A•• L••••••••).
Verifications require the
intelligence account capability and a credential
carrying the intelligence scope. Every Anton account has the capability —
including AI-compliance-only accounts — but check your credential’s scopes if
you get 403 insufficient_scope.Verify a person
Create a subject withtype: "person". With delivery: "email", Anton emails the hosted link to the subject, attributed to your business name:
hosted_linkis secret-once. It appears here (and on resend / regenerate / re-verify responses) and is never readable again. It opens a flow that collects your customer’s identity documents — treat it like a credential.statustells you whether the email actually went out.sentmeans Anton delivered it.createdmeans it didn’t (you chosedelivery: "manual", or the environment has no email path) — deliver the link through your own channel and never tell your customer “check your inbox” on acreatedresponse.display_namecomes back masked, immediately. The true name went into the vault; it does not exist in Anton’s core database and is not retrievable on this surface.
message is shown in the delivery email, quoted and attributed to your business. It is used for that one send and never persisted — it may carry incidental PII, so it cannot be read back later.
Verify a business
type: "business" runs a KYB flow: business details first, then a cascade to each controlling owner (25%+), who each complete an individual KYC flow at their own hosted link. The business attempt sits in awaiting_owners until every controlling owner is approved.
The attempt’s ubos array tracks each owner’s status. To re-deliver one owner’s link:
Lifecycle
Track transitions by subscribing to the
verification.* webhook events — link_sent, started, approved, declined, review, expired — or by polling GET /v1/verification-subjects/{id}.
Sanctions screening
Every completed verification is screened against sanctions, PEP, and watchlists (OFAC SDN, UN Consolidated, EU Consolidated, UK HMT, PEP) through Anton Intelligence. The attempt’sscreening block carries the outcome:
evaluation_id resolves at GET /v1/intelligence/evaluations/{id} for the full decision evidence. A screening hit moves the attempt to review — it does not auto-decline.
Managing links
Three operations cover every link situation; pick by what happened:- Resend — the link expired unused or never arrived. Mints a fresh one-time link for the same attempt and re-delivers it. Fails with
422on terminal attempts. - Regenerate — the link may have been forwarded or exposed. Kills the old link and inquiry immediately and opens a fresh attempt (
reason: "regenerated"). - Revoke — you no longer want this verification to happen. Terminally cancels the attempt and expires its link.
What this API will never return
The machine surface is deliberately PII-free:display_nameis masked on every read, for subjects and owners alike.- The audited reveal flow (true legal names) and captured-document viewing exist only in the merchant dashboard, restricted to admin users, with every access written to the audit trail.
- Webhook payloads carry IDs and statuses — never names, links, or document content.
All mutating verification endpoints require an
Idempotency-Key header — see
Idempotency. Reads are cursor-paginated — see
Pagination.Monitoring
GET /v1/verification-stats returns your funnel at a glance — totals by outcome, pass rate, median completion minutes, and weekly volume — the same aggregates that power the dashboard overview. See the API reference.