To onboard users on your platform, you need to build your own UI where you collect data from your users and submit this data to Adyen. You can onboard users operating in any of the following countries. On this page, we explain how you can onboard and verify your users using the Legal Entity Management API and Configuration API.
Before you begin
Make sure that:
- You have API credentials for the Legal Entity Management API and Configuration API .
- You have reviewed the verification process and the required information for your users..
Step 1: Set up webhooks
Before you start collecting the required information from users, we recommend that you configure your system to accept our webhooks. Webhooks keep you updated on the progress of your users' verification process, merchant account and capability status changes, notify you of errors and contain instructions on how resolve them. Webhooks are crucial for a successful integration with Adyen, and the only way you'll receive automatic updates.
For instructions on how to configure webhooks, see Webhooks.
Step 2: Create legal entities
A legal entity resource holds information required for the verification checks. You need to create a legal entity for the user that has a contractual relationship with your platform. You may also need to create legal entities to represent entities connected to the main user. Make sure you collect the required information for each legal entity.
Select a tab below to create different types of legal entities:
To create a legal entity for an organization, provide all the required information in a POST /legalEntities request, specifying:
| Parameter | Required | Description |
|---|---|---|
| type |  |
Set to organization. |
| organization | |
Object that contains required information about the organization such as the type, the legalName, and its registeredAddress. |
The following is an example of how to create a legal entity for a private company operating in the US. The request contains the minimum required information for a marketplace setup. To know the additional requirements for other platform setups or financial products, refer to required information.
curl https://kyc-test.adyen.com/lem/v3/legalEntities \
-H 'x-api-key: YOUR_SCOPE_COMPANY_API_KEY' \
-H 'content-type: application/json' \
-X POST \
-d '{
"type" : "organization",
"organization" : {
"legalName" : "Example Company",
"registrationNumber": "101002749",
"type" : "privateCompany",
"registeredAddress" : {
"city": "San Francisco",
"country": "US",
"postalCode": "94107",
"stateOrProvince": "CA",
"street": "Brannan Street",
"street2": "Example Building"
}
}
}'The response returns the legalEntity resource for the organization, identified by its unique id. You will need this ID in the next step when you link the legal entity to the legal entity of its owner.
{
"organization": {
"legalName": "Example Company",
"registrationNumber": "101002749",
"registeredAddress": {
"city": "San Francisco",
"country": "US",
"postalCode": "94107",
"stateOrProvince": "CA",
"street": "Brannan Street",
"street2": "Example Building"
},
"taxExempt": false,
"type": "privateCompany"
},
"type": "organization",
"id": "LE00000000000000000000001"
}Step 3: Associate legal entities
The user that holds a contractual relationship with your platform is the main legal entity. You also need to create legal entities for other entities associated with this user. For example, if the main legal entity conducting business with your platform is an organization, then the legal entities of the owners of the organization must be linked to the legal entity of the organization.
To associate legal entities, update the main legal entity by making a PATCH /legalEntities/{id} request, specifying the entityAssociations array.
When updating the entityAssociations, note that a PATCH request replaces the whole array. If you only want to update one array item, make sure you include all existing items along with the specific change in your request.
The example below shows how you can associate an ultimate beneficial owner (UBO) to an organization.
Update the legal entity of the organization by making a PATCH /legalEntities/{id} request.
The array must include:
- legalEntityId: Unique identifier of the individual legal entity being associated.
- type: The relationship of the individual with the organization. Possible values: uboThroughControl, uboThroughOwnership, or signatory.
curl https://kyc-test.adyen.com/lem/v3/legalEntities/LE00000000000000000000001 \ -H 'x-api-key: YOUR_SCOPE_COMPANY_API_KEY' \ -H 'content-type: application/json' \ -X PATCH \ -d '{ "entityAssociations":[ { "jobTitle":"CEO", "legalEntityId":"LE00000000000000000000002", "type":"uboThroughControl" }, { "legalEntityId":"LE00000000000000000000003", "type":"uboThroughOwnership" }, { "jobTitle":"Country Manager", "legalEntityId":"LE00000000000000000000004", "type":"signatory" } ] }'If a person holds multiple roles in an organization, use their individual legal entity id to link them to each type or jobTitle.
curl https://kyc-test.adyen.com/lem/v3/legalEntities/LE00000000000000000000001 \ -H 'x-api-key: YOUR_SCOPE_COMPANY_API_KEY' \ -H 'content-type: application/json' \ -X PATCH \ -d '{ "entityAssociations":[ { "jobTitle":"CEO", "legalEntityId":"LE00000000000000000000002", "type":"uboThroughControl" }, { "legalEntityId":"LE00000000000000000000002", "type":"uboThroughOwnership" }, { "jobTitle":"CEO", "legalEntityId":"LE00000000000000000000002", "type":"signatory" } ] }'
The response contains the updated legal entity.
Step 4: Create transfer instruments
Adyen must perform checks on the bank account where your user will receive their payouts. We refer to this bank account as a transfer instrument resource.
Collect the required information and provide this in a POST /transferInstruments request, specifying:
| Parameter | Required | Description |
|---|---|---|
| type | |
Set to bankAccount. |
| legalEntityId | |
Unique identifier of the legal entity that has the contractual relationship with your platform and owns the bank account. For sole proprietorships, this is the legal entity ID of the individual owner. |
| bankAccount | |
Object that contains required information about the legal entity's bank account. |
Here is an example request to add a transfer instrument for a bank account in the US:
curl https://kyc-test.adyen.com/lem/v3/transferInstruments \
-H 'x-api-key: YOUR_SCOPE_COMPANY_API_KEY' \
-H 'content-type: application/json' \
-X POST \
-d '{
"legalEntityId":"LE00000000000000000000001",
"type":"bankAccount",
"bankAccount":{
"accountIdentification":{
"type":"usLocal",
"accountNumber":"0000000123",
"routingNumber":"121202211"
}
}
}'The response returns the transferInstrument resource, identified by its unique id.
If we are not able to verify the bank account details, you will need to provide additional documents.
Step 5 (Conditional): Create business lines
For additional financial products, such as business bank accounts, or to configure a platform setup, Adyen also requires information about the legal entity's line of business, such as their industry, source of funds, and sales channels.
To submit your user's business line information for a platform setup, make a POST /businessLinesrequest specifying the following:
| Parameter | Required | Description |
|---|---|---|
| service | |
The service for which you are creating the business line. Set this to paymentProcessing. |
| industryCode | |
The industry code. |
| legalEntityId | |
The unique identifier of the legal entity that has a contractual relationship with your platform. For example, for an individual who has a sole proprietorship business, this must be the legal entity ID of the individual. |
| salesChannels | |
Array of channels in which your user sells goods or services. Possible values: eCommerce, ecomMoto, pos, posMoto, and payByLink. Sales channels may have different PCI DSS requirements. We recommend that you be familiar with these requirements before creating business lines for your user. |
| webData | Required when salesChannel is eCommerce. The user's web address or the app store URL. |
curl https://kyc-test.adyen.com/lem/v3/businessLines \
-H 'x-api-key: YOUR_SCOPE_COMPANY_API_KEY' \
-H 'content-type: application/json' \
-X POST \
-d '{
"service": "paymentProcessing",
"industryCode": "339E",
"salesChannels": [
"eCommerce",
"ecomMoto"
],
"legalEntityId": "LE322JV223222D5FZ9N74BSGM",
"webData": [
{
"webAddress": "https://yoururl.com"
}
]
}'In the response, you receive the id of the business line. You will use this ID to create stores and add payment methods.
Step 6: Create account holders
An account holder resource holds the capabilities that your user can do in your platform, such as the capability to process split payments and pay out their funds to their bank accounts. Capabilities are requested for them by default. If you want them to have a capability that is not part of the default configuration, you need to request the specific capability. The verification process starts after you create an account holder.
To create an account holder, make a POST /accountHolders request specifying:
| Parameter | Required | Description |
|---|---|---|
| legalEntityId | |
The unique identifier of the account holder's corresponding legal entity. |
| balancePlatform | The unique identifier of the balance platform. Required only if your API credentials has access to multiple balance platforms. | |
| description | A human-readable description for the account holder, which can be useful for your staff and support agents. |
Here is an example of how you can create an account holder.
curl https://balanceplatform-api-test.adyen.com/bcl/v2/accountHolders \
-H 'x-api-key: YOUR_BALANCE_PLATFORM_API_KEY' \
-H 'content-type: application/json' \
-d '{
"{hint:Required if you have multiple balance platforms}balancePlatform{/hint}": "YOUR_BALANCE_PLATFORM_ACCOUNT",
"{hint:Free-text field}description{/hint}":"Test Account holder",
"{hint:Unique legal entity ID}legalEntityId{/hint}":"LE00000000000000000000001"
}'The response returns the new accountHolder resource, identified by its unique id. The response also includes a capabilities array. In most cases, default capabilities are configured for your platform during the design phase. To add a specific capability for an account holder, you need to request it.
{
"balancePlatform":"YOUR_BALANCE_PLATFORM_ACCOUNT",
"capabilities":{
"receiveFromBalanceAccount":{
"allowed": false,
"enabled": true,
"requested": true,
"verificationStatus":"pending"
},
"receiveFromPlatformPayments":{
"allowed": false,
"enabled": true,
"requested": true,
"verificationStatus": "pending"
},
"sendToBalanceAccount":{
"allowed": false,
"enabled": true,
"requested": true,
"verificationStatus":"pending"
},
"sendToTransferInstrument":{
"allowed": false,
"enabled": true,
"requested": true,
"verificationStatus":"pending"
}
},
"description":"Test Account holder",
"id":"AH00000000000000000000001",
"legalEntityId":"LE00000000000000000000001",
"reference":"YOUR_INTERNAL_IDENTIFIER",
"status":"active"
}Step 7 (Conditional): Check security requirements
Required if you have a platform setup.
Because your users have a direct connection with card schemes, they must comply with the requirements laid down in the Payment Card Industry Data Security Standards (PCI DSS) for collecting, processing, storing, and transmitting cardholder data in a secure environment. To prove their compliance, they must sign a Self-Assessment Questionnaire (SAQ) before they can start processing card payments. The questionnaire asks them to confirm the security of their cardholder data environment, which typically includes their website, web servers, and employees who can access them.
Listen to webhooks to determine if your user needs to sign PCI questionnaires. You must generate the required security questionnaires and ask your user to sign them.
Step 8 (Conditional): Determine the terms of service
Required if you have a platform setup.
Your users must accept Adyen's Terms of Service before they can perform particular actions in your platform. The type of the Terms of Service agreement depends on your specific integration.
Listen to webhooks to determine if your user needs to accept the Terms of Service. You must generate the required agreement type and present it to your user, then ask them to accept it.
Step 9: Get verification updates
To get updates about the verification status and results, you can:
- Listen to balancePlatform.accountHolder.updated webhooks.
- Make a GET /accountHolders/{id} request.
If you are using a staggered verification process, Adyen informs you when an account holder is moved to a higher tier and what data they need to provide. After the data is verified by Adyen, their payouts are enabled again.
The webhook provides the status of the verification: valid, invalid, or rejected.
Verification valid
When the checks are completed successfully, Adyen sends a balancePlatform.accountHolder.updated webhook with:
- verificationStatus: Set to valid.
- allowed: Set to true.
{
"data":{
"accountHolder":{
"capabilities":{
"sendToTransferInstrument":{
"allowed":"true",
"enabled":"true",
"requested":"true",
"verificationStatus":"valid"
}
},
"description":"Test Account holder",
"id":"AH00000000000000000000001",
"legalEntityId":"LE00000000000000000000001",
"reference":"YOUR_INTERNAL_IDENTIFIER",
"status":"active"
},
"balancePlatform":"YOUR_BALANCE_PLATFORM"
},
"environment":"test",
"type":"balancePlatform.accountHolder.updated"
}Verification invalid
When there are problems with the verification, Adyen sends a balancePlatform.accountHolder.updated webhook.
This section is for platforms that have completed their integration.
The webhook contains the following information:
- verificationStatus: Set to invalid.
- allowed: Set to false.
- problems: Contains
verificationErrors,subErrors, andremediatingActionsarrays returned on the linked legal entity. If there are verification errors, you must resolve them.
To see any problems also returned on the transfer instrument resource, reach out to your Adyen contact to enable the feature. For example, if your users have multiple transfer instruments, this can help them more easily see the errors and on which transfer instrument they need to be resolved.
{
"data":{
"accountHolder":{
"capabilities":{
"sendToTransferInstrument":{
"allowed":"false",
"enabled":"true",
"problems":[
{
"entity":{
"id":"LE00000000000000000000001",
"type":"LegalEntity"
},
"verificationErrors":[
{
"code":"2_8037",
"message":"bankStatement was missing.",
"remediatingActions":[
{
"code":"1_703",
"message":"Upload a bank statement"
}
],
"type":"dataMissing"
}
]
}
],
"requested":"true",
"verificationStatus":"invalid"
}
},
"description":"Test Account holder",
"reference":"YOUR_INTERNAL_IDENTIFIER",
"id":"AH00000000000000000000001",
"legalEntityId":"LE00000000000000000000001",
"status":"Active"
},
"balancePlatform":"YOUR_BALANCE_PLATFORM"
},
"environment":"test",
"type":"balancePlatform.accountHolder.updated"
}If the webhook or the API response has a problems array, check remediatingActions. In this array, you'll find the actions that you can take to resolve the error, such as updating the data or uploading documents. Refer to verification error codes for a list of verification errors.
Let's say that the legal entity's name changed and now their data must be updated. To do this, send a PATCH /legalEntities/{id} request.
After you update the data, Adyen sends another webhook with the verificationStatus set to pending.
Once again, you will get updates about the status of the verification from the webhook or by making an API request.
Verification rejected
When the verification is unsuccessful and the capability is rejected, for example due to fraudulent activity, Adyen sends a balancePlatform.accountHolder.updated webhook containing the following information:
- verificationStatus: Set to rejected.
- allowed: Set to false.
- problems: Contains
verificationErrors,subErrors, andremediatingActionsarrays.
{
"data":{
"accountHolder":{
"capabilities":{
"sendToTransferInstrument":{
"enabled":"true",
"requested":"true",
"allowed":"false",
"problems":[
{
"entity":{
"id":"LE00000000000000000000001",
"type":"LegalEntity"
},
"verificationErrors":[
{
"code":"1_12",
"message":"Legal entity declined",
"remediatingActions":[
{
"code":"1_101",
"message":"Contact Support"
}
],
"subErrors":[
{
"code":"1_1000",
"message":"Verification failed. Legal entity declined",
"remediatingActions":[
{
"code":"1_101",
"message":"Contact Support"
}
],
"type":"invalidInput"
}
],
"type":"invalidInput"
}
]
}
],
"verificationStatus":"rejected"
}
},
"description":"Test Account holder",
"reference":"YOUR_INTERNAL_IDENTIFIER",
"id":"AH00000000000000000000001",
"status":"Active"
}
},
"environment":"test",
"type":"balancePlatform.accountHolder.updated"
}If the capability is rejected, any errors cannot be resolved by updating data or uploading documents.
Step 10 (Conditional): Upload documents
Adyen attempts to verify the data that you provide. However, in some cases, the automatic verification might fail. This could be due to incorrect data or when the data can't be verified. In these cases, Adyen may ask you to upload documents. Make sure your onboarding flow supports the collection of documents from users.
For example, a remediating action code 1_301 indicates that you need to upload an ID document for the user.
To submit a document to Adyen, upload the document by making a /documents request, specifying:
| Parameter | Required | Description |
|---|---|---|
| attachments | |
Array that contains the document. |
| owner | |
Object that contains the owner.id of the resource that owns the document and the owner.type of resource. For type legalEntity, the id is the unique identifier of the legal entity. For type bankAccount, the id is the unique identifier of the transfer instrument. |
| type | |
The type of document that you can upload depends on the legal entity type. |
The combination of owner.id, type, and attachments.content must be unique. If you have already submitted the same combination, you'll receive an error message. Either update the existing document resource, or delete the resource and create a new one.
Here is an example of how to upload an identity document for an individual:
curl https://kyc-test.adyen.com/lem/v3/documents \
-H 'x-api-key: YOUR_SCOPE_COMPANY_API_KEY' \
-H 'content-type: application/json' \
-X POST \
-d '{
"owner" : {
"id" : "LE00000000000000000000001",
"type" : "legalEntity"
},
"description" : "ID for individual",
"type" : "identityCard",
"attachments" : [
{
"content": "AAQSkZJRgABAQEAYABgAAD/s.."
}
]
}'The response returns the document resource, identified by its unique id.
Adyen returns the results of the verification and the available capabilities on the accountHolder resource. After you successfully upload the additional documents, wait for Adyen to inform you of the verification results. Adyen validates documents asynchronously. On average, it takes about 30 seconds to validate a photo ID, and two days for registration documents and bank statements.