Overview
The ID Verification, Face Match, and Liveness APIs return awarnings field when the verification service signals non-blocking issues or risk flags. Session-based KYC (POST /api/kyc/validations, GET /api/kyc/validations/:id) stores a top-level warnings array on the validation record by merging risk codes from document verification, liveness, face match, and AML screening, and may add Gu1-internal codes (e.g. blocklist or sandbox). Clients can use these codes for:
- Display: Map each code to a human-readable message (e.g. your own i18n, or the descriptions below — the gu1 dashboard resolves labels in the same order as keys under
warningRisksandrejectionReasonCodesin the product locale files). - Logic: Branch on specific codes (e.g.
DOCUMENT_EXPIREDvsPOSSIBLE_DUPLICATED_USER), or pass allowed codes inomitWarningswhen creating a validation.
If the service returns a code not listed here, you may still receive it in
warnings. Treat unknown codes as generic warnings and display the code or a fallback message.Session-Based KYC Validation
ForGET /api/kyc/validations/:id (and list endpoints), the validation’s top-level warnings array contains risk code strings collected from:
- Document (ID) verification step
- Liveness step
- Face match step
- AML screening objects in the session decision
- Device & IP analysis objects in the session decision (
ip_analyses[]/ip_analysis)
omitWarnings on POST /api/kyc/validations references the same code strings documented in the tables below.
ID Verification
Returned in POST /api/kyc/id-verification and GET /api/kyc/id-verification/verifications/:id in thewarnings array. The same codes can appear on session validations from the document step.
Face Match
Returned in POST /api/kyc/face-match and GET /api/kyc/face-match/verifications/:id in thewarnings array.
Liveness (Session-Based KYC)
Returned in session-based KYC validation responses (e.g. current validation, list validations) when liveness checks are performed. Thewarnings array in the validation payload may contain these codes.
AML (Session-Based KYC)
When AML screening runs inside a session, risk codes from screeningwarnings are merged into the validation’s top-level warnings array.
Device & IP Analysis (Session-Based KYC)
When device and IP analysis runs inside a session, risk codes fromip_analyses[].warnings[] (or legacy ip_analysis.warnings) are merged into the validation’s top-level warnings array. These codes follow the provider’s Device & IP analysis warning taxonomy.
Internal (Gu1)
These codes may be added by Gu1 logic (entity vs OCR checks, name policy, sandbox mocks, etc.) and appear in the session validationwarnings array where applicable.
Registry Cross-Check (Argentina / RENAPER)
When RENAPER double-check is enabled and a registry-related issue is surfaced as a warning code, the same strings may appear inwarnings. Product locales map them under rejectionReasonCodes (in addition to warningRisks fallbacks where configured).
Example Response (ID Verification)
Example Response (Face Match)
ID Verification
Verify document front/back and extract data
Face Match
Compare document portrait and selfie