInput": "JOHN",
- "ocrInput": "JOHN"
}, - "precision": "EXACT_MATCH"
}, - "resultPrecision": "EXACT_MATCH",
- "description": "string"
}
], - "active": true
}
], - "biometricVerification": {
- "enrolment": {
- "uniquePersonIdentifier": "4a86fdb0-1839-4e2c-b880-9b0bb9c47650",
- "enrolledImageId": "ffa25d31-e16d-48e4-90be-4124b425154d",
- "timeOfEnrolment": "2025-07-03T21:49:30.903Z",
- "livenessScore": 99,
- "enrolledImagesCount": 1,
- "externalUniquePersonIdentifier": "c52ae4f9-e99d-430f-a776-203f358ef1e4"
}, - "verification": {
- "uniquePersonIdentifier": "4a86fdb0-1839-4e2c-b880-9b0bb9c47650",
- "selfieImageId": "0757409e-61ee-49e6-b6d9-f0f3b9682053",
- "verificationType": "MATCH",
- "imagesComparedCount": 1,
- "externalUniquePersonIdentifier": "c52ae4f9-e99d-430f-a776-203f358ef1e4",
- "matchedImages": [
- {
- "imageId": "ffa25d31-e16d-48e4-90be-4124b425154d",
- "imageCapturedTime": "2025-07-03T21:49:30.903Z",
- "score": 46,
- "source": "API"
}
]
}
}, - "uniquePersonIdentifier": "ede60aad-b484-484c-8f31-9c51e55efe67",
- "networkInsight": [
- {
- "transactionId": "4a86fdb0-1839-4e2c-b880-9b0bb9c47650",
- "status": "Accepted",
- "timestamp": "2025-07-03T21:49:30.903999812Z",
- "matchCount": 6,
- "networkInsightData": {
- "fullName": true,
- "dateOfBirth": true,
- "standardizedAddress": true,
- "ipAddress": true,
- "docNumber": true,
- "knownFace": true
}
}
]
}Create a new KnownFaces list
Creates a new KnownFaces list
Authorizations:
AccessToken
header Parameters
| Accept-Version required | string Example: 3.0 API version header. |
Request Body schema: application/json
| listName required | string <= 32 characters The list name (max 32 characters, alphanumeric, -, _, and space only. No duplicate entries) |
Responses
Request samples
- Payload
Content type
application/json
{- "listName": "string"
}Response samples
- 201
- 400
- 401
- 403
- 409
- 500
Content type
application/json
{- "listId": "9fc6ad7d-902a-4834-b161-a4911b883d44",
- "listName": "string"
}Get all transactions tagged to the specified list
Lists all transactions under a list
Authorizations:
AccessToken
path Parameters
| listId required | string |
header Parameters
| Accept-Version required | string Example: 3.0 API version header. |
Responses
Response samples
- 200
- 400
- 401
- 403
- 404
- 500
Content type
application/json
{- "listId": "9fc6ad7d-902a-4834-b161-a4911b883d44",
- "listName": "string",
- "transactionIds": [
- "string"
]
}Delete a KnownFaces list
Authorizations:
AccessToken
path Parameters
| listId required | string |
header Parameters
| Accept-Version required | string Example: 3.0 API version header. |
Responses
Response samples
- 400
- 401
- 403
- 404
- 500
Content type
application/json
{- "code": "FACE_IMAGE_MISSING",
- "message": "Face image missing. Make sure the selfie image is available.",
- "details": { }
}Add transactions to a list
Authorizations:
AccessToken
path Parameters
| listId required | string <uuid> UUID of the list |
header Parameters
| Accept-Version required | string Example: 3.0 API version header. |
Request Body schema: application/json
| transactionIds | Array of strings <uuid> <= 5000 items Transaction Ids to be added to the list (max 5000 transactions per list) |
Responses
Request samples
- Payload
Content type
application/json
{- "transactionIds": [
- "497f6eca-6276-4993-bfeb-53cbbbba6f08"
]
}Response samples
- 200
- 400
- 401
- 403
- 404
- 409
- 500
Content type
application/json
{- "failedTransactions": [
- {
- "transactionId": "string",
- "cause": "TRANSACTION_NOT_FOUND"
}
]
}Delete a transaction from a list
Authorizations:
AccessToken
path Parameters
| listId required | string <uuid> UUID of the list |
| transactionId required | string <uuid> UUID of the transaction |
header Parameters
| Accept-Version required | string Example: 3.0 API version header. |
Responses
Response samples
- 400
- 401
- 403
- 404
- 500
Content type
application/json
{- "code": "FACE_IMAGE_MISSING",
- "message": "Face image missing. Make sure the selfie image is available.",
- "details": { }
}Update list metadata
Authorizations:
AccessToken
path Parameters
| listId required | string <uuid> UUID of the list |
header Parameters
| Accept-Version required | string Example: 3.0 API version header. |
Responses
Response samples
- 200
- 400
- 401
- 403
- 404
- 500
Content type
application/json
[- {
- "listId": "9fc6ad7d-902a-4834-b161-a4911b883d44",
- "listName": "string"
}
]Upload a selfie
Submit one or more selfies in Base64 encoding for enrolment. It accepts images in PNG, WEBP, and JPG formats.
Authorizations:
AccessToken
header Parameters
| Accept-Version required | string Example: 3.0 API version header. |
Request Body schema: application/json
| selfies | Array of strings <= 3 items List of strings, which are images in Base64 encoding. Only one is read for now, but multiple image input will be allowed in the future. |
Responses
Request samples
- Payload
Content type
application/json
{- "selfies": [
- "image 1",
- "image 2",
- "image 3"
]
}Response samples
- 200
- 400
- 403
- 500
Content type
application/json
{- "uniquePersonIdentifier": "e5ac7bc7-4155-4500-b6db-7ed110c75a12",
- "externalUniquePersonIdentifier": "string",
- "enrolmentResults": {
- "result": "SUCCESS",
- "livenessScore": 0,
- "errorList": [
- "string"
]
}
}Upload a selfie with external unique person identifier
Submit one or more selfies in Base64 encoding for enrolment, attaching a unique identifier with context in a system external to Trulioo. It accepts images in PNG and JPG format and PDF files.
Authorizations:
AccessToken
path Parameters
| externalUniquePersonIdentifier required | string |
header Parameters
| Accept-Version required | string Example: 3.0 API version header. |
Request Body schema: application/json
| selfies | Array of strings <= 3 items List of strings, which are images in Base64 encoding. Only one is read for now, but multiple image input will be allowed in the future. |
Responses
Request samples
- Payload
Content type
application/json
{- "selfies": [
- "image 1",
- "image 2",
- "image 3"
]
}Response samples
- 200
- 400
- 403
- 500
Content type
application/json
{- "uniquePersonIdentifier": "e5ac7bc7-4155-4500-b6db-7ed110c75a12",
- "externalUniquePersonIdentifier": "string",
- "enrolmentResults": {
- "result": "SUCCESS",
- "livenessScore": 0,
- "errorList": [
- "string"
]
}
}Enrol selfie from an old transaction
Enrol selfie image that is available from old transaction
Authorizations:
AccessToken
path Parameters
| transactionId required | string <uuid> UUID of the transaction |
Responses
Response samples
- 200
- 400
- 403
- 500
Content type
application/json
{- "uniquePersonIdentifier": "e5ac7bc7-4155-4500-b6db-7ed110c75a12",
- "externalUniquePersonIdentifier": "string",
- "enrolmentResults": {
- "result": "SUCCESS",
- "livenessScore": 0,
- "errorList": [
- "string"
]
}
}