/
Sumsub KYC Provider

Sumsub KYC Provider

Sum And Substance (Sumsub) is a UK-based KYC provider. They can automatically approve (or reject) an Identity and enable easier AML/KYC compliance for your operation.

“Tailored to your risk appetite, market demands, and use cases, it’s powered by adaptive AI intelligence to support global scale while keeping your business compliant and future-ready.”

  • Sumsub Home Page: https://sumsub.com/

  • Added to CAS as an AML/KYC provider in the 20250601 release.

Part 1: Configure a Sumsub webhook on your CAS host (CLI).

Instructions: https://generalbytes.atlassian.net/wiki/x/AYBeCwE

Do not proceed until you have created & successfully tested a working webhook endpoint.

Part 2: Configure your SumSub account

Only proceed if an account Administrator! Lesser accounts will have insufficient privileges.

Acquire these parameters from your SumSub account:

  1. App Token,

  2. App Token Secret Key,

  3. Webhook secret key, and

  4. Verification Level

1, 2) Navigate to: “Dev space” > “App tokens”

  • Click “Generate App Token”.

  • Allow all permissions.

    • The token must include the "Create applicants" permission (amongst others).

    • The "Create applicants" permission is not available to non-Admin accounts.

  • Save the CAS required App Token and App Token Secret Key.

3) Navigate to: “Dev space” > “Webhooks” > “Webhook manager”

  • Click “Create webhook”.

  • Set “Webhook types” to ALL.

  • Set the Target webhook to the working webhook endpoint from Part 1.

  • Copy and save the “Secret key” as the CAS required Webhook Secret Key.

  • See: https://docs.sumsub.com/docs/webhooks

4) Navigate to: “Integrations” > “Verification levels” > “Individuals”

Part 3: CAS GUI Configuration

Shared instructions: https://generalbytes.atlassian.net/wiki/x/BIBQ_w

SumSub Organization Settings

Navigate to the “Identity Verification Provider” section of your Organization settings.

Screenshot from 2025-08-19 11-01-39.png

  • Select Sum & Substance by GB and LC, and from the data acquired in Part 2, fill in:

    • Token,

    • Secret Key,

    • Webhook Secret Key,

    • Applicant Level name, and

    • Applicant Link Expiry Time in Seconds.

  • Save it (SUBMIT).

SumSub testing notes:

See: https://generalbytes.atlassian.net/wiki/spaces/ESD/pages/4216356868/Configuring+an+Identity+Verification+Provider#4.-Finally%2C-test-it!

Checking the results in the SumSub Cockpit:

Log in to the SumSub Cockpit.

  1. Find your tested Identity number via Applicants section.

  2. Check the verification level.

  3. Verify that all components are approved:

    1. Identity document: Approved

    2. Selfie (liveness): Approved

    3. Documents requested → to Approved.

Copyright © 2020-2026 General Bytes USA LLC