Skip to main content
Share verified customer KYC data from partner platforms to streamline onboarding and eliminate duplicate verification processes.

Overview

Token sharing enables seamless customer onboarding by accepting pre-verified KYC data from partner platforms through Sumsub. When a customer is already verified on a partner platform, you can import their verification data instead of requiring them to complete KYC again. How it works:
  1. Customer completes KYC verification on partner platform
  2. Partner generates a Sumsub token containing the customer’s verified data
  3. Partner calls Busha’s token-share endpoint with the token
  4. Busha imports the verified KYC data
  5. Customer is instantly verified without re-uploading documents

Prerequisites

  • A Busha Business Account and Secret API Key
  • Active Sumsub account with verified applicant
  • Busha’s Client ID
  • Sumsub API credentials

Setup

Add Busha as Recipient

The Reusable KYC feature must be enabled on your Sumsub account before you can share tokens. Contact your Sumsub Customer Success Manager (CSM) to enable this feature if it is not already active.
Before sharing tokens, add Busha as a trusted recipient in your Sumsub dashboard:
  1. Contact Busha support at eng@busha.co to receive a recipient token
  2. Log into your Sumsub dashboard → Reusable Identity → Partners
  3. Add Busha using the recipient token

Generate Sumsub Token

Before sharing customer data with Busha, generate a share token from Sumsub. This token securely encapsulates the customer’s verified KYC data. Refer to Sumsub’s Generate Share Token documentation for complete details on token generation.

Request

curl -X POST https://api.sumsub.com/resources/accessTokens/shareToken \
  -H "Content-Type: application/json" \
  -d '{
    "applicantId": "63e092c51b7b4030f2e01154",
    "forClientId": "BushaClientId",
    "ttlInSecs": 600
  }'
Parameters:
ParameterTypeDescription
applicantIdstringThe Sumsub applicant ID of the verified customer
forClientIdstringBusha’s unique identifier (provided by Busha support)
ttlInSecsnumberToken validity period in seconds (default: 600)
Authentication: You’ll need your Sumsub API credentials (App Token and Secret Key). See Sumsub’s authentication guide for authentication requirements.Busha’s Client ID: Contact Busha support at eng@busha.co to receive Busha’s forClientId for token generation.

Response

{
  "token": "eyJhbGciOiJub25lIn0.eyJqdGkiOiJfYWN0LTZmODI2ZTU0LTE2MzctNDViMS05NzMyLWY1MjZiN2YxNWE3YyIsInVybCI6Imh0dHBzOi8vYXBpLnN1bXN1Yi5jb20ifQ.",
  "forClientId": "BushaClientId"
}
Save the token value for the next step.
Token Expiry: Tokens expire based on ttlInSecs. Use the token immediately after generation.One-Time Use: Each share token can only be used once. Generate a new token for each customer share.Token Format: Treat the token as an opaque string. Do not parse or validate its contents, as the format may change.

Share Token with Busha

Once you have the Sumsub token, share it with Busha to import the customer’s verified data.

Create Customer in Busha

First, create a customer record in Busha: 
$ curl -i -X POST https://YOUR_BASE_URL/v1/customers \
      -H 'Authorization: Bearer {YOUR_SECRET_KEY}' \
      -H 'Content-Type: application/json' \
      -d '{
        "email": "customer.example@gmail.com",
        "has_accepted_terms": true,
        "type": "individual",
        "country_id": "NG",
        "phone": "+234 8012345678",
        "birth_date": "24-12-2000",
        "address": {
          "city": "Lagos",
          "state": "Lagos",
          "country_id": "NG",
          "address_line_1": "10 Scranton Avenue",
          "postal_code": "100001"
        },
        "first_name": "John",
        "last_name": "Doe"
      }'
Response: 
{
      "status": "success",
      "message": "Created customer successfully",
      "data": {
        "address": {
          "address_line_1": "10 Scranton Avenue",
          "city": "Lagos",
          "country_id": "NG",
          "postal_code": "100001",
          "state": "Lagos"
        },
        "business_id": "BUS_jlKUYwF9z1ynQZ98bWbaP",
        "country_id": "NG",
        "created_at": "2026-01-27T09:23:09.317273Z",
        "deposit": true,
        "display_currency": "NGN",
        "email": "customer.example@gmail.com",
        "first_name": "John",
        "has_accepted_terms_of_service": true,
        "id": "CUS_IL2Qf2pEoNADZ",
        "last_name": "Doe",
        "level": "0",
        "payout": true,
        "phone": "+234 8012345678",
        "status": "inactive",
        "type": "individual",
        "updated_at": "2026-01-27T09:23:09.317273Z"
      }
    }
Save the id for the next step.

Share the Token

Call Busha’s token-share endpoint with the Sumsub token: 
curl -X POST https://api.sandbox.busha.so/v1/customers/CUS_abc123xyz/token-share \
  -H "Authorization: Bearer YOUR_SECRET_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "token": "eyJhbGciOiJub25lIn0.eyJqdGkiOiJfYWN0LTZmODI2ZTU0LTE2MzctNDViMS05NzMyLWY1MjZiN2YxNWE3YyIsInVybCI6Imh0dHBzOi8vYXBpLnN1bXN1Yi5jb20ifQ."
  }'
Path Parameters:
ParameterTypeDescription
customer_idstringBusha customer ID (e.g., CUS_abc123xyz)
Body Parameters:
ParameterTypeDescription
tokenstringSumsub share token from previous step
Response: 
{
  "status": "success",
  "message": "Customer token shared successfully"
}

Verify Import

Check that the customer’s verification status was updated: 
curl -X GET https://api.sandbox.busha.so/v1/customers/CUS_abc123xyz \
  -H "Authorization: Bearer YOUR_SECRET_KEY"
The customer should now have updated status and level fields reflecting the imported KYC data.

Integration Example

const axios = require('axios');

async function shareCustomerKYC(applicantId, customerEmail) {
  // 1. Generate Sumsub share token
  const sumsubResponse = await axios.post(
    'https://api.sumsub.com/resources/accessTokens/shareToken',
    {
      applicantId: applicantId,
      forClientId: 'BushaClientId',
      ttlInSecs: 600
    },
    {
      headers: {
        'Content-Type': 'application/json',
        'X-App-Token': process.env.SUMSUB_APP_TOKEN
      }
    }
  );

  const shareToken = sumsubResponse.data.token;

  // 2. Create customer in Busha
  const customerResponse = await axios.post(
    'https://api.sandbox.busha.so/v1/customers',
    {
      email: customerEmail,
      first_name: 'John',
      last_name: 'Doe',
      phone: '+234 8123456789',
      type: 'individual',
      country_id: 'NG'
    },
    {
      headers: { 'Authorization': `Bearer ${process.env.BUSHA_SECRET_KEY}` }
    }
  );

  const customerId = customerResponse.data.data.id;

  // 3. Share token with Busha
  await axios.post(
    `https://api.sandbox.busha.so/v1/customers/${customerId}/token-share`,
    { token: shareToken },
    {
      headers: { 'Authorization': `Bearer ${process.env.BUSHA_SECRET_KEY}` }
    }
  );

  // 4. Verify customer status
  const verifiedCustomer = await axios.get(
    `https://api.sandbox.busha.so/v1/customers/${customerId}`,
    {
      headers: { 'Authorization': `Bearer ${process.env.BUSHA_SECRET_KEY}` }
    }
  );

  return verifiedCustomer.data.data;
}

// Usage
shareCustomerKYC('63e092c51b7b4030f2e01154', 'john@example.com')
  .then(customer => console.log('Customer verified:', customer.status));

Next Steps

What’s Next?

Now that you understand token sharing, you can explore related customer management topics: