docs(kyc): document direct API onboarding for unregulated platforms#499
Merged
pengying merged 1 commit intoMay 23, 2026
Conversation
|
The latest updates on your projects. Learn more about Vercel for GitHub.
|
Contributor
|
Preview deployment for your docs. Learn more about Mintlify Previews.
|
Contributor
Greptile SummaryThis PR documents a new capability for unregulated platforms: in addition to the existing hosted KYC/KYB link flow, they can now submit identity data directly via
Confidence Score: 4/5Documentation-only change that is safe to merge; the new Direct API Onboarding section is accurate and well-structured, with only minor consistency gaps in the curl examples. The prose and step descriptions across all four files are accurate and consistent. The main gaps are in the new curl examples: mintlify/snippets/kyc/kyc-unregulated.mdx — the new Direct API Onboarding curl examples have inconsistent idempotency header usage and a missing response example.
|
| Filename | Overview |
|---|---|
| mintlify/snippets/kyc/kyc-unregulated.mdx | Rewrites the top callout from Warning to Note and adds a complete Direct API Onboarding Steps section. Idempotency key headers are inconsistently applied across the new curl examples, and the opening Note omits the KYC_STATUS webhook claim present in the other updated files. |
| mintlify/ramps/quickstart.mdx | Single sentence updated in Step 1 to reflect both onboarding paths for unregulated platforms; change is accurate and consistent with the snippet content. |
| mintlify/snippets/creating-customers/customers.mdx | Onboarding model bullet updated to describe both paths; adds a cross-reference link to the Configuring Customers guide for the direct API flow. No issues found. |
| mintlify/snippets/creating-customers/onboarding-model.mdx | Unregulated platforms bullet updated to describe both onboarding paths; pre-existing missing-EOF-newline is unchanged. |
Flowchart
%%{init: {'theme': 'neutral'}}%%
flowchart TD
A[Unregulated Platform] --> B{Choose onboarding path}
B --> C[Hosted KYC/KYB Link Flow]
B --> D[Direct API Onboarding]
C --> C1[POST /customers]
C1 --> C2[POST /customers/id/kyc-link]
C2 --> C3[Redirect customer to kycUrl or embed SDK]
C3 --> C4[Customer completes verification]
D --> D1[POST /customers]
D1 --> D2{Business customer?}
D2 -- Yes --> D3[POST /beneficial-owners per owner]
D2 -- No --> D4[POST /documents]
D3 --> D4
D4 --> D5[POST /verifications]
C4 --> E[KYC_STATUS webhook emitted]
D5 --> E
E --> F{Decision}
F -- APPROVED --> G[Unlock funding and money movement]
F -- REJECTED or EXPIRED --> H[Surface next step or request manual review]
Prompt To Fix All With AI
Fix the following 4 code review issues. Work through them one at a time, proposing concise fixes.
---
### Issue 1 of 4
mintlify/snippets/kyc/kyc-unregulated.mdx:2
The opening `<Note>` says "Both paths produce the same `kycStatus` transitions," but the parallel descriptions in `customers.mdx` and `onboarding-model.mdx` say "Both paths emit the same `KYC_STATUS` webhooks." These are two distinct things — `kycStatus` is the field on the customer object, `KYC_STATUS` is the webhook event type. A reader who relies only on this callout may miss that webhooks are also shared across paths, which is the more operationally relevant claim.
```suggestion
**Unregulated platforms** rely on Grid to run KYC/KYB. You can onboard customers either through the **hosted KYC/KYB link flow** below, or by **submitting KYC data directly through the API** — creating beneficial owners, uploading documents, and triggering verification yourself. Both paths produce the same `kycStatus` transitions and emit the same `KYC_STATUS` webhooks.
```
### Issue 2 of 4
mintlify/snippets/kyc/kyc-unregulated.mdx:110-114
The `POST /beneficial-owners` example omits an `Idempotency-Key` header, but the `POST /verifications` example includes one. Without an idempotency key on retried calls, a transient network failure could result in duplicate beneficial owner records being registered for the same customer.
```suggestion
```bash
curl -X POST "https://api.lightspark.com/grid/2025-10-13/beneficial-owners" \
-u "$GRID_CLIENT_ID:$GRID_CLIENT_SECRET" \
-H "Content-Type: application/json" \
-H "Idempotency-Key: $(uuidgen)" \
-d '{
```
### Issue 3 of 4
mintlify/snippets/kyc/kyc-unregulated.mdx:127-133
The `POST /documents` upload example also omits an `Idempotency-Key`. Retrying a failed document upload without one risks uploading the same file twice. The pattern used in `POST /verifications` should be applied here as well.
```suggestion
```bash
curl -X POST "https://api.lightspark.com/grid/2025-10-13/documents" \
-u "$GRID_CLIENT_ID:$GRID_CLIENT_SECRET" \
-H "Idempotency-Key: $(uuidgen)" \
-F "customerId=Customer:019542f5-b3e7-1d02-0000-000000000001" \
-F "documentType=PASSPORT" \
-F "file=@./passport.jpg"
```
```
### Issue 4 of 4
mintlify/snippets/kyc/kyc-unregulated.mdx:136-150
**Missing response example for `POST /verifications`**
The step text says "the response will tell you which fields or documents to collect before retrying" but shows no example of that response. The hosted KYC flow section shows a response body for its key endpoint; showing at least a representative success body and the missing-fields error shape here would let developers know what to expect without needing to test-hit the API first.
Reviews (1): Last reviewed commit: "docs(kyc): document direct API onboardin..." | Re-trigger Greptile
![greptile-apps[bot]](https://avatars.githubusercontent.com/in/867647?s=60&v=4){kind=small}
pengying
force-pushed
the
05-23-docs_kyc_document_direct_api_onboarding_for_unregulated_platforms
branch
from
011e0b7 to
d4f92f2
Compare
pengying
force-pushed
the
05-23-docs_kyc_document_direct_api_onboarding_for_unregulated_platforms
branch
from
d4f92f2 to
ac6c895
Compare
pengying
force-pushed
the
05-23-docs_kyc_document_direct_api_onboarding_for_unregulated_platforms
branch
from
ac6c895 to
0348280
Compare
whoisglover
approved these changes
May 23, 2026
Contributor
Author
pengying
deleted the
05-23-docs_kyc_document_direct_api_onboarding_for_unregulated_platforms
branch
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Unregulated platforms can now onboard customers via direct API calls (beneficial owners, documents, verifications) in addition to the existing hosted KYC/KYB link flow. Updates the docs to reflect both options.
ramps/quickstart.mdx: drop "unregulated must use hosted flow" claimsnippets/kyc/kyc-unregulated.mdx: reframe top callout; add Direct API Onboarding Steps section walking throughPOST /beneficial-owners,POST /documents,POST /verificationssnippets/creating-customers/onboarding-model.mdx+customers.mdx: mention both onboarding pathsRegulated platform content (
kyc-regulated.mdxand tabs structure) unchanged.Test plan