Quickstart

This guide takes you through a full verification using curl. By the end you will have created an API key, discovered your enabled ID types, uploaded a selfie, submitted a verification, and read the result.

We use the staging environment (pk_test_… keys, https://staging.identity.myaza.app) so you can test freely without affecting production.

1. Create a test API key

In the dashboard, go to Settings → Organization → Developers → API Keys, switch the environment selector to Staging, and create a key. Copy the full key (pk_test_…) — it is shown only once.

Store it in your shell:

shell

export MYAZA_KEY="pk_test_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
export MYAZA_BASE="https://staging.identity.myaza.app/api/kyc"

2. Check your configuration

GET /config returns the ID types enabled for your organization and which features each supports.

shell

curl "$MYAZA_BASE/config" \
  -H "Authorization: Bearer $MYAZA_KEY"

json

{
  "environment": "STAGING",
  "idTypes": [
    {
      "country": "NG",
      "idType": "bvn",
      "features": { "documentVerification": false, "livenessCheck": true, "govDbCheck": true }
    }
  ]
}

3. Upload media (optional)

Number-only IDs (such as BVN) don't need media. For document or selfie/liveness flows, upload each file and keep the returned mediaId.

shell

curl "$MYAZA_BASE/upload" \
  -H "Authorization: Bearer $MYAZA_KEY" \
  -F "type=selfie" \
  -F "file=@./selfie.jpg"

json

{ "mediaId": "media_01j9..." }

4. Create the verification

Submit the ID details. The metadata.requestId is your idempotency key — reuse it to safely retry without creating duplicates.

shell

curl "$MYAZA_BASE/verify" \
  -H "Authorization: Bearer $MYAZA_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "country": "NG",
    "idType": "bvn",
    "idNumber": "12345678901",
    "metadata": { "requestId": "order_1001", "userId": "user_42" }
  }'

The API responds immediately with 202 Accepted:

json

{ "verificationId": "ver_01j9...", "status": "pending" }

5. Get the result

Verification runs asynchronously. The publishable key polls minimal status (no PII):

shell

curl "$MYAZA_BASE/status/ver_01j9..." \
  -H "Authorization: Bearer $MYAZA_KEY"

json

{
  "verificationId": "ver_01j9...",
  "status": "verified",
  "createdAt": "2026-04-27T12:00:00.000Z",
  "completedAt": "2026-04-27T12:00:05.000Z"
}

To read the full result (biodata, ID number, facial match), call the result endpoint from your backend with a secret (sk_) key — never from client code:

shell

curl "$MYAZA_BASE/verifications/ver_01j9..." \
  -H "Authorization: Bearer $MYAZA_SECRET_KEY"

json

{
  "verificationId": "ver_01j9...",
  "status": "verified",
  "country": "NG",
  "idType": "bvn",
  "result": {
    "firstName": "JOHN",
    "lastName": "DOE",
    "dateOfBirth": "1990-01-01",
    "idNumberMasked": "1234•••901",
    "facialMatch": null
  },
  "completedAt": "2026-04-27T12:00:05.000Z"
}

Better still, receive the result on your backend via a webhook.

Next steps

Set up webhooks instead of polling.
Review the full verification lifecycle and all status values.
Go live by reading about environments and production access.