Age & risk verification API for high-risk platforms.
Secure, token-based 18+ verification that helps adult, dating, UGC and other high-risk platforms stay compliant, reduce bans, and keep Stripe & processors calmer โ without storing ID documents.
JWT tokens โข Zero-retention approach โข Stripe metered billing
How it works in 3 steps
Simple API flow: start verification, complete checks, get token. No complex KYC stack needed.
Start verification
Your platform sends a verification request to LoomAPI with basic context (user, IP, risk level).
Complete once
User passes a compliant age/risk check via your chosen flow. LoomAPI records the result.
Use the token
You receive a signed token indicating whether the user is allowed access. No ID images are stored.
Developer-friendly API
1. Start verification
POST https://project-halo-api.onrender.com/verify/start
Headers:
x-tenant-api-key: your-key
Body:
{ "subjectId": "user_123" }2. Complete verification
POST https://project-halo-api.onrender.com/verify/complete
Headers:
x-tenant-api-key: your-key
Body:
{ "verificationId": "...", "evidence": {...} }3. Validate token
POST https://project-halo-api.onrender.com/tokens/validate
Headers:
x-tenant-api-key: your-key
Body:
{ "token": "eyJhbGc..." }Key features
Everything you need for compliant age & risk verification without building a full KYC stack.
Token-based age gates
JWT tokens with claims (tenantId, verificationId, over18) that prove verification without storing documents. Gate access based on tokens, not raw identity data.
Centralised high-risk controls
One API handles all verification workflows for adult content, NSFW platforms, dating apps, gambling, and high-risk SaaS. Clear compliance logic in one place.
Zero ID storage
We do not store ID documents, biometric templates, or raw evidence. Only verification metadata and short-lived tokens. No personal document storage means less risk.
Processor-friendly audit trail
Clear event history per user/session with timestamps and status logs. Audit-ready records that processors and acquirers expect to see.
Low-latency at scale
Fast token validation and verification processing. Built to handle high-volume platforms without compromising on speed or reliability.
Webhook-ready events
Get notified when verifications complete. Webhook support for real-time integration with your platform workflows and compliance systems.
Works alongside existing KYC/ID providers
Integrate with your existing identity verification stack. LoomAPI handles the token issuance and compliance layer, not the raw ID checks.
Security & compliance, by default.
LoomAPI is designed as a safety layer, not a data hoarder. You keep control of your flows โ we issue short-lived tokens that keep regulators and processors satisfied.
Zero ID storage
We don't keep document images or selfies.
Short-lived signed tokens
HMAC-signed, tamper-evident decisions.
GDPR-friendly
Minimal data retention, no biometric templates.
Stripe & processor-aware
Built to reduce "high-risk" flags, not trigger them.
18+ compliance support
Designed for adult, dating, UGC, and other regulated content.
Audit-friendly logs
You retain a clear record without holding raw PII.
Why it keeps Stripe & processors calmer
Payment processors and acquirers want to see clear compliance discipline. LoomAPI gives you the logs, tokens, and structure they expect.
Not legal advice. We emphasize risk discipline and audit-ready records.
Clear verification story
Processors see a consistent, explainable approach to age gating instead of dozens of ad-hoc checks.
Never a grey zone again
Either a user has a valid token or they don't. No ambiguous flows that scare risk teams.
Separation of concerns
Your billing keeps billing. LoomAPI handles 18+ and high-risk gates at the API layer.
No storage of risky data
We don't store ID documents or biometric data that would trigger Stripe reviewer concerns. Only tokens and metadata.
Who it's for
Built for developers running high-risk platforms who need compliance without the complexity.
Adult / NSFW content platforms
We help you not get banned and stay compliant. Age-gate adult content, creator platforms, and NSFW sites with clear verification logs that keep payment processors comfortable.
Dating & chat apps
We help you not get banned and stay compliant. Verify age for dating platforms, chat apps, and social networks with 18+ content using simple token-based access control.
UGC platforms with 18+ areas
We help you not get banned and stay compliant. User-generated content sites with age-restricted sections can verify users before they access mature content or features.
High-risk SaaS / gambling
We help you not get banned and stay compliant. Gambling operators, gaming platforms, and high-risk SaaS tools get age verification without full KYC infrastructure.
AI companions & chatbots
We help you not get banned and stay compliant. Ensure adult-flagged conversations are properly age-gated without storing transcripts or ID docs.
Get your first token in minutes.
Use these examples with your actual tenant API key to issue and validate age tokens in staging.
Three API calls. One verification token. Start gating content.
TypeScript / JavaScript
import { LoomAPI } from '@loomapi/js';
const client = new LoomAPI({
apiKey: 'your-api-key',
baseURL: 'https://project-halo-api.onrender.com'
});
// 1. Start verification
const { verificationId } = await client.startVerification({
userAgent: req.headers['user-agent'],
ip: req.ip
});
// 2. Complete verification (after user completes age gate)
const { status, token } = await client.completeVerification({
verificationId,
evidence: { /* verification evidence */ }
});
// 3. Validate token (server-side)
const { valid, over18 } = await client.validateToken({ token });Python
from loomapi import LoomAPI
client = LoomAPI(
api_key='your-api-key',
base_url='https://project-halo-api.onrender.com'
)
# 1. Start verification
result = client.start_verification(
user_agent=request.headers.get('User-Agent'),
ip=request.remote_addr
)
verification_id = result['verificationId']
# 2. Complete verification
result = client.complete_verification(
verification_id=verification_id,
evidence={} # Your verification evidence
)
status = result['status']
token = result.get('token')
# 3. Validate token
result = client.validate_token(token=token)
valid = result['valid']
over18 = result['over18']PHP
<?php
use LoomAPI\LoomAPI;
$client = new LoomAPI([
'apiKey' => 'your-api-key',
'baseURL' => 'https://project-halo-api.onrender.com'
]);
// 1. Start verification
$result = $client->startVerification([
'userAgent' => $_SERVER['HTTP_USER_AGENT'],
'ip' => $_SERVER['REMOTE_ADDR']
]);
$verificationId = $result['verificationId'];
// 2. Complete verification
$result = $client->completeVerification([
'verificationId' => $verificationId,
'evidence' => [] // Your verification evidence
]);
$status = $result['status'];
$token = $result['token'] ?? null;
// 3. Validate token
$result = $client->validateToken(['token' => $token]);
$valid = $result['valid'];
$over18 = $result['over18'];
?>All examples use test mode. Tokens are short-lived and safe to experiment with.
Trusted by platforms protecting 2M+ users
Join leading platforms using LoomAPI for compliant age verification
What our customers say
"LoomAPI saved us weeks of development time. The token-based approach means we never store PII, which our compliance team loves."
"We needed age verification fast for our gambling platform. LoomAPI had us up and running in 48 hours with full compliance."
"The metered billing is perfect for our use case. We only pay for what we use, and the API is rock solid at scale."