Skip to main content
This guide walks you through issuing an API key, ingesting a customer, and reading the result back.

1. Issue an API key

1

Open the Developers settings

Sign in to Instant Compliance and navigate to Settings → Developers. You will need the org.api-keys permission (Administrators have this by default; ask your Compliance Officer otherwise).
2

Create a key

Click Create key, give it a recognisable label (e.g. Zapier — HubSpot production), pick the scopes the integration needs, and click Create key.
ScopeGrants
customers:writeCreate and update customer records.
customers:readRead customer details and KYC status.
aml:readRead AML status and category flags.
For an “ingest customers + read status back” integration: tick all three.
3

Copy the plaintext key

The key is shown once in the format ic_live_…. Copy it immediately into your integration’s secret manager. We will never be able to show it again — if you lose it, revoke the key and issue a new one.

2. Send your first request

Verify the key works by listing customers (returns an empty list if you have not ingested anyone yet): 
curl https://app.instantcompliance.ai/api/v1/customers \
  -H "Authorization: Bearer ic_live_..."
You should receive { "object": "list", "data": [], "has_more": false, "next_cursor": null, "limit": 50 }.

3. Ingest a customer

curl -X POST https://app.instantcompliance.ai/api/v1/customers \
  -H "Authorization: Bearer ic_live_..." \
  -H "Content-Type: application/json" \
  -H "Idempotency-Key: $(uuidgen)" \
  -d '{
    "externalId": "crm-7741",
    "fullName": "Jane Doe",
    "email": "jane@example.com"
  }'
Response (201 Created): 
{
  "id": "550e8400-e29b-41d4-a716-446655440000",
  "external_id": "crm-7741",
  "type": "INDIVIDUAL",
  "full_name": "Jane Doe",
  "email": "jane@example.com",
  "kyc_status": "NOT_STARTED",
  "added_via": "INTEGRATION",
  "...": "..."
}
No KYC is triggered and no credits are charged. The customer record is created so your back-office team can review it, complete the risk questions, and start verification from inside Instant Compliance.

4. Read status back

Once your compliance team has verified the customer, poll for the result. Use updated_since so each poll only returns records that changed since the previous run: 
curl "https://app.instantcompliance.ai/api/v1/customers?updated_since=2026-06-23T00:00:00Z" \
  -H "Authorization: Bearer ic_live_..."
When kyc_status becomes VERIFIED and aml.status becomes CLEAR, the customer is fully cleared. See Customer lifecycle for the full state machine.

Next steps

Upsert by external_id

The right way to wire create-or-update from your CRM.

Polling for status

Get a robust polling loop right the first time.

Zapier integration

No-code recipe for HubSpot, Pipedrive, Salesforce, etc.

Idempotency

Make every retry safe.