API ReferenceSessions

Create a verification session

Creates a new verification session and returns a capture_url that you redirect (or embed) for the end user to complete identity verification.

Required scope: sessions:create or sessions:write

Authentication

X-API-Keystring

Organization API key. Keys are prefixed with vk_live_ (production) or vk_sandbox_ (sandbox).

Headers

Idempotency-KeystringOptional<=255 characters

Unique key for idempotent requests. Cached for 24 hours. Sending the same key with different parameters returns 422.

Verifa-VersiondateOptional

API version date string (e.g. 2026-02-01). If omitted, the version pinned to your API key is used.

Key-InflectionenumOptionalDefaults to snake

Response key casing. Defaults to snake.

Allowed values:

Request

This endpoint expects an object.
external_refstringOptional
Your internal reference for this user or transaction.
metadatamap from strings to anyOptional

Arbitrary key-value metadata attached to the session.

countrystringOptional=2 characters

ISO 3166-1 alpha-2 country code for document expectations.

checkslist of stringsOptional

Per-session check overrides. If omitted, the workflow’s default checks are used.

workflow_idstringOptional
Workflow to use for this session.
redirect_urlstringOptionalformat: "uri"
URL to redirect the user to after capture is complete.

Response headers

X-RateLimit-Limitinteger
Maximum requests allowed in the current window.
X-RateLimit-Remaininginteger
Requests remaining in the current window.
X-RateLimit-Resetinteger
Unix timestamp when the rate limit window resets.

Response

Session created.
idstring
Session ID.
statusenum
capture_urlstringformat: "uri"
URL to redirect the end user for identity capture.
is_sandboxboolean
Whether this is a sandbox session.
created_atdatetime
expires_atdatetime
external_refstring or null
qr_code_data_urlstring or null

Base64-encoded QR code PNG pointing to the capture URL.

tagslist of strings

Free-form tags attached to this session.

Errors

400
Bad Request Error
401
Unauthorized Error
422
Unprocessable Entity Error
429
Too Many Requests Error