Webhook Guide

Webhook

Webhook provides real-time notifications when specific events occur.

Webhook Integration

To integrate webhook, please send your webhook URL to Helpdesk.

Webhook Triggers

"Submission data" only returns entered information. In cases when you do not include any optional information such as "cf1" or "wallet_address" in submission data, the response object does not include them either.

webhook_trigger	KYC Status	Description
submit	Pending	KYC submission is created and waiting for manual review. *No webhook for 'Submit' status
approved	Approved	KYC approved
rejected	Rejected	KYC rejected
updated	-	KYC data has been updated
aml	Approved	AML screening results
delete	-	KYC data has been deleted
injection	-	Type of webhook passed

KYC Status Change

If webhook_trigger is one of [approved, rejected, updated], the three additional parameters below are returned.

• However, this only applies if the relevant data exists in the submission data. (gender, date_of_birth, nationality)

Key	Value	Description
webhook_trigger	submit, approved, rejected, updated	submit: KYC is at pending status after submission approved: KYC approved at the moment of submission or turned into approved from pending rejected: KYC rejected at the moment of submission or turned into rejected from pending updated: Data has been updated
kyc_result		KYC result object
kyc_result.status	approved / rejected	KYC result
kyc_result.update_at	{update_at}	The time KYC status has changed to approved or rejected(UTC+0)
kyc_result.comment	{comment}	Rejected reason ※Only when the webhook_trigger is rejected.
submission_id	{submission_id}	Unique verifying ID for each submission
applicant_id	{applicant_id}	Unique verifying ID given to users, it is transmitted only when the KYC status is 'approved'.
created_at	{create_at}	The moment when a KYC submission_id has made (UTC+0)
email	{email}	Email address of a KYC applicant
userid	{userid}	Unique ID for each KYC applicant created from client side (≠ submission id)
cf	object	cf1 ~ cf3 data bundle object submitted together with Step 1 Input data
cf.cf1	{cf1}	Data submitted in field cf1
cf.cf2	{cf2}	Data submitted in field cf2
cf.cf3	{cf3}	Data submitted in field cf3
account_email	{account_email}	Admin account attempted to delete submission
delete_time	{delete_time}	Date and time of deletion of submissions
comment	{comment}	Comment left when deleting a submission
action		Injection information object
action.type	address	Injection type
action.created_at	{created_at}	Injection execution time
gender	{gender}	Gender of submitted user (male or female)
date_of_birth	{YYYY-MM-DD}	Submitted user's date of birth (in YYYY-MM-DD format)
nationality	{nationality}	Nationality of submitted user (country code in 3-letter format: ISO alpha3 format)
tokenId	{tokenId}	TokenID used when submitting live-form in private mode.

AML Results

AML result and submission data are returned when AML screening is completed, no screening for rejected KYCs. AML Screening is performed only when KYC is approved and the results are returned.

Key	Value	Description
webhook_trigger	aml	Webhook trigger type
submission_id	{submission_id}	Unique verifying ID for each submission
email	{email}	Email address of a KYC applicant
userid	{userid}	Unique ID for each KYC applicant created from client side (≠ submission id)
aml_result		AML result object
aml_result.currentstatus	Not Screened / Red Flag	AML screening result
aml_result.risk_level_summary	Not Screened/ HIGH/MEDIUM/LOW	AML result level
created_at	{create_at}	The moment when a KYC submission_id has made (UTC+0)
cf	object	cf1 ~ cf3 data bundle object submitted together with Step 1 Input data
cf.cf1	{cf1}	Data submitted in field cf1
cf.cf2	{cf2}	Data submitted in field cf2
cf.cf3	{cf3}	Data submitted in field cf3

Delete

Name	Value	Description
webhook_trigger	delete	Type of webhook passed delete: When KYC submission is deleted
submission_id	{submission_id}	Unique classification value for each KYC submission
account_email	{account_email}	Admin account attempted to delete submission
delete_time	{delete_time}	Date and time of deletion of submissions
comment	{comment}	Comment left when deleting a submission
userid	{userid}	Client’s unique KYC submitter identifier (≠ submission id)

Injection

Name	Value	Description
webhook_trigger	injection	Type of webhook passed
action		Injection information object
action.type	address	Injection type
action.created_at	{created_at}	Injection execution time
submission_id	{submission_id}	Unique ID generated during KYC process (submission_id)
email	{email}	Email submitted during KYC process
kyc_status	{kyc_status}	KYC submission results
applicant_id	{applicant_id}	Unique identification ID given to check for duplicate submissions - Delivered only when KYC Status is Approved.
userid	{userid}	User ID used internally by the company, used to check which user submitted KYC in the existing system. ※ It is provided as an option and is sent when you submit KYC including the userid parameter.
cf1	{cf1}	Data submitted in field cf1
cf2	{cf2}	Data submitted in field cf2
cf3	{cf3}	Data submitted in field cf3

Sample Data

submit

{
    uri: 'https://your-endPoint-url.com',
    method: 'POST',
    body: {
        webhook_trigger:"submit", 
        kyc_result:{
            status:"rejected",
            created_at:"2023-07-06T02:01:03.494Z"
         },
        submission_id:"{submissionId}",
        projectId:"{projectId}",
        email:"test@sample.com",
        userid:"{userid}"
    },
    json: true
}

approved

{
    uri: 'https://your-endPoint-url.com',
    method: 'POST',
    body: {
        webhook_trigger:"approved", 
        kyc_result:{
            status:"rejected",
            comment:"Multiple invalid KYC attempts"
            updated_at:"2023-07-06T00:45:05.738Z"
         },
        submission_id:"{submissionId}",
        projectId:"{projectId}",
        email:"test@sample.com",
        userid:"{userid}"
    },
    json: true
}

rejected

{
    uri: 'https://your-endPoint-url.com',
    method: 'POST',
    body: {
        webhook_trigger:"approved", 
        kyc_result:{
            status:"rejected",
            comment:"Multiple invalid KYC attempts"
            updated_at:"2023-07-06T00:45:05.738Z"
         },
        submission_id:"{submissionId}",
        projectId:"{projectId}",
        email:"test@sample.com",
        userid:"{userid}"
    },
    json: true
}

updated

{
  uri: 'https://your-endPoint-url.com',
  method: 'POST',
  body: {
    kyc_result: { status: 'approved', updated_at: '2023-07-11T09:13:24.751Z' },
    email: 'test@sample.com',
    webhook_trigger: 'updated',
    submission_id: 'test_submissions_id',
    userid:{userid}
    
  },
  json: true
}

aml

{
    uri: 'https://your-endPoint-url.com',
    method: 'POST',
    body: {
         webhook_trigger: 'aml',
         submission_id: '{submissionId}',
         email: 'test@sample.com',
         userid:{userid}
         aml_result: {
               currentstatus: 'Not Screened',
               risk_level_summary: 'Not Screened'
         }
   },
    json: true
}

Delete

{
    uri: 'https://your-endPoint-url.com',
    method: 'DEL',
    body: {
        webhook_trigger:"delete", 
        submission_id:"{submissionId}",
        account email:"test@sample.com",
        delete_time:"2024-05-03T02:01:03.494Z"
    },
    json: true
}

Injection

{
    uri: 'https://your-endPoint-url.com',
    method: 'PUT',
    body: {
        webhook_trigger:"injection", 
        action:{
            type:"address",
            created_at:"2024-05-03T02:01:03.494Z"
         },
        submission_id:"{submissionId}",
        email:"test@sample.com",
        userid:"{userid}"
    },
    json: true
}

---

1. Bidirectional Encryption/Decryption for Output Data

When using the encryption option, both input and output require bidirectional encryption/decryption.

Output:

Return the encrypted result in the body.

Example:

• response : {
  		...
  		body : "encrypted-string"
  }