BronID

Verify an individual (data form)

Use POST /v5/forms with type: "individual" and subType: "data" to create a hosted form where the customer fills in their personal details, address, identity documents, and accepts the consent declaration. The response returns a formUrl you can email or redirect them to.

Use the eKYC flow instead if you only want a selfie + ID-document capture without a data form.

Pre-fillable fields

Anything you include in the request body is pre-filled in the hosted form. Pre-filling reduces friction and avoids the customer mistyping data you already have.

  • Name
    userId
    Type
    string
    Description

    Optional. Your internal user identifier.

  • Name
    onBehalfUid
    Type
    string
    Description

    Optional. The UID of an onBehalf account if submitting on behalf of another organisation.

  • Name
    tags
    Type
    array
    Description

    Optional. Array of tag labels to attach to the verification for filtering and reporting. Use >>> (with surrounding spaces) to express hierarchy (e.g. tier-1 >>> gold). Up to 50 tags, each up to 500 characters. Labels referenced here are auto-registered into your tag registry on submission.

  • Name
    country
    Type
    string
    Description

    ISO3 Country code. Currently documented: AUS, NZL. See Countries.

  • Name
    type
    Type
    string
    Description

    Always "individual" for this flow.

  • Name
    subType
    Type
    string
    Description

    Always "data" for this flow.

  • Name
    firstName
    Type
    string
    Description

    Optional pre-fill.

  • Name
    middleName
    Type
    string
    Description

    Optional pre-fill.

  • Name
    lastName
    Type
    string
    Description

    Optional pre-fill.

  • Name
    email
    Type
    string
    Description

    Optional pre-fill. The formUrl returned in the response is what you share with the customer; bronID does not email the link automatically.

  • Name
    dateOfBirth
    Type
    string
    Description

    Optional pre-fill. Accepts YYYY-MM-DD (e.g. 1980-10-20) or DD/MM/YYYY (e.g. 20/10/1980). Normalised to YYYY-MM-DD server-side.

The fields the customer sees on the hosted form mirror the KYC API schema. The identity-document validations the customer's entries are checked against — driver-licence number formats, card-number formats, passport-number patterns, Medicare checksum — are documented on the Identity documents (AUS) and Identity documents (NZL) pages.

Example — AUS

Pre-fill what you already know; the customer completes the rest in the hosted form.

Customer is Australian; you know their name and email but not their address or ID documents.

Request

POST
/v5/forms
curl https://dev.bronid.com/v5/forms \
  --user "XL7ULiU6B4QE9Y2iWFZnhtMDKFN2:api_sec_NJAtNcRtUrPlf7xYDrMNP9URI-ZfN314" \
  --header "Content-Type: application/json" \
  --data '{
      "userId": "user-aus-001",
      "country": "AUS",
      "type": "individual",
      "subType": "data",
      "firstName": "Jane",
      "lastName": "Citizen",
      "email": "jane@example.com",
      "tags": ["region:apac", "tier-1 >>> gold"]
  }'

Response

{
  "timestamp": "2026-05-08T04:34:37.668Z",
  "serviceUid": "XL7ULiU6B4QE9Y2iWFZnhtMDKFN2",
  "trace": "1LuRUfAcaskosWc07nARZ",
  "path": "/v5/forms",
  "pathParams": {},
  "statusCode": 200,
  "message": "ID form created successfully",
  "help": null,
  "status": "success",
  "data": {
    "id": "1LuRUfAcaskosWc07nARZ",
    "formUrl": "https://forms-preview.bronid.com/ekyc-start/1LuRUfAcaskosWc07nARZ",
    "name": "Jane Citizen",
    "help": null
  },
  "error": null
}

Example — NZL

The same pre-fill pattern works for New Zealand. The customer's address fields will not include state (NZL has no per-state subdivision).

Customer is a New Zealander; you only have their name and email so far.

Request

POST
/v5/forms
curl https://dev.bronid.com/v5/forms \
  --user "XL7ULiU6B4QE9Y2iWFZnhtMDKFN2:api_sec_NJAtNcRtUrPlf7xYDrMNP9URI-ZfN314" \
  --header "Content-Type: application/json" \
  --data '{
      "userId": "user-nzl-001",
      "country": "NZL",
      "type": "individual",
      "subType": "data",
      "firstName": "Jane",
      "lastName": "Citizen",
      "email": "jane@example.com",
      "tags": ["region:apac", "tier-1 >>> gold"]
  }'

Form lifecycle

  1. Create form. POST /v5/forms returns a formUrl.
  2. Share the form. Email the link, redirect the user, or embed it in your app.
  3. Customer completes the form. They fill any fields you didn't pre-fill, capture ID documents, accept the consent declaration, and submit.
  4. Verification starts. bronID processes the submission against the same pipeline as the KYC API.
  5. Webhook notification. You receive status updates via Webhooks.
Form URLs are tied to a specific verification trace. Once submitted, the URL shows the submission status rather than allowing re-submission. Form URLs expire after 31 days in production, or 20 minutes in Preview. Restore an expired form with the Unlock form endpoint.

What's next?

Was this page helpful?