Lola KYC
  • Home
  • Tickets
  • UI Config
  • Operations
  • Operations Inbox
  • View Tickets
  • Templates
  • Scan ID
  • CIP Evaluate
  • CIP Outcome
⚠ Not ConfiguredVersion 0.11.0

Playground

Interactive testing environment for Lola KYC verification workflows. Test ticket creation, admin dashboards, and white-label UI configurations.

KYC Verification
Ticket Management
Admin Tools
White Label
KYC Features
Ticket Management

Create verification tickets, generate widget URLs, and test the complete KYC flow with configurable parameters.

UI Configuration

Test white-label UI configurations for different clients. Preview themes, logos, and branding settings.

Operations
Operations Inbox

Review and manage CIP verification requests. Approve or reject requests pending manual review.

View Tickets

View all tickets, verification attempts, and images. Monitor KYC sessions with filtering and pagination.

Templates

Manage and configure verification templates for different use cases and client requirements.

Scan ID Document

Test the CIP scan-id endpoint to extract and validate information from ID documents. Requires a valid ticket.

CIP Evaluate

Test the CIP evaluation endpoint to analyze and score verification data against compliance rules.

CIP Outcome

View and manage CIP verification outcomes. Review decision results and compliance status.

Lola KYC Services

Full-stack KYC verification platform with enterprise-grade features:

  • Backend-to-Backend API Integration - RESTful API for ticket creation and result retrieval
  • Embeddable Web Widget - Drop-in verification widget with theming and localization
  • Admin Dashboard Endpoints - Complete management API for monitoring sessions and attempts
  • Comprehensive Audit Logging - Full operation tracking with correlation IDs
  • Persistent Storage - GCS and local disk support for results and images
  • Ticket & Attempt Control - One-time use tickets with configurable TTL and max attempts
  • White-Label UI Configuration - Client-specific branding and i18n per tenant
  • AWS Rekognition Liveness Detection - Face liveness via Lola BX integration
  • Webhook Notifications - Fire-and-forget async callbacks with domain whitelisting
  • Post-Action Automation - Automatic enrollment and face matching workflows
Security Features

Enterprise-grade security measures protecting every layer:

  • API Key Authentication - X-API-Key header validation for all protected endpoints
  • Rate Limiting - Configurable request throttling (100 req/min default) per client IP
  • CORS Origin Validation - Whitelist-based cross-origin request filtering
  • Server-side Max Attempts - Hard limit enforcement preventing client-side bypass
  • One-time Use Tickets - Atomic redemption preventing ticket reuse attacks
  • AWS STS Temporary Credentials - Short-lived access tokens for liveness operations
  • JWT Token-based Image Access - Time-limited signed URLs for artifact retrieval
  • Comprehensive Audit Logging - Full operation tracking with correlation IDs
  • Webhook Domain Whitelisting - Callback URL validation preventing SSRF attacks
  • TTL Enforcement - Automatic ticket expiration with configurable lifetimes
  • Cooldown Periods - Anti-abuse retry delays between liveness attempts
  • Session Expiration - Automatic cleanup of expired verification sessions