verification.session.succeeded webhook.
The request shape
When
true, the user must consent to share this claim or the Kayle check cannot proceed. When false, the user can decline this claim individually and still finish the flow.Human-readable reason shown to the user during consent. 1 to 200 characters. Write it for the user, not your engineers.
UNKNOWN_CLAIM_KEY.
Static claims
These are the claim keys Kayle understands by default:| Key | Source | What it is |
|---|---|---|
document_type_code | MRZ (DG1) | ISO 7501-1 document type, e.g. P for passport. |
issuing_country_code | MRZ (DG1) | Three-letter ICAO state code of the issuer. |
family_name | MRZ (DG1) | Surname as printed in the MRZ. |
given_names | MRZ (DG1) | Given names as printed in the MRZ. |
document_number | MRZ (DG1) | The document’s serial number. |
nationality_code | MRZ (DG1) | Three-letter ICAO state code for nationality. |
date_of_birth | MRZ (DG1) | ISO 8601 date (YYYY-MM-DD). Centuries are inferred from expiry where the MRZ is ambiguous. |
sex_marker | MRZ (DG1) | M, F, or X. |
document_expiry_date | MRZ (DG1) | ISO 8601 date. |
mrz_optional_data | MRZ (DG1) | The optional data field of the MRZ, raw. Most documents leave this blank. |
kayle_document_id | Derived | Stable identifier for this document for this organization. Lets you recognise the same document on a future Kayle check without storing the document number. |
kayle_human_id | Derived | Stable identifier for the human, derived from the cryptographically attested document. Lets you recognise the same person across re-issued documents within your organization. |
Age-over derived claims
You can requestage_over_N for any integer N between 12 and 130. The returned value is a boolean computed from date_of_birth. Use these instead of date_of_birth when you only need a threshold check, since the user will see “Age Over 18” in consent rather than “Date of Birth” — less information disclosed.
Defaults
If you create a session withoutshare_fields, Kayle applies a default contract that includes kayle_document_id. The session response normalises everything into share_fields with a source field per entry:
source: "rc"— requested by you (the relying client).source: "default"— added by Kayle’s default contract.
Receiving the values
When Kayle confirms an attempt, theverification.session.succeeded webhook returns the consented claims:
selected_field_keys is the canonical list of keys the user actually consented to share. Optional fields the user declined will be missing from claims even though you requested them — code defensively.