App tokens

Secure your data exchange with the Sumsub API.

App tokens are used to sign your API calls.

To generate a token:

  1. In the Dashboard, go to the App Tokens page and click Generate app token.
  2. Enter a preferred token name.
  3. Specify the IP addresses from which the token is expected to be used. You can continue with the default setting, which allows connections from any IP address, or you can specify only the trusted ones.
  4. [Optionally] From the Source keys from client drop-down list, select source keys if you want the app token to have access only to a certain group of applicants.
  5. Enable the Image watermarks checkbox to add the COPY watermark to images of the applicant documents.
  6. Select permissions as necessary.
  7. Click Generate app token.



  • To generate an app token that would be valid in Sandbox mode, switch to this mode as explained in this article. You may want to use Sandbox mode in cases where you are testing your integration and do not want to conduct real checks.
  • Each token is unique per mode in which it was created; you cannot use an app token in Production mode if this token was created in Sandbox, and vice versa.
  • The full-sized app token and secret key values are shown in the Dashboard only once — at the moment you create the token; make sure to save it to a secure location on your device. Once created, you will not be able to make any changes.