Identity Verification Webhooks

When an Identity Verification job is completed, Vouched can post the job results to a defined webhook URL. This can be set as callbackURL in the JS Plugin, the Submit Job or Send Invite API endpoint.

This webhook uses the response model from the Submit Job API endpoint.

AML Monitoring Webhooks

For verification jobs with AML and ongoing monitoring enabled, Vouched is able to post the most recent AML results to a defined webhook URL. This webhook will be triggered when the AML details of a monitored job have changed. This webhook uses the response model from the Retrieve AML Result API endpoint.

To enable AML Monitoring Webhooks, please send the desired callback URL to [email protected].

Validating Webhook Responses

All webhook requests contain X-Signature in request headers. The X-Signature is base64 encoded, created using HMAC-SHA1 using your private key as the key and using the response as data. To validate the webhook response, perform the same signature procedure and confirm that your generated signature matches the sent signature.

📘

If your account uses the signature key, the X-Signature is base64 encoded, created using HMAC-SHA1 with your signature key instead of the private key.


Did this page help you?