Skip to main content

Authentication

All Identity API endpoints use HTTP Basic Auth. Pass your clientId as the username and clientSecret as the password on every request.
Never make these calls from a browser or mobile client. Your clientSecret must remain server-side only.

Step 1 — Check if the customer exists

Before creating a new customer, check whether one already exists for the user’s phone number to avoid duplicate records.
If customerId is returned, the customer already exists — skip to Step 3. If the response is empty, proceed to Step 2.

Step 2 — Create the customer

Register the user with their phone number. The customerId returned here is your durable reference to this user in all subsequent API calls.
Store customerId against your user record in your own database.

Step 3 — Generate a widget URL

Call this endpoint from your backend to get a hosted widget URL for the user. Choose the right flow and scope for your use case.

Choosing a flow

Choosing scopes

Pass multiple scopes together: ["profile", "doc_kyc"] is the standard full-KYC combination.

manualKycUrl

Provide a manualKycUrl as a fallback destination if the user cannot be verified automatically (e.g. document scan quality is too low). This is optional but recommended for production.

Step 4 — Redirect the user

Return the widgetUrl to your frontend and redirect the user to it, or embed it in an iframe.
The widget handles all verification steps. When the user completes (or abandons) the flow, they are redirected to your successUrl.

Step 5 — Retrieve the verified identity

After the user returns to your successUrl, call this endpoint from your backend to retrieve the verified data.

Response

What’s included per scope

Fields outside the consented scopes are returned as null. If the identity belongs to another client (i.e. kyc_sharing flow), the API enforces consent state:

Error reference


Go to production

  1. Test the full flow end-to-end in sandbox.
  2. Confirm identity data is retrieved correctly after widget completion.
  3. Contact your Sardine integration contact to complete the review.
  4. Swap api.sandbox.sardine.aiapi.sardine.ai and replace with production credentials.