Dwolla Developers Logo
  • Getting Started
    Testing in the Sandbox
    Generate an OAuth Access Token
    Send Money to Users
    Receive Money from Users
    Transfer Money Between Users
    Transfer Money Me-to-Me
  • Customers
    Create a Business Verified Customer
    Create a Personal Verified Customer
    OverviewStep 1: Create a customerStep 2: Handling verification statusesFrequently asked questions
  • Funding Sources
    Add a Debit Card Using Dwolla-cards.js
    Add a Bank Using Dwolla.js
    Add a Bank Using Dwolla.js + IAV
    Verify Bank with Micro-deposits
    Add Bank via Dwolla + Plaid Integration
  • Webhooks
    Create a Webhook Subscription
API DocsOpen in new tabChangelog
Get API Keys
API DocsOpen in new tabChangelog
Get API Keys

Handling verification statuses #

After successfully creating a personal identity-verified Customer, they will immediately be given a status. There are various reasons a Customer status can be something other than verified; you will want to account for this after the Customer is created.

A Customer’s verification status is determined by an identity verification score based on the data submitted; this score is returned from Dwolla’s identity vendor. Therefore, it is important that the user enters accurate and complete identifying data, and that you exercise best practices in input field validation to ensure the best possible success rate. As an example, the retry status can occur when an individual mis-keys or uses incorrect identifying information upon Customer creation (i.e. submitting a date of birth that differs from the user’s actual date of birth).

It is recommended to have an active webhook subscription to listen for Customer verification related events. Reference the table below for Customer verification statuses and the related events.

Verification statuses #

Customer statusEventDescriptionverifiedcustomer_verifiedThe identifying information submitted was sufficient in verifying the Customer account.retrycustomer_reverification_neededThe initial identity verification attempt failed because the information provided did not satisfy Dwolla’s verification check. You can make one additional attempt by changing some or all the attributes of the existing Customer with a POST request. All fields are required on the retry attempt. If the additional attempt fails, the resulting status will be either document or suspended.kbacustomer_kba_verification_neededThe retry identity verification attempt failed due to insufficient scores on the submitted data. The end-user will have a single kba attempt to answer a set of “out of wallet” questions about themselves for identity verification. Note: KBA is a premium feature. Please contact Sales or your account manager for more information on enabling KBA functionality.documentcustomer_verification_document_neededDwolla requires additional documentation to identify the Customer in the document status. Once a document is uploaded it will be reviewed for verification.suspendedcustomer_suspendedThe Customer is suspended and may neither send nor receive funds. Contact Account Management for more information.

Testing verification statuses in Sandbox #

Dwolla’s Sandbox environment allows you to submit verified, retry, kba, document, or suspended as the value of the firstName parameter to create a new verified Customer with their respective status. To simulate transitioning a verified Customer with a retry status to verified, you’ll need to call the Update a Customer endpoint and submit full identifying information with an updated firstName value and full SSN. To simulate transitioning a verified Customer with a document status to verified in the Sandbox, you’ll need to upload a test document as outlined in the Testing in the Sandbox resource article.

Handling status: retry #

A retry status occurs when a Customer’s identity scores are too low during the initial verification attempt. Dwolla will require the full 9-digits of the individual's SSN on the retry attempt in order to give our identity vendor more information in an attempt to receive a sufficient score to approve the Customer account. The Customer will have one more opportunity to correct any mistakes.

You need to gather **new** information if the Customer is placed into the `retry` status; simply passing the same information will result in the same insufficient scores. All fields that were required in the initial Customer creation attempt will be required in the retry attempt, along with the full 9-digit SSN.
// Using dwolla-v2 - https://github.com/Dwolla/dwolla-v2-node
var customerUrl =
var requestBody = {
  firstName: "John",
  lastName: "Doe",
  email: "johndoe@dwolla.com",
  ipAddress: "",
  type: "personal",
  address1: "221 Corrected Address St..",
  address2: "Fl 8",
  city: "Ridgewood",
  state: "NY",
  postalCode: "11385",
  dateOfBirth: "1990-07-11",
  ssn: "202-99-1516",

appToken.post(customerUrl, requestBody).then(function (res) {
  res.body.id; // => '132681fa-1b4d-4181-8ff2-619ca46235b1'

Check the Customer’s status again. The Customer will either be in the verified, kba, document, or suspended state of verification.

Handling status: kba #

A KBA status occurs when a Customer’s identity scores are too low after the retry verification attempt. Knowledge based authentication (KBA), is used to identify end users by asking them to answer specific security questions about themselves pulled from a set of known data. These questions are also known as “out of wallet” questions which are dynamically generated on the spot. The Customer must answer at least three out of four (total) questions correctly in order to pass verification, which translates to a score of 75%. If the end user fails to pass KBA verification, they will be placed in a document status. The KBA flow is a three step process which includes: initiating the KBA session, retrieving the question set and answering the question set. Learn more on testing KBA in the sandbox environment.

This section outlines a premium feature for the Dwolla API. Please contact Sales or your account manager for more information on enabling KBA functionality.

Initiating the KBA session #

The first step in the KBA flow is to make a request to the Dwolla API to generate a unique KBA ID which is used to represent the KBA session.

Example request and response

var customerUrl =

appToken.post(`${customerUrl}/kba`).then((res) => res.headers.get("location")); // => 'https://api-sandbox.dwolla.com/kba/70b0e9cc-020d-4de2-9a82-a2281afa4c31'

Retrieve KBA Question set #

Once the KBA ID is created, your application will have a single attempt to retrieve and answer the question set returned from the Dwolla API. Upon a successful request to retrieve the question set, your end user will have two minutes to complete the submission of their selected answers.

Example request and response

var kbaUrl =

appToken.get(kbaUrl).then((res) => res.body.id); // => '70b0e9cc-020d-4de2-9a82-a2281afa4c31'

Answer KBA Questions #

Questions and answers will have their own unique identifiers. Questions and answers are submitted via an answers array that contains a list of four JSON objects that include key-value pairs for specifying a questionId and answerId.

Example request and response

var kbaUrl = "https://api.dwolla.com/kba/70b0e9cc-020d-4de2-9a82-a2281afa4c31";
var requestBody = {
  answers: [
      questionId: "2355953375",
      answerId: "2687969335",
      questionId: "2355953385",
      answerId: "2687969385",
      questionId: "2355953395",
      answerId: "2687969435",
      questionId: "2355953405",
      answerId: "2687969485",

appToken.post(kbaUrl, requestBody);

KBA Success

If your Customer is able to correctly answer at least three of the four (total) KBA questions, your Customer will be moved into verified status. You will receive the customer_kba_verification_passed and customer_verified webhooks to indicate that your Customer has passed the KBA attempt and has been successfully verified.

KBA Failure

A Customer that is unable to answer at least three questions correctly will be moved into document status. You will receive the customer_kba_verification_failed and customer_verification_document_needed webhooks to indicate that your Customer has failed the KBA attempt and must upload a photo Id in order to become verified.

Handling status: document #

If the Customer has a status of document, the Customer will need to upload additional pieces of information in order to verify the account. Use the create a document endpoint when uploading a colored scan of the identifying document. The document(s) will then be reviewed by Dwolla; this review may take up to 1-2 business days to approve or reject.

Document types #

A color scanned photo of the Customer's identifying document can be specified as documentType: passport, license (state issued driver's license), or idCard (other U.S. government-issued photo id card).

When a Customer is placed in the document verification status, Dwolla will return a link in the API response after retrieving a Customer which will be used by an application to determine if documentation is needed.

Link nameDescriptionverify-with-documentIdentifies if documents are needed only for an individual
Example response
  "_links": {
    "document-form": {
      "href": "https://api-sandbox.dwolla.com/customers/64dd2beb-fe56-4cdc-80dd-82a3d7f5b921/documents",
      "type": "application/vnd.dwolla.v1.hal+json; profile=\"https://github.com/dwolla/hal-forms\"",
      "resource-type": "document"
    "self": {
      "href": "https://api-sandbox.dwolla.com/customers/64dd2beb-fe56-4cdc-80dd-82a3d7f5b921",
      "type": "application/vnd.dwolla.v1.hal+json",
      "resource-type": "customer"
    "funding-sources": {
      "href": "https://api-sandbox.dwolla.com/customers/64dd2beb-fe56-4cdc-80dd-82a3d7f5b921/funding-sources",
      "type": "application/vnd.dwolla.v1.hal+json",
      "resource-type": "funding-source"
    "transfers": {
      "href": "https://api-sandbox.dwolla.com/customers/64dd2beb-fe56-4cdc-80dd-82a3d7f5b921/transfers",
      "type": "application/vnd.dwolla.v1.hal+json",
      "resource-type": "transfer"
    "verify-with-document": {
      "href": "https://api-sandbox.dwolla.com/customers/64dd2beb-fe56-4cdc-80dd-82a3d7f5b921/documents",
      "type": "application/vnd.dwolla.v1.hal+json",
      "resource-type": "document"
  "id": "64dd2beb-fe56-4cdc-80dd-82a3d7f5b921",
  "firstName": "document",
  "lastName": "doctest",
  "email": "docTest@email.com",
  "type": "personal",
  "status": "document",
  "created": "2017-08-31T14:28:11.047Z",
  "address1": "99-99 33rd St",
  "address2": "Apt 8",
  "city": "Some City",
  "state": "NY",
  "postalCode": "11101"

Uploading a document #

To upload a color photo of the document, you’ll initiate a multipart form-data POST request from your backend server to https://api.dwolla.com/customers/{id}/documents. The file must be either a .jpg, .jpeg, or .png. Files must be no larger than 10MB in size.

// Using dwolla-v2 - https://github.com/Dwolla/dwolla-v2-node
var customerUrl =

var requestBody = new FormData();
body.append("file", fs.createReadStream("mclovin.jpg"), {
  filename: "mclovin.jpg",
  contentType: "image/jpeg",
  knownLength: fs.statSync("mclovin.jpg").size,
body.append("documentType", "license");

appToken.post(`${customerUrl}/documents`, requestBody).then(function (res) {
  res.headers.get("location"); // => "https://api.dwolla.com/documents/11fe0bab-39bd-42ee-bb39-275afcc050d0"

If the document was successfully uploaded, the response will be a HTTP 201 Created with the URL of the new document resource contained in the Location header.

HTTP/1.1 201 Created
Location: https://api-sandbox.dwolla.com/documents/11fe0bab-39bd-42ee-bb39-275afcc050d0

You’ll also get a webhook with a customer_verification_document_uploaded event to let you know the document was successfully uploaded.

Document review process #

Once created, the document will be reviewed by Dwolla. When the document has been reviewed, which may take anywhere from a few seconds up to 1-2 business days if manual verification is required to approve or reject, we’ll create either a customer_verification_document_approved or customer_verification_document_failed event.

If the document was sufficient, the Customer may be verified in this process. If not, we may need additional documentation. Note: Reference the determining verification documents needed section for more information on determining if additional documents are needed after an approved or failed event is triggered.

If the document was found to be fraudulent or doesn’t match the identity of the Customer, the Customer will be suspended.

Document failure #

A document can fail if, for example, the Customer uploaded the wrong type of document or the .jpg or .png file supplied was not readable (i.e. blurry, not well lit, not in color, or cuts off a portion of the identifying image). If you receive a customer_verification_document_failed webhook, you’ll need to upload another document. To retrieve the failure reason for the document upload, you’ll retrieve the document by its ID. Contained in the response will be a failureReason field which corresponds to one or more of the following values. In case of a failure due to multiple reasons, an additional allFailureReasons array of reasons and descriptions is also returned :

Failure reasonDescriptionScanNotReadableImage blurry, too dark, or obscured by glareScanNotUploadedScan not uploadedScanIdExpiredID is expiredScanIdTypeNotSupportedID may be a military ID, firearm license, or other unsupported ID typeScanNameMismatchName mismatchScanDobMismatchDate of birth mismatchScanFailedOtherID may be fraudulent or a generic example ID image
Request and response
var documentUrl =

appToken.get(document_url).then(function (res) {
  res.body.failureReason; // => "ScanNotReadable"

Handling status: suspended #

If the Customer is suspended, there’s no further action you can take to correct this using the API. You’ll need to contact support@dwolla.com or your account manager for assistance.

Test in the Sandbox for free today.

Use sandbox environment to test API requests.

Get API Keys
2020 All Rights Reserved


  • About
  • Blog
  • Pricing
  • Contact Sales
  • Terms of Service
  • Privacy Policy
Financial institutions play an important role in our network.

Dwolla, Inc. is an agent of Veridian Credit Union and all funds associated with your account in our network are held in one or more pooled accounts at Veridian Credit Union. These funds may not be eligible for share insurance by the National Credit Union Share Insurance Fund. Dwolla, Inc. is the operator of a software platform that communicates user instructions for funds transfers to Veridian Credit Union.

Sponsorship and Settlement of Push-to-Debit payment services provided by MetaBank®, N.A.
Push-to-Debit payments are typically available within 30 minutes.