Turnkey age verification for high-risk platforms.
Veriff-powered ID checks, signed age tokens (JWT), and webhooks with retries. Rate limits and quotas included. No ID storage—just verification results and tokens.
No ID storage · JWT age tokens · Dashboard & API
How it works in 3 steps
One endpoint: POST /v1/verify. Get a result synchronously or via webhook, then gate access with signed tokens.
Send document to POST /v1/verify
Send document type and base64 image (or use Veriff flow). Authenticate with your API key.
Get result (sync or via webhook)
Receive verified age and status in the response, or configure a webhook URL for async results with automatic retries.
Use the signed token for access
Use the signed age token (JWT) for access control. No ID images are stored—only verification metadata and tokens.
Call POST /v1/verify with document_type, document_data, and optional webhook_url. Response includes status, verified_age, and signed token for access control.
Key features
Everything you need for compliant age verification with Loom API v1.
Turnkey Veriff-powered verification
Age verification powered by Veriff. Send document type and image; get verified age and result. No need to integrate Veriff directly.
Signed age tokens (JWT)
Receive JWTs that encode verification outcome (e.g. verified age, status). Use them for access control without storing ID documents.
Webhooks and retries
Configure a webhook URL; get notified when verification completes. We retry failed deliveries on a schedule so you don't miss events.
Rate limiting and quotas
Clear rate limits per API key and quotas per plan. Use headers to stay within limits; 429 with retry-after when exceeded.
Zero ID storage
We don't store ID document images or biometric data. Only verification metadata and short-lived tokens.
Audit-friendly records
Request IDs, timestamps, and status so you can show compliance to processors and auditors.
Security & data handling
We don't store ID documents or biometrics. Verification is powered by Veriff; results are returned as signed tokens and via webhooks. Data in transit is encrypted; we apply rate limits and quotas. For full details, see our Security and Data Processing pages.
Zero ID storage
We don't store ID document images or biometrics. Only verification metadata and short-lived tokens.
Veriff-powered verification
Age verification is powered by Veriff. Results are returned as signed tokens and via webhooks.
Short-lived signed tokens (JWT)
Signed age tokens for access control. Tamper-evident, no raw PII stored.
Webhooks with signature & retries
Webhook payloads are signed; we retry failed deliveries on a schedule so you don't miss events.
Rate limiting & quotas
Clear rate limits per API key and quotas per plan. 429 with retry-after when exceeded.
Encryption in transit
Data in transit is encrypted. We apply rate limits and quotas to protect the service.
GDPR-friendly
Minimal data retention, no biometric templates stored.
Stripe & processor-aware
Built to reduce "high-risk" flags, not trigger them. Audit-friendly records without raw PII.
Why it keeps Stripe & processors calmer
Payment processors and acquirers want to see clear compliance discipline. LoomAPI gives you the logs, tokens, and structure they expect.
Not legal advice. We emphasize risk discipline and audit-ready records.
Clear verification story
Processors see a consistent, explainable approach to age gating instead of dozens of ad-hoc checks.
Never a grey zone again
Either a user has a valid token or they don't. No ambiguous flows that scare risk teams.
Separation of concerns
Your billing keeps billing. LoomAPI handles 18+ and high-risk gates at the API layer.
No storage of risky data
We don't store ID documents or biometric data that would trigger Stripe reviewer concerns. Only tokens and metadata.
Who it's for
Built for developers running high-risk platforms who need compliance without the complexity.
Adult / NSFW content platforms
We help you not get banned and stay compliant. Age-gate adult content, creator platforms, and NSFW sites with clear verification logs that keep payment processors comfortable.
Dating & chat apps
We help you not get banned and stay compliant. Verify age for dating platforms, chat apps, and social networks with 18+ content using simple token-based access control.
UGC platforms with 18+ areas
We help you not get banned and stay compliant. User-generated content sites with age-restricted sections can verify users before they access mature content or features.
High-risk SaaS / gambling
We help you not get banned and stay compliant. Gambling operators, gaming platforms, and high-risk SaaS tools get age verification without full KYC infrastructure.
AI companions & chatbots
We help you not get banned and stay compliant. Ensure adult-flagged conversations are properly age-gated without storing transcripts or ID docs.
Start your free trial in minutes.
Get an API key from the dashboard, then call POST /v1/verify with document type and image. Use test mode to try without consuming quota.
Example: POST /v1/verify
curl -X POST https://api.loomapi.com/v1/verify \
-H "Authorization: Bearer YOUR_API_KEY" \
-H "Content-Type: application/json" \
-d '{
"document_type": "passport",
"document_data": "base64_encoded_image_data",
"verification_type": "age_only",
"test_mode": true
}'Add "test_mode": true to run without consuming production quota. See the docs for webhooks, rate limits, and response fields.
Trusted by platforms protecting 2M+ users
Join leading platforms using LoomAPI for compliant age verification
Example scenarios – real case studies coming soon.
What our customers say
"LoomAPI saved us weeks of development time. The token-based approach means we never store PII, which our compliance team loves."
"We needed age verification fast for our gambling platform. LoomAPI had us up and running in 48 hours with full compliance."
"The metered billing is perfect for our use case. We only pay for what we use, and the API is rock solid at scale."