Skip to main content
POST
/
api
/
v1
/
sub-accounts
/
{sub_auth_id}
/
kyc-sessions
Create a hosted KYC session
curl --request POST \
  --url https://api.vobiz.ai/api/v1/sub-accounts/{sub_auth_id}/kyc-sessions \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --data '
{
  "account_auth_id": "SA_XXXXXX",
  "flow_type": "email"
}
'
{
  "session_id": "a5f8da3c-b47f-40c3-a3e6-d2c9a0f27065",
  "account_auth_id": "SA_XXXXXX",
  "customer_email": "customer@example.com",
  "status": "email_sent",
  "expires_at": "2026-06-24T19:37:01.316686Z",
  "widget_url": null,
  "message": "KYC email dispatched successfully"
}

Documentation Index

Fetch the complete documentation index at: https://docs.vobiz.ai/llms.txt

Use this file to discover all available pages before exploring further.

Creates a Vobiz-hosted KYC session for the sub-account. Instead of driving each verification step yourself, you hand the customer off to the Vobiz-hosted KYC widget.
Authenticate as the parent main account with Authorization: Bearer {parent_jwt}.

Flow types

flow_typeBehaviorRequired field
email (default)Vobiz emails the customer a signed link (from kyc@vobiz.ai, hosted at kyc.vobiz.ai). The session sits in email_sent until they open it.customer_email
redirectThe response returns a widget_url directly — redirect the customer’s browser to it. No email is sent.redirect_url
This is the sub-account–scoped equivalent of the partner-level KYC Sessions endpoint. For session lifecycle, webhook events, and the verified_data shape, see that page — the hosted widget and status model are the same.

Authorizations

Authorization
string
header
required

Parent main-account JWT. Sub-account KYC endpoints authenticate as the parent account that owns the sub-account (or an admin), not with the X-Auth-ID / X-Auth-Token header pair.

Path Parameters

sub_auth_id
string
required

The sub-account's Auth ID.

Example:

"SA_XXXXXX"

Body

application/json
account_auth_id
string
required

The sub-account's auth_id (typically equal to the path sub_auth_id).

Example:

"SA_XXXXXX"

flow_type
enum<string>
default:email
required
Available options:
email,
redirect
customer_email
string<email>

Required when flow_type is email.

Example:

"customer@example.com"

redirect_url
string<uri>

Required when flow_type is redirect.

expires_in_days
integer
default:7
Example:

30

Response

KYC session created