🛂 KYC Endpoint Configuration

🧾 Overview

The KYC (Know Your Customer) endpoint configuration enables REL-ID’s IdvWebServer to call an enterprise-hosted API for validating scanned identity document data. This is typically done after selfie verification and before storing identity data (Opt-In).

The KYC API acts as a validation layer to ensure that the identity details match those in the enterprise's internal systems.

⚙️ Configuration Steps

To enable or configure the KYC endpoint, follow these steps in the GM Portal.

✅ Enable KYC

1. Login to the GM Portal
2. Navigate to Module Config Management
3. Select the module: IDV Web Server
4. Search for config key: kyc.enable
5. Set value to:

true

6. Click Restart to apply changes

🔁

Setting this to false will disable KYC check. The KYC step will be skipped entirely.

🔗 Configure KYC API URL

1. In Module Config Management, select the module: IDV Server
2. Search for config key: kyc.service.api.config
3. Set the full KYC endpoint URL and any required request headers or payload structure.
4. Click Restart

Example KYC API settings:

{
  "method": "POST",
  "url": "https://enterprise.com/api/validateKYC",
  "headers": [
    {
      "headerName": "Authorization",
      "headerValue": "Bearer __ACCESS_TOKEN_PLACEHOLDER__"
    },
    {
      "headerName": "Content-Type",
      "headerValue": "application/json"
    }
  ],
  "requestBody": {
    "name": "${name}",
    "dob": "${dob}",
    "documentNumber": "${doc_no}"
  }
}

🛠️ Replace ${...} with macros supported by REL-ID to inject scanned data fields.

🔐 Dynamic Access Token

If Authorization header uses Bearer __ACCESS_TOKEN_PLACEHOLDER__, then you must also configure the accessTokenEndpoint like below:

"accessTokenEndpoint": {
  "url": "https://enterprise.com/token",
  "method": "POST",
  "headers": [
    {
      "name": "Content-Type",
      "value": "application/x-www-form-urlencoded"
    }
  ],
  "postParameters": [
    {
      "name": "client_id",
      "value": "your_client_id"
    },
    {
      "name": "client_secret",
      "value": "your_client_secret"
    },
    {
      "name": "grant_type",
      "value": "client_credentials"
    }
  ]
}

REL-ID will dynamically fetch the access token and use it when calling the KYC API.

🔁 When Is This API Called?

• After selfie verification is complete (Step 3)
• Before presenting the Opt-In screen
• Only if kyc.enable is true

🧪 Expected Response

The enterprise KYC endpoint should return a success/failure indication. The exact format depends on enterprise implementation, but ideally:

{
  "kycStatus": "SUCCESS",
  "referenceId": "KYC123456789"
}

REL-ID can store the KYC result and optionally use referenceId in reporting or callbacks.

🚫 Disable KYC (Optional)

To turn off KYC checks entirely:

1. In GM Portal → Module Config Management
2. Module: IDV Web Server
3. Set kyc.enable = false
4. Click Restart

✅ Completion

Once configured, IdvWebServer will call your KYC API during identity verification, allowing real-time validation of user identity data before enrollment completion.