KYC Verification
Use the /kyc endpoint to perform Know Your Customer (KYC) verification tasks for your account holders.
This endpoint can only be used to perform KYC verification for individuals or businesses in the United States.
For more information about KYC verification, see About KYC Verification.
For more information about account holders, see About Account Holders.
Perform KYC verification
Copy section link
Action: POST
Endpoint: /kyc
Use this endpoint to verify the identity of an account holder in the United States, either a user or a business. You can perform KYC verification on an account holder, provided the following are true:
-
The KYC status of the account holder is
UNVERIFIEDorLIMITED -
The account holder has not been submitted for KYC verification twice
Required fields
Copy section link
In order to perform KYC verification, the user or business resource on which you perform the check must have the following fields configured with valid values:
| User Fields Required for KYC | Business Fields Required for KYC |
|---|---|
|
|
Valid state, provincial, and territorial abbreviations
Copy section link
The following list includes all valid two-letter abbreviations for US states, territories, and military (APO/FPO/DPO) addresses. It also includes abbreviations for Canadian provinces and territories. State, provincial, and territorial abbreviations are case sensitive, and must be in uppercase as they appear in this list:
-
AL: Alabama -
AK: Alaska -
AB: Alberta -
AS: American Samoa -
AZ: Arizona -
AR: Arkansas -
AE: Armed Forces -
AA: Armed Forces Americas -
AP: Armed Forces Pacific -
BC: British Columbia -
CA: California -
CO: Colorado -
CT: Connecticut -
DE: Delaware -
DC: District of Columbia -
FL: Florida -
GA: Georgia -
GU: Guam -
HI: Hawaii -
ID: Idaho -
IL: Illinois -
IN: Indiana -
IA: Iowa -
KS: Kansas -
KY: Kentucky -
LA: Louisiana -
ME: Maine -
MB: Manitoba -
MD: Maryland -
MA: Massachusetts -
MI: Michigan -
MN: Minnesota -
MS: Mississippi -
MO: Missouri -
MT: Montana -
NE: Nebraska -
NV: Nevada -
NB: New Brunswick -
NH: New Hampshire -
NJ: New Jersey -
NM: New Mexico -
NY: New York -
NF: Newfoundland -
NC: North Carolina -
ND: North Dakota -
NT: Northwest Territories -
NS: Nova Scotia -
NU: Nunavut -
OH: Ohio -
OK: Oklahoma -
ON: Ontario -
OR: Oregon -
PA: Pennsylvania -
PE: Prince Edward Island -
PR: Puerto Rico -
QC: Quebec -
RI: Rhode Island -
SK: Saskatchewan -
SC: South Carolina -
SD: South Dakota -
TN: Tennessee -
TX: Texas -
UT: Utah -
VT: Vermont -
VI: Virgin Islands -
VA: Virginia -
WA: Washington -
WV: West Virginia -
WI: Wisconsin -
WY: Wyoming -
YT: Yukon Territory
Request body
Copy section link
| Fields | Description |
|---|---|
business_token
string
|
Specifies the business account holder on which to perform the identity check.
Do not pass this field if your request includes the Send a Allowable Values: 1–36 chars |
manual_override
boolean
|
Set to Use this override when you perform verification through another mechanism, such as with an alternative KYC provider or directly with the account holder.
You must obtain explicit, written approval from Marqeta before using the Allowable Values:
Default value: |
notes
string
|
Notes pertaining to a manual override.
This field is returned in the response only when the Allowable Values: 255 char max |
reference_id
string
|
Can be specified only if NOTE: When you submit a KYC verification request with Allowable Values: 32 char max |
token
string
|
The unique identifier of the identity check. If you do not include a token, the system will generate one automatically. This token is necessary for use in other API calls, so we recommend that rather than let the system generate one, you use a simple string that is easy to remember. This value cannot be updated. Allowable Values: 1–36 chars |
user_token
string
|
Specifies the user account holder on which to perform the identity check.
Do not pass this field if your request includes the Send a Allowable Values: 1–36 chars Existing user token |
Sample request body
Copy section link
Sample request body for a user
Sample request body for a business
Response body
Copy section link
| Fields | Description |
|---|---|
business_token
string
|
The business account holder on which the identity check was performed. Allowable Values: Existing business token |
created_time
datetime
|
Time when the KYC verification was performed. Allowable Values: datetime Format: |
last_modified_time
datetime
|
Time when the KYC verification was last updated. Allowable Values: datetime Format: |
manual_override
boolean
|
If This override is used when verification is performed through another mechanism, such as with an alternative KYC provider or directly with the account holder. Allowable Values:
|
notes
string
|
Notes pertaining to a manual override.
This field is included in the response only when the Allowable Values: 255 char max |
reference_id
string
|
If you verified the account holder’s identity by performing a KYC verification outside of the Marqeta platform, you can use the NOTE: When you submit a KYC verification request with Allowable Values: 32 char max |
result
object
|
Contains information about the KYC verification result. Allowable Values: Existing KYC verification object |
result.codes
array of objects
|
An array of KYC verification result code objects. Allowable Values: One or more KYC verification result code objects |
result.codes[].code
string
|
For any Allowable Values:
|
result.codes[].message
string
|
Result code description. Allowable Values: 255 char max |
result.status
string
|
KYC verification status. Allowable Values:
|
token
string
|
The unique identifier of the identity check. Allowable Values: Existing identity check token |
user_token
string
|
The user account holder on which the identity check was performed. Allowable Values: Existing user token |
List KYC results for a business
Copy section link
Action: GET
Endpoint: /kyc/business/{business_token}
Use this endpoint to retrieve all KYC verification results for a business.
This endpoint supports field filtering and pagination.
Business KYC outcome reasons (business response)
Copy section link
The following tables describe KYC outcome reasons potentially returned in the outcome_reasons field of the business result response object when a business is in a PENDING or FAILURE state.
Where possible, they also describe acceptable documents that your customers can submit to resolve PENDING outcomes.
Outcome reasons for the business
Copy section link
These outcome reasons pertain to the business organization itself.
| Outcome Reason and State | Description | Accepted Documents |
|---|---|---|
AddressIssue |
Missing, invalid, mismatched, or PO Box address. |
One of the following documents. Document must show the full business name and address:
|
BusinessNameIssue |
Invalid or mismatched name. |
Articles or certificate of incorporation. |
OFACIssue |
Business appears on an OFAC list. |
This outcome requires a manual review by Marqeta to determine the next appropriate step. Contact your Marqeta representative. |
RegistrationIssue |
Business is inactive, not registered, or not in good standing with the Secretary of State; recently reported or not recently updated. |
This outcome requires a manual review by Marqeta to determine the next appropriate step. Contact your Marqeta representative. |
Sanctions List Non-OFAC |
Business appears on a non-OFAC screening list, bankruptcy, or alert list. |
This outcome requires a manual review by Marqeta to determine the next appropriate step. Contact your Marqeta representative. |
TINIssue |
Missing, invalid, or mismatched Tax Identification Number (TIN). |
IRS Notice Letter 147C or CP575, or most recent tax return. |
Outcome reasons for individuals associated with a business
Copy section link
These outcome reasons pertain to individuals associated with a business: proprietors, business officers, and beneficial owners.
| Outcome Reason and State | Description | Accepted Documents |
|---|---|---|
AddressIssue |
Missing, invalid, mismatched, or PO Box address. |
One of the following documents. Document must show the full name and address:
|
DateofBirthIssue |
Invalid or mismatched date of birth. |
Unexpired government-issued photo identification that shows name and date of birth:
|
NameIssue |
Invalid or mismatched name. |
Unexpired government-issued photo identification that has name and date of birth:
|
NoRecordFound |
No records were found for this individual. |
As no record was found for this individual, supporting documentation must be provided for each attribute (name, date of birth, address, and SSN):
|
OFAC |
Appears on an Office of Foreign Assets Control (OFAC) list. |
This outcome requires a manual review by Marqeta to determine the next appropriate step. Contact your Marqeta representative. |
RiskIssue |
Appears on a non-OFAC screening list, bankruptcy, or alert list, or has an insufficient record. |
This outcome requires a manual review by Marqeta to determine the next appropriate step. Contact your Marqeta representative. |
SSNFail |
Social Security Number (SSN) appears on Network Alert List, is of a deceased person, or was issued before the individual’s date of birth. |
This outcome requires a manual review by Marqeta to determine the next appropriate step. Contact your Marqeta representative. |
SSNIssue |
Missing, invalid, or mismatched SSN. |
|
URL path parameters
Copy section link
| Fields | Description |
|---|---|
business_token
string
|
The unique identifier of the business resource for which you want to retrieve KYC verification results. Allowable Values: Existing business token |
URL query parameters
Copy section link
| Fields | Description |
|---|---|
count
integer
|
The number of resources to retrieve. Allowable Values: 1-10 |
start_index
integer
|
The sort order index of the first resource in the returned array. Allowable Values: Any integer |
fields
string
|
Comma-delimited list of fields to return ( Allowable Values: Comma-delimited list of fields, or blank |
sort_by
string
|
Field on which to sort.
Use any field in the resource model, or one of the system fields Allowable Values:
|
Response body
Copy section link
| Fields | Description |
|---|---|
count
integer
|
Number of resources in the returned array. This field is returned if there are resources in your returned array. Allowable Values: 1-10 |
data
array of objects
|
Array of KYC verification response objects. Objects are returned as appropriate to your query. Allowable Values: Valid array of one or more KYC verification response objects |
data[].business_token
string
|
The business account holder on which the identity check was performed. Allowable Values: Existing business token |
data[].created_time
datetime
|
Time when the KYC verification was performed. Allowable Values: datetime Format: |
data[].last_modified_time
datetime
|
Time when the KYC verification was last updated. Allowable Values: datetime Format: |
data[].manual_override
boolean
|
If This override is used when verification is performed through another mechanism, such as with an alternative KYC provider or directly with the account holder. Allowable Values:
|
data[].notes
string
|
Notes pertaining to a manual override.
This field is included in the response only when the Allowable Values: 255 char max |
data[].reference_id
string
|
If you verified the account holder’s identity by performing a KYC verification outside of the Marqeta platform, you can use the NOTE: When you submit a KYC verification request with Allowable Values: 32 char max |
data[].result
object
|
Contains information about the KYC verification result. Allowable Values: Existing KYC verification object |
data[].result.codes
array of objects
|
An array of KYC verification result code objects. Allowable Values: One or more KYC verification result code objects |
data[].result.codes[].code
string
|
For any Allowable Values:
|
data[].result.codes[].message
string
|
Result code description. Allowable Values: 255 char max |
data[].result.status
string
|
KYC verification status. Allowable Values:
|
data[].token
string
|
The unique identifier of the identity check. Allowable Values: Existing identity check token |
data[].user_token
string
|
The user account holder on which the identity check was performed. Allowable Values: Existing user token |
end_index
integer
|
Sort order index of the last resource in the returned array. This field is returned if there are resources in your returned array. Allowable Values: Any integer |
is_more
boolean
|
A value of This field is returned if there are resources in your returned array. Allowable Values:
|
start_index
integer
|
Sort order index of the first resource in the returned array. This field is returned if there are resources in your returned array. Allowable Values: Any integer |
List KYC results for a user
Copy section link
Action: GET
Endpoint: /kyc/user/{user_token}
Use this endpoint to retrieve all KYC results for a user.
This endpoint supports field filtering and pagination.
User KYC failure codes
Copy section link
The following table lists KYC failure codes potentially returned in the response when a user does not pass verification. It also includes a list of acceptable documents that your customers can submit to resolve failures.
| Failure Code and State | Description | Accepted Documents |
|---|---|---|
AddressIssue |
Missing, invalid, mismatched, or PO Box address. |
One of the following documents. Document must show the full name and address:
|
DateofBirthIssue |
Invalid or mismatched date of birth. |
Unexpired government-issued photo identification that shows name and date of birth:
|
NameIssue |
Invalid or mismatched name. |
Unexpired government-issued photo identification that has name and date of birth:
|
NoRecordFound |
No records were found for this individual. |
As no record was found for this individual, supporting documentation must be provided for each attribute (name, date of birth, address, and SSN):
|
OFAC |
Appears on an Office of Foreign Assets Control (OFAC) list. |
This outcome requires a manual review by Marqeta to determine the next appropriate step. Contact your Marqeta representative. |
RiskIssue |
Appears on a non-OFAC screening list, bankruptcy, or alert list, or has an insufficient record. |
This outcome requires a manual review by Marqeta to determine the next appropriate step. Contact your Marqeta representative. |
SSNFail |
Social Security Number (SSN) appears on Network Alert List, is of a deceased person, or was issued before the individual’s date of birth. |
This outcome requires a manual review by Marqeta to determine the next appropriate step. Contact your Marqeta representative. |
SSNIssue |
Missing, invalid, or mismatched SSN. |
|
URL path parameters
Copy section link
| Fields | Description |
|---|---|
user_token
string
|
Unique identifier of the user resource for which you want to retrieve KYC verification results. Allowable Values: Existing user resource token |
URL query parameters
Copy section link
| Fields | Description |
|---|---|
count
integer
|
Number of resources to retrieve. Allowable Values: 1-10 |
start_index
integer
|
Sort order index of the first resource in the returned array. Allowable Values: Any integer |
fields
string
|
Comma-delimited list of fields to return ( Allowable Values: Comma-delimited list of fields, or blank |
sort_by
string
|
Field on which to sort.
Use any field in the resource model, or one of the system fields Allowable Values:
Default value: |
Response body
Copy section link
| Fields | Description |
|---|---|
count
integer
|
Number of resources in the returned array. This field is returned if there are resources in your returned array. Allowable Values: 1-10 |
data
array of objects
|
Array of KYC verification response objects. Objects are returned as appropriate to your query. Allowable Values: Valid array of one or more KYC verification response objects |
data[].business_token
string
|
The business account holder on which the identity check was performed. Allowable Values: Existing business token |
data[].created_time
datetime
|
Time when the KYC verification was performed. Allowable Values: datetime Format: |
data[].last_modified_time
datetime
|
Time when the KYC verification was last updated. Allowable Values: datetime Format: |
data[].manual_override
boolean
|
If This override is used when verification is performed through another mechanism, such as with an alternative KYC provider or directly with the account holder. Allowable Values:
|
data[].notes
string
|
Notes pertaining to a manual override.
This field is included in the response only when the Allowable Values: 255 char max |
data[].reference_id
string
|
If you verified the account holder’s identity by performing a KYC verification outside of the Marqeta platform, you can use the NOTE: When you submit a KYC verification request with Allowable Values: 32 char max |
data[].result
object
|
Contains information about the KYC verification result. Allowable Values: Existing KYC verification object |
data[].result.codes
array of objects
|
An array of KYC verification result code objects. Allowable Values: One or more KYC verification result code objects |
data[].result.codes[].code
string
|
For any Allowable Values:
|
data[].result.codes[].message
string
|
Result code description. Allowable Values: 255 char max |
data[].result.status
string
|
KYC verification status. Allowable Values:
|
data[].token
string
|
The unique identifier of the identity check. Allowable Values: Existing identity check token |
data[].user_token
string
|
The user account holder on which the identity check was performed. Allowable Values: Existing user token |
end_index
integer
|
Sort order index of the last resource in the returned array. This field is returned if there are resources in your returned array. Allowable Values: Any integer |
is_more
boolean
|
A value of This field is returned if there are resources in your returned array. Allowable Values:
|
start_index
integer
|
Sort order index of the first resource in the returned array. This field is returned if there are resources in your returned array. Allowable Values: Any integer |
Retrieve KYC result
Copy section link
Action: GET
Endpoint: /kyc/{token}
Use this endpoint to retrieve a specific KYC result.
URL path parameters
Copy section link
| Fields | Description |
|---|---|
token
string
|
Unique identifier of the KYC verification for which you want to retrieve the result. Allowable Values: Existing identity check token |
Response body
Copy section link
| Fields | Description |
|---|---|
business_token
string
|
The business account holder on which the identity check was performed. Allowable Values: Existing business token |
created_time
datetime
|
Time when the KYC verification was performed. Allowable Values: datetime Format: |
last_modified_time
datetime
|
Time when the KYC verification was last updated. Allowable Values: datetime Format: |
manual_override
boolean
|
If This override is used when verification is performed through another mechanism, such as with an alternative KYC provider or directly with the account holder. Allowable Values:
|
notes
string
|
Notes pertaining to a manual override.
This field is included in the response only when the Allowable Values: 255 char max |
reference_id
string
|
If you verified the account holder’s identity by performing a KYC verification outside of the Marqeta platform, you can use the NOTE: When you submit a KYC verification request with Allowable Values: 32 char max |
result
object
|
Contains information about the KYC verification result. Allowable Values: Existing KYC verification object |
result.codes
array of objects
|
An array of KYC verification result code objects. Allowable Values: One or more KYC verification result code objects |
result.codes[].code
string
|
For any Allowable Values:
|
result.codes[].message
string
|
Result code description. Allowable Values: 255 char max |
result.status
string
|
KYC verification status. Allowable Values:
|
token
string
|
The unique identifier of the identity check. Allowable Values: Existing identity check token |
user_token
string
|
The user account holder on which the identity check was performed. Allowable Values: Existing user token |