Docs
Quickstart
Three steps, all server-to-server plus one redirect: create a verification session, send your user to the hosted flow, and receive the signed result. Test mode is free and unlimited — the snippets below work as-is once you swap in a test key from your dashboard.
- 01
Create a verification session
From your server, using your secret key. Set
required_ageto16or18, andreturn_urlto where the user should land once they’re done.shellcurl https://5do9r1erj7.execute-api.ap-southeast-2.amazonaws.com/v1/verification-sessions \ -H "Authorization: Bearer sk_test_your_key_here" \ -H "Content-Type: application/json" \ -d '{ "required_age": 18, "methods": ["face_estimation", "id_document"], "return_url": "https://yoursite.com/age/verified" }'javascript · nodeconst res = await fetch("https://5do9r1erj7.execute-api.ap-southeast-2.amazonaws.com/v1/verification-sessions", { method: "POST", headers: { "Authorization": "Bearer sk_test_your_key_here", "Content-Type": "application/json", }, body: JSON.stringify({ required_age: 18, methods: ["face_estimation", "id_document"], return_url: "https://yoursite.com/age/verified", }), }); const session = await res.json(); // session.url → send the user here (see step 2)You get back a one-time hosted URL, good for 30 minutes:
json · response{ "id": "vs_01ARZ3NDEKTSV4RRFFQ69G5FAV", "url": "https://d21c67ryshh77h.cloudfront.net/v/vs_01ARZ3NDEKTSV4RRFFQ69G5FAV#st=eyJhbGciOi...", "status": "created", "required_age": 18, "methods": ["face_estimation", "id_document"], "return_url": "https://yoursite.com/age/verified", "mode": "test", "created_at": "2026-07-12T04:00:00.000Z", "expires_at": "2026-07-12T04:30:00.000Z" }See the full request/response shape on the REST API page.
- 02
Send your user to the hosted flow
Redirect the user to
session.urldirectly, or open it from the browser with the ~1 kB JavaScript SDK, which pops a centered window and reports the result without leaving your page.javascript · plain redirect// Simplest integration: just navigate the user there. window.location.href = session.url;javascript · sdk popupimport { AgeAssure } from "@ageassure/js"; AgeAssure.open({ url: session.url, onComplete: ({ sessionId, status }) => { // status is "passed" | "failed" — update your UI immediately. // Treat this as a fast, optimistic signal; the webhook (step 3) // is the record of truth. }, });Full SDK reference on the JavaScript SDK page. There is nothing to store on your side during this step — the image is analysed and deleted before the session ever resolves.
- 03
Receive the result
The outcome reaches you up to three ways, and you can use any or all of them:
- The SDK’s onComplete — fastest, client-side, good for updating UI immediately.
- The redirect back to return_url — AgeAssure appends
?session_id=vs_...; callGET /v1/verification-sessions/:idserver-side to confirm the outcome before acting on it. - A
verification_session.completedwebhook — server-to-server, signed, and retried on failure. This is the record of truth; treat the other two as fast, optimistic signals.
http · webhook deliveryPOST https://yourapp.com/webhooks/ageassure AgeAssure-Signature: t=1752300000,v1=5b3f... AgeAssure-Event: verification_session.completed { "id": "evt_...", "type": "verification_session.completed", "created": "2026-07-12T04:00:31.000Z", "data": { "id": "vs_01ARZ3NDEKTSV4RRFFQ69G5FAV", "status": "passed", "required_age": 18, "method": "face_estimation", "confidence": "high", "mode": "test", "metadata": {} } }Add an endpoint on your dashboard’s Webhooks page and verify the
AgeAssure-Signatureheader — full scheme and code on the Webhooks page.