POST /v1/kyc/start. Nothing about verification, outcomes, or webhooks changes.
How it works
- The participant provides their phone number and date of birth.
- Polymarket US sends a one-time passcode (OTP) to the phone.
- The participant enters the OTP to verify ownership.
- You receive prefilled identity data (name, address, last 4 of SSN, etc.).
- The participant reviews and corrects it, provides the full SSN, accepts the agreement, and you submit the standard verification request.
Step 1: Start prefill
Response:
externalId — it is the correlation identifier for the OTP step and for the subsequent verification request.
Step 2: Submit OTP
On success, the response includes the prefilled identity data:
All identity fields are optional and may be absent if the prefill provider has no data for this phone/DOB. Always let the participant review and edit prefilled values before submission.
Step 3: Submit to verification
Map the prefilled data into the standardPOST /v1/kyc/start request, collect the full SSN and agreement acceptance, and submit. Pass the prefill externalId as the request’s external_id so the inquiry correlates end to end.
From here the flow is exactly the standard verification flow — same outcomes, decision matrix, and webhooks.
Complete flow
Using gRPC
Both steps are also available onpolymarket.us.kyc.v1.KYCAPI with identical fields and semantics — see the transport mapping:
Error handling
Allow up to 3 OTP attempts before requiring a new code, and rate-limit OTP requests to prevent abuse. Prefill failures should never block onboarding — fall back to the manual form.
Sandbox testing
Next steps
Verification Flow
Submit the (prefilled) data and handle each outcome.
Digital Intelligence
Capture the
session_token to lower your REVIEW rate.