Guides
Home
Start typing to search…

KYCaaS Integration Guide

This guide walks you through the steps to integrate Reap’s KYC workflow using SumSub’s WebSDK. By the end, your users will be verified and ready to use downstream services such as Card Issuance

Step-by-Step Integration

1. Generate an API Key

Where: Reap Card Issuance Dashboard → Settings -> Product Settings -> KYC API Keys
What you get: A Sandbox API key and, once provisioned, a Production API key linked to a Business UUID (BUUID).

Use this key for authentication in all API requests. The BUUID scopes all activity to your business.

2. Set Up Webhooks

  • Register your webhook URL with Reap’s Compliance API (/notification) in your sandbox environment.
  • Subscribe to the account_status_change event type to receive KYC status updates.
  • Implement signature verification in your webhook handler using Reap’s provided RSA public key.
  • Validate your endpoint — ensure it returns 200 OK within 5 seconds and supports HTTPS.
  • Test your webhook using the sandbox environment before moving to production.

For detailed instructions, payload examples, and code snippets in Node.js and Python, refer to the Webhook Setup Guide

3. Create an Entity (Applicant)

Endpoint: POST /entity

Register a new user by creating an entity of type INDIVIDUAL.

  • externalId: An ID to identify your user (i.e userID in your database)
  • type: INDIVIDUAL

Response:
Returns a unique entityId used in all further steps.

4. Generate SumSub WebSDK Token

Endpoint: POST /entity/{entityId}/kyc
Generate a WebSDK token to launch SumSub’s identity verification UI

Response:
Returns a WebSDK token to initialize SumSub on your frontend.

Then, go through steps highlighted in SumSub WebSDK Integration Doc to set up frontend integration

Users complete:

  • Identity document verification
  • Liveness check

Reap handles the backend verification and status updates

5. Generate Signed Payload

Endpoint: POST /entity/{entityId}/signed-payload

Once KYC is complete, call this to get a signed payload for the verified entity.

Response:
Returns a signed JWT payload which proves the user passed KYC.

Use this payload to interact with other Reap products (e.g. Create Card in CaaS)

6. Pass Signed Payload to Create Card

Refer to CaaS API documentation

Endpoint: POST /cards

Once signed JWT payload is generated, it can be used to verify KYC status when creating a card for the user. Pass this signed payload in POST /cards kyc object and customerType = Consumer

Updated 7 days ago