Skip to main content

Quickstart

This guide walks through a server-side verification flow using the REST API directly. For mobile integrations, see the Android SDK or iOS SDK guides.

Prerequisites

  • A Kora IDV account (sign up)
  • Your API key (starts with test_ for sandbox)
  • Your Tenant ID (UUID from your dashboard)

Step 1: Create a verification

curl -X POST https://api.korastratum.com/api/v1/idv/verifications \
  -H "Authorization: Bearer $KORAIDV_API_KEY" \
  -H "X-Tenant-ID: $KORAIDV_TENANT_ID" \
  -H "Content-Type: application/json" \
  -d '{
    "externalId": "user-123",
    "tier": "standard",
    "callbackUrl": "https://your-server.com/webhooks/koraidv"
  }'

Save the returned id — you'll use it in all subsequent steps.

Step 2: Upload a document

Upload the front of the identity document as a base64-encoded image.

curl -X POST https://api.korastratum.com/api/v1/idv/verifications/$VERIFICATION_ID/document \
  -H "Authorization: Bearer $KORAIDV_API_KEY" \
  -H "X-Tenant-ID: $KORAIDV_TENANT_ID" \
  -H "Content-Type: application/json" \
  -d '{
    "documentType": "us_passport",
    "imageBase64": "'$(base64 -i document.jpg)'"
  }'

Step 3: Upload a selfie

curl -X POST https://api.korastratum.com/api/v1/idv/verifications/$VERIFICATION_ID/selfie \
  -H "Authorization: Bearer $KORAIDV_API_KEY" \
  -H "X-Tenant-ID: $KORAIDV_TENANT_ID" \
  -H "Content-Type: application/json" \
  -d '{
    "imageBase64": "'$(base64 -i selfie.jpg)'"
  }'

Step 4: Complete the verification

This triggers scoring, compliance screening, and a final decision.

curl -X POST https://api.korastratum.com/api/v1/idv/verifications/$VERIFICATION_ID/complete \
  -H "Authorization: Bearer $KORAIDV_API_KEY" \
  -H "X-Tenant-ID: $KORAIDV_TENANT_ID"

Step 5: Receive the webhook

Your callbackUrl receives a verification.completed event:

{
  "id": "evt_def456",
  "eventType": "verification.completed",
  "resourceType": "verification",
  "resourceId": "ver_abc123",
  "tenantId": "your-tenant-id",
  "timestamp": "2025-01-15T10:35:00Z",
  "data": {
    "verificationId": "ver_abc123",
    "externalId": "user-123",
    "status": "verified",
    "decision": "auto_approve",
    "decisionReason": "All checks passed",
    "overallScore": 96.3
  }
}

Always verify the webhook signature before processing.

What's next

  • Mobile SDKs — The SDK handles document capture, selfie, and liveness — so you don't build camera UIs.
  • Webhooks — Set up webhook signature verification and handle all event types.
  • Sandbox Testing — Use test fixtures for deterministic results without real documents.
  • Error Handling — Handle every error code with recovery suggestions.