Authentication
All Identity API endpoints use HTTP Basic Auth. Pass yourclientId as the username and clientSecret as the password on every request.
Step 1 — Check if the customer exists
Before creating a new customer, check whether one already exists for the user’s phone number to avoid duplicate records.customerId is returned, the customer already exists — skip to Step 3. If the response is empty, proceed to Step 2.
Step 2 — Create the customer
Register the user with their phone number. ThecustomerId returned here is your durable reference to this user in all subsequent API calls.
customerId against your user record in your own database.
Step 3 — Generate a widget URL
Call this endpoint from your backend to get a hosted widget URL for the user. Choose the rightflow and scope for your use case.
Choosing a flow
Choosing scopes
Pass multiple scopes together:
["profile", "doc_kyc"] is the standard full-KYC combination.
manualKycUrl
Provide amanualKycUrl as a fallback destination if the user cannot be verified automatically (e.g. document scan quality is too low). This is optional but recommended for production.
Step 4 — Redirect the user
Return thewidgetUrl to your frontend and redirect the user to it, or embed it in an iframe.
successUrl.
Step 5 — Retrieve the verified identity
After the user returns to yoursuccessUrl, call this endpoint from your backend to retrieve the verified data.
Response
What’s included per scope
Fields outside the consented scopes are returned as
null.
Consent states
If the identity belongs to another client (i.e.kyc_sharing flow), the API enforces consent state:
Error reference
Go to production
- Test the full flow end-to-end in sandbox.
- Confirm identity data is retrieved correctly after widget completion.
- Contact your Sardine integration contact to complete the review.
- Swap
api.sandbox.sardine.ai→api.sardine.aiand replace with production credentials.