Updates verification session status to trigger session processing
When to use this endpoint
- Use this endpoint to submit a verification session for processing after all required media and data have been uploaded
Common use cases include:
- Finalizing session after manual media upload via API
- Triggering verification review when using headless integration
- Completing sessions where end-user completed verification outside the standard flow
Request body content
- The request body must contain a
verificationobject withstatusfield set tosubmitted - This is currently the only supported status update via this endpoint
Implementation notes
- Session must be in
createdorstartedstatus before calling this endpoint - Session cannot be updated after it has been submitted
- This endpoint requires session-level HMAC signature authentication
- All required media must be uploaded before submitting the session. If you try to upload media after you have submitted the session, you may encounter the 409 - conflict error.
- Always ensure that you use the correct API URL to send requests. See the API URL section for more info
- The order of parameters in the real API response can differ from the order you see in this documentation. This is expected and part of the Backwards compatible changes requirements
Your integration's API key (occasionally referred to as the "Token", "API public key" or "Publishable key"). Required for all API requests.
You can find your API key in the Veriff Customer Portal > Settings > API keys.
Request body signed with the shared secret key. Required to authenticate the request sender.
Verification session ID.
Session data
Standard request to submit a verification session after all media has been uploaded
{
"verification": {
"status": "submitted"
}
}Verification object.
Status of a verification session, always submitted.
Session is patched
Session status updated to submitted and ready for verification processing
{
"status": "success",
"verification": {
"id": "123e4567-e89b-12d3-a456-426614174000",
"url": "https://alchemy.veriff.com/v/eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzZXNzaW9uX2lkIjoiZmQ",
"vendorData": "1234567890",
"host": "https://alchemy.veriff.com",
"status": "submitted",
"sessionToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..."
}
}API request status.
Verification object.
UUID v4 which identifies the verification session.
URL for the verification session. Combination of host and sessionToken.
The unique identifier that you created for your end-user. It can be max 1,000 characters
long and contain only non-semantic data that can not be resolved or used outside your
systems or environments. Veriff returns it unmodified in webhooks and API response
payloads, or as null if not provided.
Host URI for the verification session.
Verification session status after update.
Session-specific token of the verification.
Bad request
Request contains invalid or unsupported status value
{
"status": "fail",
"code": "1101",
"message": "Validation failed"
}Attempt to update a session that has already been submitted
{
"status": "fail",
"code": "1101",
"message": "Session has already been submitted"
}Unauthorized
x-auth-client header not provided
{
"status": "fail",
"code": "1101",
"message": "Mandatory X-AUTH-CLIENT header containing the API key is missing from the request."
}x-hmac-signature validation failed
{
"status": "fail",
"code": "1812",
"message": "Invalid HMAC signature"
}Session not found
No session exists with the provided id
{
"status": "fail",
"code": "1101",
"message": "Resource not found"
}Internal server error
Unexpected error occurred while processing the request
{
"status": "fail",
"code": "1101",
"message": "Something went wrong"
}Changelog
Date | Description |
|---|---|
Mar 8, 2026 | Documentation updated: parent categories rearranged, intro section expanded, request and response examples added |
Oct 2, 2025 |
|
Aug 6, 2025 | Response headers added |
Mar 12, 2025 | Documentation published |