Create a session

AI Tools

To use Age estimation with Headless Age verification service (AVS), you will first need to create a session with age_estimation method enabled.

HTTP
    
xxxxxxxxxx
 
POST https://age.yoti.com/api/v1/sessions
Copy

Header	Description
Authorization	API Key for the Yoti Age Verification API. Should be sent as `Bearer {{API_TOKEN}}` .
Content-Type	application/json
Yoti-SDK-Id	Your unique Yoti-Sdk-Id (uuid)

The age verification API uses an HTTP authentication scheme called ‘bearer authentication’. This involves security tokens called ‘bearer tokens’. They are the predominant type of access token used with OAuth 2.0. A resource should interpret a bearer token as "Give the bearer of this token access". The client must send this token in the Authorization header when making requests to protected resources.

It is important that your API Key remains strictly confidential. It must be stored securely. We advise that you never commit any code containing your API Key, and never share it beyond the authorised party.

If you believe your API key has been compromised, please generate new API keys in the hub asap.

Request Body

JSON
    
xxxxxxxxxx
 
{    "type": "OVER",    "age_estimation": {        "allowed": true,        "threshold": 21,        "level": "PASSIVE"    },    "ttl": 900,    "reference_id": "over_21_example",    "notification_url": "https://yourdomain.example/webhook",    "callback": {        "auto": false,        "url": "https://www.example.com"    }}
Copy

Parameter	Type	Value	Description
allowed	boolean	`TRUE`/ `FALSE`	Enable the age estimation method for the user to use.
threshold	integer	e.g. `21`	Age threshold for under/over age limits. We recommend that this threshold be more than the age you want to set as your barrier to entry.
level	string	`PASSIVE`	The level of anti-spoofing for each age verification method. `PASSIVE` enables a passive liveness test for age estimation.
type	type	`OVER`/ `UNDER`/`AGE`	`OVER` - If the user is OVER the age threshold (e.g., over 21). `UNDER` - If the user is UNDER an age threshold (e.g., under 21). `AGE` - This will return the estimated AGE of the user (e.g, if the user is estimated to be 25, we will return 25).
ttl	string (in seconds)	e.g. 900	Configure how long the session is valid for. The user will need to complete this before the `ttl` expires. Minimum value: `60` (1 minute) Maximum value: `2592000` (1 month)

Response

If the request is successful and a session is generated, the API will send a response in the form:

JSON
    
xxxxxxxxxx
 
{    "id": "uuid",    "status": "PENDING",    "expires_at": "2025-08-08T23:41:39Z"}
Copy

Below are the different statuses Yoti returns:

Status	Explanation
PENDING	User has not started any checks.
IN_PROGRESS	Checks have begun on the session, awaiting the result to be returned.
FAIL	The session has been completed, and the user has failed to meet the age threshold. FAIL will be returned only for `OVER` and `UNDER` attempts.
COMPLETE	The session has been completed, the user has passed the required threshold, or an age has been returned. Always `COMPLETE` if AGE type is configured.
ERROR	We could not provide an age result or calculate the threshold. This may be because the face was not recognised during age estimation, or if the ID document was processed via Doc Scan, but we do not believe that it is a genuine document.
CANCELLED	The user no longer wishes to prove their age and aborts the session.
EXPIRED	The session has expired and is no longer usable.

Error Codes

Error code	Description
201	Success
400	Missing field(s) in the request body
401	Missing or unknown SDK ID
403	Incorrect API key
409	Verification check already in progress
410	Session has already expired for the current check

Last updated on

Was this page helpful?