AVS — Hosted Verification Flow

This is the white-label age-verification experience. Capture (selfie / ID) happens here, on our domain, so biometric data never touches the client's site.

How a real session works

  1. The client's server creates a session via the backend (POST /api/v1/sessions) and receives a hosted_url.
  2. The end user is sent to that URL: /v/{token} — opened here or embedded as an iframe via the SDK.
  3. We capture, call the engine for a decision, fire a signed webhook, and redirect the user back to the client.

There is nothing to do on this landing page — open a session at /v/{token}.