> ## Documentation Index > Fetch the complete documentation index at: https://documentation.idenfy.com/llms.txt > Use this file to discover all available pages before exploring further. # Quickstart > Create your first iDenfy identity verification session in under 5 minutes with API key authentication, token generation, and redirect. This quickstart covers **Identity Verification (KYC)** — the most common starting point. For other products, jump directly to: * [Business Verification (KYB) →](/kyb/overview) * [AML Screening →](/aml/overview) * [Fraud Prevention →](/fraud-prevention/overview) ## Prerequisites Before you begin, you need: * An **iDenfy account** — [Sign up here](https://idenfy.com/pricing-plans-v3/) if you don't have one * **API Key** and **API Secret** — Generate them in [Settings → API Keys](/guides/dashboard/settings/api-keys) Keep your API Secret confidential. Never expose it in client-side code, public repositories, or frontend applications. *** ## Step 1: Create a Verification Session Create a verification session by calling the session creation endpoint. Use your API Key and Secret for Basic Auth. ```bash cURL theme={"system"} curl -X POST https://ivs.idenfy.com/api/v2/token \ -H "Content-Type: application/json" \ -u "YOUR_API_KEY:YOUR_API_SECRET" \ -d '{ "clientId": "unique-customer-id-123" }' ``` ```python Python theme={"system"} import requests response = requests.post( "https://ivs.idenfy.com/api/v2/token", auth=("YOUR_API_KEY", "YOUR_API_SECRET"), json={ "clientId": "unique-customer-id-123" } ) data = response.json() print(f"Token: {data['authToken']}") print(f"Redirect URL: {data['redirectUrl']}") ``` ```javascript Node.js theme={"system"} const response = await fetch("https://ivs.idenfy.com/api/v2/token", { method: "POST", headers: { "Content-Type": "application/json", "Authorization": "Basic " + btoa("YOUR_API_KEY:YOUR_API_SECRET") }, body: JSON.stringify({ clientId: "unique-customer-id-123" }) }); const data = await response.json(); console.log(`Token: ${data.authToken}`); console.log(`Redirect URL: ${data.redirectUrl}`); ``` ```php PHP theme={"system"} $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, "https://ivs.idenfy.com/api/v2/token"); curl_setopt($ch, CURLOPT_POST, true); curl_setopt($ch, CURLOPT_USERPWD, "YOUR_API_KEY:YOUR_API_SECRET"); curl_setopt($ch, CURLOPT_HTTPHEADER, ["Content-Type: application/json"]); curl_setopt($ch, CURLOPT_POSTFIELDS, json_encode([ "clientId" => "unique-customer-id-123" ])); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); $response = curl_exec($ch); $data = json_decode($response, true); echo "Token: " . $data["authToken"]; ``` ```ruby Ruby theme={"system"} require "net/http" require "json" require "uri" uri = URI("https://ivs.idenfy.com/api/v2/token") http = Net::HTTP.new(uri.host, uri.port) http.use_ssl = true request = Net::HTTP::Post.new(uri) request.basic_auth("YOUR_API_KEY", "YOUR_API_SECRET") request.content_type = "application/json" request.body = { clientId: "unique-customer-id-123" }.to_json response = http.request(request) data = JSON.parse(response.body) puts "Token: #{data['authToken']}" ``` **Response:** ```json theme={"system"} { "authToken": "pgYQX0z2T8msB64gkl...", "scanRef": "d2714c8a-ec05-11ec-8ea0-0242ac120002", "clientId": "unique-customer-id-123", "redirectUrl": "https://ivs.idenfy.com/api/v2/redirect?authToken=pgYQX0z2T8msB64gkl..." } ``` *** ## Step 2: Redirect Your Customer Send your customer to the `redirectUrl` from the response. They will: 1. Select their document type and country 2. Upload or capture their ID document 3. Complete a liveness check (selfie) Redirect the user's browser to the `redirectUrl`: ```javascript theme={"system"} window.location.href = data.redirectUrl; ``` Embed the verification flow in your page: ```html theme={"system"} ``` [Full iFrame guide →](/kyc/iframe-redirect) Pass the `authToken` to the native SDK: ```kotlin theme={"system"} // Android IdenfyController.startIdentification(activity, authToken) ``` ```swift theme={"system"} // iOS IdenfyController.shared.startIdentification(authToken: authToken) ``` [Android SDK →](/sdks/android/quickstart) | [iOS SDK →](/sdks/ios/quickstart) *** ## Step 3: Receive Results Set up a webhook endpoint to receive verification results. Configure your webhook URL in [Dashboard → Settings → Webhooks](/guides/dashboard/settings/system-notifications-webhooks-emails). ```json Example webhook payload theme={"system"} { "final": true, "status": { "overall": "APPROVED", "autoDocument": "DOC_VALIDATED", "autoFace": "FACE_MATCH", "manualDocument": "DOC_VALIDATED", "manualFace": "FACE_MATCH" }, "scanRef": "d2714c8a-ec05-11ec-8ea0-0242ac120002", "clientId": "unique-customer-id-123", "data": { "docFirstName": "JOHN", "docLastName": "DOE", "docNumber": "AB1234567", "docExpiry": "2028-12-31", "selectedCountry": "US", "selectedDocType": "ID_CARD" } } ``` Use the [Testing & Sandbox](/guides/testing-sandbox) to simulate different verification outcomes before going live. *** ## What's Next? ### Continue with KYC Customize with country restrictions, document types, liveness, AML checks. Full webhook payload with all status codes and data fields. Compare redirect, iFrame, SDK, and no-code options. Everything to verify before switching to production. ### Explore Other Products Verify companies, retrieve registry data, screen beneficial owners. Screen against sanctions, PEPs, and adverse media. Risk scoring, proxy detection, phone and address verification. Re-authenticate returning users with biometric face matching.