About Sumsub API

With the Sumsub API, you can send and receive applicant data and documents for verification through simple RESTful APIs.

The API responds with a JSON payload (unless otherwise stated).



If you use JS in your backend deployment, make sure to always pass the Content-Type: application/json header unless otherwise specified, even if the actual JSON body payload is empty.

We provide you with two modes. Both modes are available via api.sumsub.com. API access is regulated through the use of the X-App-Token authorization header.


Mind the following:

  • To provide you with access to production mode, we must perform integration testing to make sure everything works as expected.
  • All incompatible changes made to the API will be versioned and will not affect the existing endpoints. However, we may add additional fields to JSON responses without any notice or API versioning. So it is not a good idea to rely on object mappers in your integration code that will fail on unknown properties.
  • The header names are not case-sensitive and may vary depending on your ways of implementation at both your requests and our responses.

Try API with Postman

You can download, import, and run the Sumsub API Postman collection.

In your Postman environment, you will need to define the app-token and secret-key variables.