API ReferenceSessions

Generate a one-time verification link

Creates a single-use verification URL for the session. Any previously active link is automatically revoked. The returned `capture_url` can be sent to the end-user via email, SMS, or embedded in your application. Once visited, the link is consumed and cannot be reused. Generate a new link if the user needs another attempt. Sessions that are `completed`, `failed`, or redacted cannot have links generated.

Authentication

X-API-Keystring

Organization API key. Keys are prefixed with vk_live_ (production) or vk_sandbox_ (sandbox).

Path parameters

session_idstringRequired

Session ID (ses_*).

Headers

Verifa-VersiondateOptional

API version date string (e.g. 2026-02-01). If omitted, the version pinned to your API key is used.

Key-InflectionenumOptionalDefaults to snake

Response key casing. Defaults to snake.

Allowed values:
Idempotency-KeystringOptional<=255 characters

Unique key for idempotent requests. Cached for 24 hours. Sending the same key with different parameters returns 422.

Request

This endpoint expects an object.
expires_in_minutesinteger or nullOptional
Custom expiry in minutes. Defaults to the platform session expiry.

Response

One-time link created.

idstring
Public ID of the session link.
session_idstring
Public ID of the parent session.
capture_urlstringformat: "uri"

One-time verification URL to send to the end-user.

statusenum
Current status of the link.
Allowed values:
expires_atdatetime
When this link expires.
created_atdatetime
When this link was created.
qr_code_data_urlstring or null

Base64-encoded QR code image pointing to the capture URL.

Errors

400
Bad Request Error
401
Unauthorized Error
404
Not Found Error
422
Unprocessable Entity Error