You can prohibit WebSDK initialization if it is performed by domains that are not part of the settings, specify a secret key to sign JWT tokens, and provide a custom redirect URL after successful verification.

Get started

To configure the settings:

1. Go to the WebSDK settings page.
2. Add trusted domains to allow the WebSDK initialization.
3. Provide a secret key to be used to sign JWT (JSON Web Token) tokens every time Sumsub generates them.
4. Provide a URL that will change the link domain and generate a JWT query parameter to verify the link. When you provide a secret key in the previous step, a JWT query parameter will be added to the redirect URL automatically.
5. Save your changes.

🚧

Attention

Make sure to complete the steps described in this article before using this feature.