Create a session

AI Tools

To use ID verification, you will first need to create a session with the doc_scan method enabled.

Endpoint

HTTP
    
xxxxxxxxxx
 
POST https://age.yoti.com/api/v1/sessions
Copy

Header	Description
Authorization	API Key to call the Yoti Age API. Should be sent as a `Bearer {{API_TOKEN}}` .
Content-Type	application/json
Yoti-SDK-Id	Your unique Yoti-Sdk-Id (uuid)

The age verification API uses an HTTP authentication scheme called ‘bearer authentication’. This involves security tokens called ‘bearer tokens’. They are the predominant type of access token used with OAuth 2.0. A resource should interpret a bearer token as "Give the bearer of this token access". The client must send this token in the Authorization header when making requests to protected resources.

It is important that your API Key remains strictly confidential. It must be stored securely. We advise that you never commit any code containing your API Key, and never share it beyond the authorised party.

If you believe your API key has been compromised, please generate new API keys in the hub as soon as possible.

Request Body

JSON
    
xxxxxxxxxx
 
{    "type": "OVER",    "doc_scan": {        "allowed": true,        "threshold": 18,        "authenticity": "AUTO",        "level": "PASSIVE",        "preset_issuing_country": "GBR"    },    "ttl": 900,    "reference_id": "over_18_example",    "notification_url": "https://yourdomain.example/webhook",    "callback": {        "auto": false,        "url": "https://www.example.com"    }}
Copy

Parameter	Type	Value	Description
`allowed`	boolean	`true` / `false`	Enable the verification method for the user to select.
`threshold`	integer	e.g.`18`	Age threshold for under/over age limits. We recommend this to be the exact age of the threshold you want to cover.
`authenticity`	string	`AUTO`	Yoti will perform an automated Document Authenticity check to verify whether the document is genuine. For more information on the types of checks, please head here.
`level`	string	`PASSIVE`	The level of anti-spoofing for each age verification method. `PASSIVE` - enables a static liveness test and face match for IDV.
`preset_issuing_country`	string	e.g.`GBR`	In the format of a 3-letter ISO 3166-1 country code. Determines the preset issuing country for the document selection.
`type`	string	`OVER`/`UNDER`/`AGE`	This is where you define what preference you want to set for the age of the user. OVER - If the user is OVER an age threshold (e.g., over 18). UNDER - If the user is UNDER an age threshold (e.g., under 18). AGE - This will return the verified AGE of the user (e.g, if the user is verified to be 25, we will return 25).
`ttl`	integer	`900`	In seconds. How long the session is valid for, the user will need to complete this before the ttl expires. Minimum value:`60` (1 minute) Maximum value: `2592000` (1 month)

Last updated on

Was this page helpful?