Fangate API

Appearance

Verification

Identity and age-verification flows used by Fangate.

Two systems are active:

  • Veriff: creator identity verification
  • Yoti: buyer age verification

They solve different problems and should not be treated as interchangeable.

Veriff

Veriff is used for creator identity verification.

GET /api/veriff/create

Create a new Veriff session for the authenticated creator.

  • Auth required: Yes
  • Roles: Authenticated creator

Success response example

Current controller returns the raw Veriff session payload, not the standard Fangate { success, data } wrapper.

json
{
  "status": "success",
  "verification": {
    "id": "96972fba-3de6-4346-9029-4fdbea684bd3",
    "url": "https://alchemy.veriff.com/v/...",
    "vendorData": "42",
    "host": "https://alchemy.veriff.com",
    "status": "created",
    "sessionToken": "jwt-token"
  }
}

Error example

json
"Can't create session"

Side effects

  • on success, backend stores veriff_id on the user

POST /api/veriff/decision

Fetch the current verification decision for the authenticated creator.

  • Auth required: Yes
  • Roles: Authenticated creator

Success response examples

Verified:

json
[
  "User is verified"
]

Not verified:

json
[
  "User is not verified"
]

Missing session:

json
"The user hasn't verification session."

Important notes

  • this endpoint also does not use the standard Fangate response wrapper
  • when Veriff decision code 9001 is returned, backend updates is_verified=true

Yoti

Yoti is used for buyer age verification when a product requires it.

POST /api/yoti/session/create

Create a Yoti age-verification session.

  • Auth required: No
  • Roles: Public buyer flow
  • Content type: application/json

Request body

FieldTypeRequiredNotes
short_link_keystringYesProduct short-link key used to build the return URL.

Success response example

json
{
  "success": true,
  "session_id": "abc-123-def",
  "link": "https://api.yoti.com/..."
}

Error example

json
{
  "success": false,
  "message": "Failed to create verification session",
  "error": null
}

Important notes

  • current controller does not wrap this in the standard API envelope
  • Yoti session creation uses the current PHP session id plus the short-link return target

POST /api/yoti/webhook

Receive webhook notifications from Yoti.

  • Auth required: No
  • Roles: Yoti server-to-server callback

Success response example

json
{
  "status": "ok"
}

Error response example

json
{
  "status": "error"
}

Verification flow examples

Creator identity verification

  1. GET /api/veriff/create
  2. creator completes hosted Veriff flow
  3. POST /api/veriff/decision
  4. GET /api/user confirms is_verified

Buyer age verification

  1. buyer opens a sales link for adult content with age check enabled
  2. frontend calls POST /api/yoti/session/create
  3. buyer completes Yoti flow
  4. Yoti calls POST /api/yoti/webhook
  5. buyer returns to purchase flow

Fangate backend developer documentation

© 2026 KYW Licensing Holding Limited