Feel free to reach techsupport@surepass.io for any technical support or guidance.
CKYC Bulk Webhook Test
Production
https://kyc-api.surepass.app
Production
https://kyc-api.surepass.app
POST
https://kyc-api.surepass.app
CKYC Bulk Webhook Test
Description
webhook_url and returns the outcome synchronously. Use it to verify that your receiver is reachable, responds with a 2xx, and handles the event payload shape before any real CKYC batch fires.document_type="TestWebhook") so support can correlate the attempt if you need help debugging.Technical Implementation
Authentication
All API requests require authentication using a JWT Bearer token:Obtain API Credentials: Register with Surepass to receive your API key. Generate JWT Token: Use your API key to generate a JWT token. Include in Requests: Add the token to the Environment URLs: Sandbox: Production:
1.
2.
3.
Authorization header as Bearer TOKEN.https://sandbox.surepass.iohttps://kyc-api.surepass.ioRequest Parameters
Request Headers
| Header | Required | Description |
|---|---|---|
| Authorization | Yes | Bearer JWT token (Bearer <JWT>) |
Request Body
Process Response
Response Parameters
| Parameter | Type | Description |
|---|---|---|
| data | Object | Response payload |
| data.delivery_id | String | Unique id of the recorded delivery attempt (useful when contacting support) |
| data.status | String | Final delivery status: delivered, failed, timed_out, or unknown |
| data.status_code | Integer | Null | HTTP status code returned by your receiver (null for timeouts/network errors) |
| data.latency_ms | Integer | Null | Round-trip latency in milliseconds |
| data.error | String | Null | Error detail when status is not delivered |
| data.webhook_url | String | The URL the payload was dispatched to |
| data.payload | Object | The randomized payload that was sent to the receiver |
| status_code | Integer | HTTP status code of this API call |
| success | Boolean | Whether this API call itself succeeded |
| message | String | Human-readable status message |
| message_code | String | Machine-readable status code |
Example Successful Response
{
"data": {
"delivery_id": "69e74d520c297482d64990a4",
"status": "delivered",
"status_code": 200,
"latency_ms": 4,
"error": null,
"webhook_url": "https://hooks.example.com/ckyc-bulk",
"payload": {
"client_id": "test_82ce88a428f5",
"new_state": "awaiting_cersai_response",
"timestamp": "2026-04-21T10:11:30Z",
"test": true
}
},
"status_code": 200,
"message": "Success",
"message_code": "success",
"success": true,
"errors": null
}Non-Delivered Outcomes
status_code: 200 and success: true. The delivery result is communicated via data.status.Receiver Returned Non-2xx
Receiver Timed Out
{
"data": {
"delivery_id": "69e74d520c297482d64990a5",
"status": "failed",
"status_code": 500,
"latency_ms": 17,
"error": "webhook responded with status 500",
"webhook_url": "https://hooks.example.com/ckyc-bulk",
"payload": {
"client_id": "test_7fa31bd69c40",
"new_state": "upload_succeeded",
"timestamp": "2026-04-21T10:12:04Z",
"test": true
}
},
"status_code": 200,
"message": "Success",
"message_code": "success",
"success": true,
"errors": null
}Possible Error Responses
Authentication Failed
Account Not Found
No Webhook Configured
{
"data": null,
"status_code": 401,
"success": false,
"message": "Unauthorized",
"message_code": "auth_failed"
}Test Payload
{
"client_id": "test_82ce88a428f5",
"new_state": "awaiting_cersai_response",
"timestamp": "2026-04-21T10:11:30Z",
"test": true
}Payload Fields
| Field | Type | Description |
|---|---|---|
| client_id | String | Synthetic id prefixed with test_ and a random hex suffix -- never matches a real CKYC batch |
| new_state | String | One of awaiting_cersai_response or upload_succeeded, chosen at random |
| timestamp | String | UTC ISO-8601 timestamp of the test, without milliseconds |
| test | Boolean | Always true so your receiver can distinguish a test from a real event |
test: true flag. Your receiver should tolerate the extra key.Heads Up
webhook_url with the same HTTP client, timeouts, and 2xx-means-delivered semantics as production events. Make sure the URL is one you actually want pinged.client_id -- The test_ prefix means your receiver must not attempt to look this id up in any internal system.Code Samples
cURL
Python
Node.js
Related Steps
Request
Responses
Request Request Example
Shell
JavaScript
Java
Swift
curl --location --request POST 'https://kyc-api.surepass.app/api/v1/ckyc/v1/bulk/webhook-test' \
--header 'Authorization: Bearer <token>'Response Response Example
{
"data": {
"delivery_id": "69e74d520c297482d64990a4",
"status": "delivered",
"status_code": 200,
"latency_ms": 4,
"error": null,
"webhook_url": "https://hooks.example.com/ckyc-bulk",
"payload": {
"client_id": "test_82ce88a428f5",
"new_state": "awaiting_cersai_response",
"timestamp": "2026-04-21T10:11:30Z",
"test": true
}
},
"status_code": 200,
"message": "Success",
"message_code": "success",
"success": true,
"errors": null
}