GuidesWhitelabel APIs Tutorial

How to use KYC Reliance

Skip redundant KYC by reusing your existing verification with Transak
View as Markdown

In this tutorial, we will walk you through building KYC Reliance into an app using Transak’s Whitelabel APIs. By now, the user has selected a quote (using the Look Up APIs) and has been authenticated (using the User APIs). Before they can place an order, Transak needs to verify their identity.

KYC Reliance lets partners skip user identity verification if the user has already completed KYC with a trusted provider on the partner’s end. Transak supports two paths for KYC Reliance.

Two KYC Reliance Paths

PathWho provides the KYC dataBest for
Path 1: KYC Reliance using SumsubKYC Sumsub — via a sharing tokenPartners whose users already completed KYC inside Sumsub
Path 2: KYC Reliance using APIPartner passes all user details directly via APIsPartners using any KYC provider (Sumsub, Onfido, etc.)

Path 1: KYC Reliance using Sumsub

Partner generates a token from Sumsub and passes it to Transak via the KYC Reliance Quote API. Transak fetches the user’s verified identity data directly from Sumsub — the user skips KYC screening entirely.

1

Sumsub Dashboard Setup (one-time)

Set up your Sumsub dashboard for KYC Reliance using this guide.

2

Check Mandatory Fields

Before generating a share token, confirm the user’s Sumsub record contains all required fields. Transak will reject tokens for incomplete profiles.

Mandatory Fields for KYC Reliance using Sumsub (Full list of required fields, validations, and accepted formats — name, DOB, address, ID document, and liveness.)

3

Generate a KYC Share Token

Generate a KYC share token from your Sumsub dashboard or backend. This token is valid for 5 minutes and can only be used once — it is required to fetch the user’s KYC data from Sumsub.

To generate the token, follow the steps in How to Share Sumsub KYC.

4

Get KYC Reliance Quote

Once the KYC share token is generated, call the Get KYC Reliance Quote API with the kycShareToken and kycShareTokenProvider alongside the standard quote parameters.

This returns a quoteId scoped to the KYC Reliance flow.

Get KYC Reliance Quote
$curl "https://api-gateway-stg.transak.com/api/v2/kyc-reliance/quote?fiatCurrency=USD&cryptoCurrency=ETH&isBuyOrSell=BUY&fiatAmount=100&network=ethereum&paymentMethod=credit_debit_card&kycShareTokenProvider=SUMSUB&kycShareToken=YOUR_SUMSUB_SHARE_TOKEN" \
> -H "x-api-key: YOUR_API_KEY" \
> -H "x-user-ip: USER_IP_ADDRESS"

Store the returned quoteId — it is required for the next step.

5

Get KYC Reliance Status

Call Get KYC Reliance Status with the quoteId and kycShareToken to check whether Transak has successfully imported the user’s KYC data from Sumsub.

Get KYC Reliance Status
$curl "https://api-gateway-stg.transak.com/api/v2/kyc-reliance/status?quoteId=QUOTE_ID&kycShareToken=YOUR_SUMSUB_SHARE_TOKEN" \
> -H "x-api-key: YOUR_API_KEY" \
> -H "x-user-ip: USER_IP_ADDRESS" \
> -H "Authorization: USER_ACCESS_TOKEN"

The response contains the KYC import status: IMPORTED, DONE, or FAILED. Route the user based on this value.

6

Get Requirements

Call Get Requirements to check whether all mandatory fields have been successfully submitted. This step validates the completeness of the user’s KYC data before allowing order creation.

Get Requirements
$curl "https://api-gateway-stg.transak.com/api/v2/kyc-reliance/requirements?quoteId=QUOTE_ID" \
> -H "x-api-key: YOUR_API_KEY" \
> -H "x-user-ip: USER_IP_ADDRESS" \
> -H "Authorization: USER_ACCESS_TOKEN"

Inspect the response to determine next steps:

ResponseAction
All fields present and validProceed directly to order creation
personalDetails or addressDetails fields missingGo to Step 7 — patch the missing fields
additionalFormRequired: trueGo to Step 8 — fetch the additional requirements

The response lists every missing or invalid field. Use it to decide whether to patch identity data, collect an additional form, or proceed.

7

Patch Missing Details (if personal or address data is missing)

If the requirements check returned missing personalDetails or addressDetails, call Patch Identity Details to supply only the missing fields. You do not need to re-submit fields that are already accepted.

Patch Identity Details
$curl -X PATCH "https://api-gateway-stg.transak.com/api/v2/kyc-reliance/identity" \
> -H "x-api-key: YOUR_API_KEY" \
> -H "x-user-ip: USER_IP_ADDRESS" \
> -H "Authorization: USER_ACCESS_TOKEN" \
> -H "Content-Type: application/json" \
> -d '{
> "personalDetails": {
> "firstName": "Jane",
> "lastName": "Doe",
> "dob": "1998-01-01",
> "mobileNumber": "+33791112345"
> },
> "addressDetails": {
> "addressLine1": "170 Rue du Faubourg Saint-Denis",
> "city": "Paris",
> "state": "Paris",
> "postCode": "75010",
> "countryCode": "FR"
> }
> }'

After a successful PATCH, call Get Requirements again to confirm the fields are now accepted before proceeding.

8

Get Additional Requirements (if an additional form is required)

If the requirements check returned additionalFormRequired: true, call Get Additional Requirements to find out exactly what supplementary data Transak needs.

Get Additional Requirements
$curl "https://api-gateway-stg.transak.com/api/v2/kyc-reliance/additional-requirements?quoteId=QUOTE_ID" \
> -H "x-api-key: YOUR_API_KEY" \
> -H "x-user-ip: USER_IP_ADDRESS" \
> -H "Authorization: USER_ACCESS_TOKEN"

The response describes what is still needed. Based on this, take the appropriate action:

Additional requirementAction
Supporting document requiredGo to Step 9a — upload the document
Purpose of usage missingGo to Step 9b — submit purpose of usage
9

Fulfill Additional Requirements

Complete the additional requirements identified in Step 8.

Call Upload Document with the document type and base64-encoded image specified in the additional requirements response.

Upload Document
$curl -X POST "https://api-gateway-stg.transak.com/api/v2/kyc-reliance/document" \
> -H "x-api-key: YOUR_API_KEY" \
> -H "x-user-ip: USER_IP_ADDRESS" \
> -H "Authorization: USER_ACCESS_TOKEN" \
> -H "Content-Type: application/json" \
> -d '{
> "idType": "PROOF_OF_RESIDENCE",
> "idCountryCode": "FR",
> "frontImage": "data:image/jpeg;base64,..."
> }'

Accepted formats: JPEG, PNG, WEBP — max 5 MB per image.

Call Submit Purpose of Usage with the user’s selected purpose from the list returned by Get Additional Requirements.

Submit Purpose of Usage
$curl -X POST "https://api-gateway-stg.transak.com/api/v2/kyc-reliance/purpose" \
> -H "x-api-key: YOUR_API_KEY" \
> -H "x-user-ip: USER_IP_ADDRESS" \
> -H "Authorization: USER_ACCESS_TOKEN" \
> -H "Content-Type: application/json" \
> -d '{
> "purposeList": ["Buying/selling crypto for investments"]
> }'

After fulfilling all additional requirements, call Get Requirements one final time to confirm everything is accepted. Once the requirements check returns no missing fields, the user can proceed to order creation.

KYC Reliance APIs

Path 2: KYC Reliance using API

The partner’s backend submits the user’s KYC data directly to Transak via three sequential API calls: Identity Details, Document Details, and Biometrics Details.

This path is provider-agnostic — it works with Sumsub, Onfido, or any KYC vendor your platform uses.

For KYC Reliance using API, Transak requires a compliance review before this feature can be enabled in production.

To implement KYC Reliance using API, follow the steps in this guide.

KYC Reliance using APIs