Skip to main content

How it works

1

Start a verification

Call POST /api/v1/verifications with the account you want to verify. You get back a session_url.
2

Send the user to complete KYC

Redirect your user to the session_url. They upload their ID, take a selfie, and verify their identity on a hosted page. You don’t build any UI for this.
3

Listen for the result

When the user completes verification, you receive an identity_profile.approved webhook. Call GET /api/v1/verifications?account_id={biz_ tag} to read the verified identity data.

Quick example

cURL
curl -X POST "https://api.whop.com/api/v1/verifications?account_id=biz_xxxxxxxxxxxxx" \
  -H "Authorization: Bearer $WHOP_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{"kind": "individual"}'
Response
{
  "id": "idpf_xxxxxxxxxxxxx",
  "kind": "individual",
  "status": "pending",
  "session_url": "https://in.sumsub.com/websdk/p/sbx_xxxxxxxxxxxxx",
  "created_at": "2026-06-03T22:15:00Z",
  "updated_at": "2026-06-03T22:15:00Z"
}
You need a Company API key with the identity:write scope. Go to your dashboard → Settings → API Keys to create one.

Pre-fill the KYC form

Pass identity fields to skip steps for your user. These seed the verification form so they don’t have to retype their name and address:
cURL
curl -X POST "https://api.whop.com/api/v1/verifications?account_id=biz_xxxxxxxxxxxxx" \
  -H "Authorization: Bearer $WHOP_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "kind": "individual",
    "first_name": "Jane",
    "last_name": "Doe",
    "date_of_birth": "1995-01-15",
    "country": "US",
    "tax_identification_number": "123-45-6789",
    "address": {
      "line1": "123 Main St",
      "city": "San Francisco",
      "state": "CA",
      "postal_code": "94105"
    }
  }'
tax_identification_number is the person’s tax identification number — their SSN for US individuals — and is required when country is US: the payout account can’t be created without it. Send it as-is; it is tokenized in transit and the raw value is never stored on Whop’s systems.

Two types of verification

TypekindWhat it verifiesWhen to use
Individual (KYC)individualA person’s identityUser wants to withdraw funds
Business (KYB)businessA company entityCompany needs to verify its legal entity
An account can have one of each — an individual KYC and a business KYB.

What’s next

Check status

Check verification status and read verified identity data.

Handle RFIs

Respond when a provider needs additional information like a bank statement.

Update & delete

Update identity fields or remove a verification.

API Reference

Full field reference for the verification object.