Get production-ready with AutoKYC APIs, SDKs, and webhooks

Build onboarding, ongoing due diligence, and escalations with dual AML coverage, a programmable rules engine, and consent-aware SDKs. Start with a quickstart, wire webhooks, then add channel-specific SDKs when you are ready.

Talk to developer success Jump to quickstarts

Language-specific quickstarts

Each snippet submits a compliant onboarding workflow, storing consent, routing through the rules engine, and logging immutable evidence. Copy an environment-ready example or adapt it to your deployment pipeline.

cURL Bootstrap AutoKYC in the terminal.JavaScript Bootstrap AutoKYC in JavaScript.Python Bootstrap AutoKYC in Python.Go Bootstrap AutoKYC in Go.

cURL quickstart

Test the REST API with a minimal onboarding request. Ideal for smoke testing networking, credentials, and environment routing.

              curl -X POST 'https://api.autokyc.com/v1/kyc/onboard' \
  -H 'Authorization: Bearer $AUTOKYC_API_KEY' \
  -H 'Content-Type: application/json' \
  -d '{
    "applicant": {
      "email": "casey@example.com",
      "firstName": "Casey",
      "lastName": "Nguyen",
      "dob": "1993-04-12"
    },
    "workflow": "standard_kyc",
    "channels": ["web", "mobile"],
    "consent": {
      "marketing": false,
      "termsAcceptedAt": "2024-04-05T13:20:40Z"
    }
  }'

Tip: Swap standard_kyc with your policy slug to reuse the same decisioning logic for ODD and EDD refreshes.

JavaScript quickstart

Use the official JavaScript SDK to initialise the web embed, listen for decision events, and pass custom metadata.

              import { AutoKYC } from '@autokyc/web-sdk';

const widget = new AutoKYC({
  apiKey: process.env.AUTOKYC_PUBLISHABLE_KEY,
  workflow: 'standard_kyc',
  applicant: {
    referenceId: 'cust_90210',
    email: 'casey@example.com',
  },
  locale: 'en',
});

widget.mount('#autokyc-onboarding');

widget.on('completed', async (payload) => {
  await fetch('/api/kyc/callback', {
    method: 'POST',
    headers: { 'Content-Type': 'application/json' },
    body: JSON.stringify(payload),
  });
});

Tip: Swap standard_kyc with your policy slug to reuse the same decisioning logic for ODD and EDD refreshes.

Python quickstart

Create a server-side onboarding from Python using the requests library and capture webhook signatures for auditing.

              import os
import requests

API_KEY = os.environ['AUTOKYC_API_KEY']
BASE_URL = 'https://api.autokyc.com/v1'

payload = {
    "workflow": "standard_kyc",
    "applicant": {
        "email": "casey@example.com",
        "firstName": "Casey",
        "lastName": "Nguyen",
    },
    "metadata": {
        "productTier": "premium",
        "referrer": "web_checkout"
    }
}

response = requests.post(
    f"{BASE_URL}/kyc/onboard",
    headers={
        "Authorization": f"Bearer {API_KEY}",
        "Content-Type": "application/json",
    },
    json=payload,
    timeout=10,
)

response.raise_for_status()
print(response.json())

Tip: Swap standard_kyc with your policy slug to reuse the same decisioning logic for ODD and EDD refreshes.

Go quickstart

Leverage Go for backend orchestration with context-aware timeouts and structured logging for downstream observability.

              package main

import (
  "bytes"
  "context"
  "encoding/json"
  "log"
  "net/http"
  "os"
  "time"
)

type Applicant struct {
  Email     string `json:"email"`
  FirstName string `json:"firstName"`
  LastName  string `json:"lastName"`
}

type RequestBody struct {
  Workflow string    `json:"workflow"`
  Applicant Applicant `json:"applicant"`
}

func main() {
  body := RequestBody{
    Workflow: "standard_kyc",
    Applicant: Applicant{
      Email:     "casey@example.com",
      FirstName: "Casey",
      LastName:  "Nguyen",
    },
  }

  payload, err := json.Marshal(body)
  if err != nil {
    log.Fatal(err)
  }

  ctx, cancel := context.WithTimeout(context.Background(), 10*time.Second)
  defer cancel()

  req, err := http.NewRequestWithContext(ctx, http.MethodPost, "https://api.autokyc.com/v1/kyc/onboard", bytes.NewBuffer(payload))
  if err != nil {
    log.Fatal(err)
  }

  req.Header.Set("Authorization", "Bearer "+os.Getenv("AUTOKYC_API_KEY"))
  req.Header.Set("Content-Type", "application/json")

  res, err := http.DefaultClient.Do(req)
  if err != nil {
    log.Fatal(err)
  }
  defer res.Body.Close()

  if res.StatusCode >= 300 {
    log.Fatalf("unexpected status: %s", res.Status)
  }
}

Tip: Swap standard_kyc with your policy slug to reuse the same decisioning logic for ODD and EDD refreshes.

Webhooks keep downstream systems in sync

Subscribe to lifecycle events that mirror every decision taken by the rules engine or analyst votes. All payloads include versioned schemas, jurisdiction tags, and immutable evidence pointers.

High signal events: kyc.decision.finalised, kyb.ubo.review_required, risk.case.escalated
Signature verification: Validate X-AutoKYC-Signature headers with SHA-256 HMAC secrets scoped per environment, and replay protect payloads using the deliveredAt timestamp.
Retries & durability: We retry for 72 hours with exponential backoff, then hand off to the escalation engine so analysts can resubmit once downstream systems are healthy.

Need to forward payloads to secure networks? Use AutoKYC relay endpoints to fan out to private queues without exposing public ingress.

SDKs tailored to regulated onboarding

Each SDK inherits privacy-by-design defaults, liveness detection, and analytics consent gating. Choose the channel that matches your product and deploy without reimplementing core orchestration logic.

Web SDK

Consent-aware browser experiences

Embed drop-in flows with automatic locale detection, accessibility optimisations, and CSP-friendly asset delivery.

Read the web guide →

iOS SDK

Native capture with secure enclave

Capture NFC, document scans, and biometrics with background uploads, device binding, and offline caching.

Read the iOS guide →

Android SDK

Low-latency verification on any device

Optimised for emerging markets with adaptive bitrate streaming, offline fallback, and strict data retention controls.

Read the Android guide →

React Native SDK

One codebase for hybrid apps

Share flows across iOS and Android while keeping native modules for liveness, encryption, and consent capture.

Read the React Native guide →

API & SDK changelog Webhook schema reference Request an integration review