| Generate or request SDK access token |
Token is generated server-side and not exposed in frontend code. |
Create applicant with valid sourceKey, partnerName, and externalUserId |
Applicant is associated with the correct client configuration. |
Create applicant without sourceKey |
Applicant is rejected, held, or flagged for correction. |
Create applicant with full fixedInfo |
Applicant profile, address, and TIN are stored. |
| Upload identity document |
Identity step is satisfied when valid images are submitted. |
| Check PoA status after identity upload |
Dedicated PoA is skipped only when PROOF_OF_RESIDENCE is already satisfied. |
| Upload dedicated PoA |
PROOF_OF_RESIDENCE is satisfied when the correct document is accepted. |
| Submit questionnaire |
Required answers are stored and accepted. |
| SDK launch with valid applicant |
WebSDK or MobileSDK opens successfully. |
| SDK token expiration |
Client can request or receive a refreshed token. |
| GREEN result |
Applicant is approved for continuation in Payblr onboarding. |
| RED RETRY result |
Applicant is not approved; resubmission is required. |
| RED FINAL result |
Applicant is rejected and cannot continue onboarding. |
| PEP scenario |
Applicant is routed for compliance review. |
| AML/sanctions scenario |
Applicant is routed for compliance review or rejection. |
| Missing required data |
Applicant remains pending or requires correction. |
| Duplicate webhook/result |
Client and Payblr avoid duplicate onboarding actions. |
| Result retrieved by API |
API result matches webhook result. |
Applicant lookup by externalUserId |
Applicant can be reconciled using the client user reference. |