Onboarder

API Documentation

Verification Flows

Define what users must verify before accessing your application.

What is a Verification Flow?

A verification flow is a configuration that defines exactly what information and verifications users must complete before your application can authorize them. Think of it as a checklist that Onboarder enforces during the OAuth sign-in process.

Example: Banking KYC Flow

  • ✓ Required: Email, phone, full name, date of birth
  • ✓ Required: Email OTP verification
  • ✓ Required: Phone OTP verification
  • ✓ Required: Biometric identity enrollment (face + voice)
  • ✓ Required: Document verification (passport/ID)
  • ✓ Optional: Proof of address
  • ✓ Optional: "Why opening account?" form

How Verification Flows Work

1

Create Flow

Define required/optional fields and verifications in your dashboard

2

Get flow_id

Each flow has a unique ID you use in OAuth requests

3

OAuth with flow_id

Users redirected to Onboarder with your flow_id parameter

4

Enforcement

Onboarder ensures all requirements are met before authorization

Verification Policy Modes

Each verification flow has a policy mode that controls how strictly requirements are enforced during OAuth authorization. This determines user experience and data returned.

NO_VERIFICATIONInstant Access

No verification required. User authorization happens immediately after signup/login.

Returns:

  • • Name (unverified)
  • • Email (unverified)
  • • Basic profile data

Use Cases:

  • • Low-security applications
  • • Public access platforms
  • • Free tier users
OPTIONAL_VERIFICATIONGrace Period

Verifications are suggested but can be skipped. User has grace period to complete verifications later. Skip events are tracked.

Behavior:

  • • User can skip verifications
  • • Grace period for completion
  • • Skip events logged

Use Cases:

  • • Progressive onboarding
  • • Gradual trust building
  • • Conversion optimization
REQUIRE_ANY_IDENTITYHard Requirement

User MUST have at least one identity document verified before authorization. No grace period or skipping allowed.

Requirements:

  • • At least 1 document verified
  • • Passport, ID card, driver's license, etc.
  • • No skipping allowed

Use Cases:

  • • KYC compliance
  • • Banking/fintech
  • • Verified identity required

Flow Configuration

A verification flow consists of a policy mode and four configuration components:

1. Required Fields

Profile information users must provide before authorization.

email
phone
firstName
lastName
dateOfBirth
address

2. Required Verifications

Verification checks users must complete (email OTP, document upload, etc.)

email_otp

Email verification with OTP

phone_otp

Phone verification with OTP

passport

Passport document verification

id_card

National ID card verification

drivers_license

Driver's license verification

face_enrollment

Face biometric enrollment with liveness

voice_enrollment

Voice biometric enrollment

View all verification types →

3. Optional Fields & Verifications

Information users can provide but isn't required. Useful for progressive profiling or when information is only needed for certain user actions later.

4. Custom Forms (Optional)

Add custom onboarding forms to collect additional information during the verification flow.

Example: A banking app might add a "Why are you opening an account?" form that requires manual review before authorization completes.

Example Verification Flow

Here's a complete verification flow for a fintech application:

{
  "name": "Standard Banking KYC",
  "description": "Full KYC verification for banking services",


  "requiredFields": [
    "email",
    "phone",
    "firstName",
    "lastName",
    "dateOfBirth",
    "address"
  ],


  "optionalFields": [
    "middleName",
    "nationality"
  ],


  "requiredVerifications": [
    "email_otp",      // Must verify email
    "phone_otp",      // Must verify phone
    "passport",       // Upload passport (or id_card/drivers_license)
    "liveness"        // Facial liveness check
  ],


  "optionalVerifications": [
    "proof_of_address" // Optional address verification
  ],


  "formIds": [
    "account_purpose_form"  // Custom form: "Why opening account?"
  ]
}

Common Use Cases

E-commerce / Marketplace

Light verification to reduce fraud while maintaining fast signup.

  • ✓ Email (required)
  • ✓ Email OTP verification (required)
  • ✓ Phone (optional)

Banking / Fintech

Full KYC compliance with government ID and biometric verification.

  • ✓ Full name, DOB, address (required)
  • ✓ Email + Phone OTP (required)
  • ✓ ID document + liveness (required)

Healthcare / Telemedicine

Identity verification with optional insurance documentation.

  • ✓ Full name, DOB (required)
  • ✓ Email + Phone verification (required)
  • ✓ ID document (optional)
  • ✓ Insurance card upload (optional)

Crypto Exchange

Tiered verification - basic for small amounts, full KYC for larger transactions.

  • ✓ Email verification (required)
  • ✓ Phone, ID, liveness (optional, unlocks higher limits)

Ready to create your first flow?

Create a Verification Flow →View Verification TypesAPI Reference

Previous

OAuth API Reference

Next

Verification Types