Web SDK integration guide

Overview of flow

Integration Steps

Create a client

A client represents the individual for whom you need to perform various KYC checks. A client is required to generate an SDK token. This must be done in your backend server.

Example request

curl -X POST https://api.complycube.com/v1/clients \
     -H 'Authorization: <YOUR_API_KEY>' \
     -H 'Content-Type: application/json' \
     -d '{
          "type": "person",
          "email": "john.doe@example.com",
               "firstName": "John",
               "lastName" :"Doe"

Example response

The response will contain an id (the Client ID). It is required for the next step.

    "id": "5eb04fcd0f3e360008035eb1",
    "type": "person",
    "email": "john.doe@example.com",
    "personDetails": {
        "firstName": "John",
        "lastName": "Doe",
    "createdAt": "2020-01-04T17:24:29.146Z",
    "updatedAt": "2020-01-04T17:24:29.146Z"

Generate an SDK token

SDK Tokens enable clients to securely send personal data from your web application's frontend to ComplyCube.

To learn more about our SDK Token endpoint.

You must generate a new token each time you initialise the ComplyCube Web SDK.

Example request

curl -X POST https://api.complycube.com/v1/tokens \
     -H 'Authorization: <YOUR_API_KEY>' \
     -H 'Content-Type: application/json' \
     -d '{
          "referrer": "https://www.example.com/*"

Example response

    "token": "<CLIENT_TOKEN>"

Import the SDK

To import our Web SDK, you need to include it in your target page as follows:

<!DOCTYPE html>
    <!-- Importing the Javascript library -->
    <script src="complycube.min.js"></script>

    <!-- Importing the default CSS -->
    <link rel="stylesheet" href="style.css" />
     <!-- This is where the Web SDK will be mounted -->
    <div id="complycube-mount"></div>

The links to complycube.min.js and style.css can be found in your developers portal.

Mount the SDK

With the SDK token you generated earlier, the Web SDK can be initialised in your frontend using the following Javascript code:

  token: '<YOUR_WEB_SDK_TOKEN>',
  containerId: 'complycube-mount',
  stages: [
      name: 'faceCapture',
      options: {
        mode: 'video'
  onComplete: function(data) {
    // Using the data attributes returned, request your
    // backend server to perform the necessary ComplyCube checks
    console.info('Capture complete');
  onModalClose: function() {
    // Handle the modal closure attempt
  onError: function ({ type, message }) {
    if (type === 'token_expired') {
      // Request a new SDK token
    } else {
      // Handle other errors

The SDK mount parameters are described in the SDK Settings section below.

Your website's Referrer Policy header should be set to `strict-origin-when-cross-origin".

Referrer policy

To enable successful communication between the SDK and our servers, your web page's Referrer Policy header should be set to strict-origin-when-cross-origin. This ensures that the referrer information is securely transmitted during HTTP requests.

You can either do it programmatically or add it directly to the web page as follows: <meta name="referrer" content="strict-origin-when-cross-origin">

Perform checks

Using the data returned by the SDK, via the onComplete callback, you can now instruct your backend server to run the appropriate checks using the create a check endpoint. For instance, use:

If you have set up webhooks as described in our webhooks guide, you will be notified once a check completes.

To retrieve the check results, you can perform a get check request.

Example request

curl -X GET https://api.complycube.com/v1/checks/{:checkId} \
     -H 'Authorization: <YOUR_API_KEY>' 


SDK settings



Your client's SDK token. This is a required attribute.


The UI language. Valid values include:

  1. en

  2. ar

  3. de

  4. es

  5. fr

  6. hi

  7. hk

  8. id

  9. it

  10. ja

  11. ko

  12. nl

  13. no

  14. pl

  15. pt

  16. sv

  17. th

  18. vi

  19. zh

Default value: en


A string containing the ID of the container element that the Web SDK will mount to.

This must be an empty element.

Default value: complycube-mount


This defines whether the UI screens load into a modal or not. Default value: true


This defines whether we track client analytics or not. Default value: false


This is the array of verification stages your clients will go through. Stages can be provided as string values which include : intro, userConsentCapture faceCapture, documentCapture, poaCapture, and completion.

Stages can be also provided as objects to enable customisations, as explained on the customisations page.

Default value: ['intro', 'faceCapture, 'documentCapture', 'completion']


This callback function executes after the client completes the SDK flow. You could then use a function to trigger a check creation on your backend server.

Depending on the stages provided, data may include the following attributes:

  • documentCapture

    • documentId: the uploaded identity document unique reference generated by ComplyCube.

    • documentType: the type of document uploaded.

  • faceCapture

    • liveVideoId: the captured video unique reference number generated by ComplyCube, OR;

    • livePhotoId: the captured photo unique reference number generated by ComplyCube.

  • poaCapture

    • documentId: the uploaded ID document unique reference generated by ComplyCube.

    • documentType: the type of document uploaded.


This callback executes when your client tries to close the modal. You can then decide whether to close the modal or not by toggling the isModalOpenattribute using the updateSettingsmethod, as shown below.


This callback executes when an error occurs. The error object has two attributes:

  • type: this can be either:

    • exception

    • token_expired : indicates the SDK token provided has expired. When this occurs, a new SDK toke must be provided, as shown below.

      • message: a descriptive message of the error that has occurred.


This callback executes when your client exits the SDK verification flow prior to completion. The callback returns the exit reason, e.g., USER_CONSENT_NOT_GRANTED.

Updating SDK settings

A number of settings can be updated at runtime as follows:

complycube = ComplyCube.mount({...})

// Replace the SDK token
complycube.updateSettings({ token: "NEW_SDK_TOKEN" });
// Open the modal
complycube.updateSettings({ isModalOpen: true });

//Close the modal
complycube.updateSettings({ isModalOpen: false });

Unmounting the SDK

If you are using the SDK within a Single Page Application (SPA), you can call unmount function to remove the SDK and reset its state.

complycube = ComplyCube.mount({...})

Last updated