> ## Documentation Index > Fetch the complete documentation index at: https://docs.nxos.io/llms.txt > Use this file to discover all available pages before exploring further. # Import verification > Import a verification for the in-scope organization from a donor's Sumsub share token (Reusable KYC). Lets a broker reuse a KYC/KYB they already performed on their own Sumsub tenant instead of asking the customer to repeat the flow. The broker generates a single-use share token on their tenant and posts it here under `Nxos-On-Behalf-Of: `. We import the applicant on our tenant under `externalUserId = ` and move the verification record to `PENDING`. Sumsub's applicant-review webhook fires shortly after and the platform progresses the org to `APPROVED` — poll `GET /v1/organizations/verification` to observe that transition. Pre-requisite: the donor must have added nxos as a Reusable KYC partner in their Sumsub dashboard, and we must have enabled the feature on our side. There is no automated onboarding for the pairing itself. Share tokens are single-use. A retry of this endpoint with the same token returns `share_token_invalid`. See [Verification](https://docs.nxos.io/guides/verification) for the full flow. ## OpenAPI ````yaml POST /v1/organizations/verification/import openapi: 3.0.0 info: title: nxos API version: 1.0.0 contact: name: nxos url: https://nxos.io description: |- The nxos platform API provides programmatic access to accounts, balances, quotes, and trades. All endpoints require API key authentication. servers: - url: https://api.nxos.io description: Production variables: {} - url: https://api.sandbox.nxos.io description: Sandbox variables: {} security: [] tags: - name: Accounts - name: Quotes - name: Beneficiaries - name: Fiat Payouts - name: Crypto Payouts - name: Nxosnet - name: Fees - name: Funding Methods - name: Transactions - name: Organizations - name: Authorizations - name: Webhooks description: >- Register an HTTPS endpoint to receive events (organization verification and transaction status changes) instead of polling. Deliveries are signed; verify the `svix-signature` header before acting on an event. See the [Webhooks guide](https://docs.nxos.io/core-concepts/webhooks) for the delivery format, signature verification, retries, and broker behavior. Payload shapes are documented in the `…Event` models below. paths: /v1/organizations/verification/import: post: tags: - Organizations description: |- Import a verification for the in-scope organization from a donor's Sumsub share token (Reusable KYC). Lets a broker reuse a KYC/KYB they already performed on their own Sumsub tenant instead of asking the customer to repeat the flow. The broker generates a single-use share token on their tenant and posts it here under `Nxos-On-Behalf-Of: `. We import the applicant on our tenant under `externalUserId = ` and move the verification record to `PENDING`. Sumsub's applicant-review webhook fires shortly after and the platform progresses the org to `APPROVED` — poll `GET /v1/organizations/verification` to observe that transition. Pre-requisite: the donor must have added nxos as a Reusable KYC partner in their Sumsub dashboard, and we must have enabled the feature on our side. There is no automated onboarding for the pairing itself. Share tokens are single-use. A retry of this endpoint with the same token returns `share_token_invalid`. See [Verification](https://docs.nxos.io/guides/verification) for the full flow. operationId: Organizations_importVerification parameters: - $ref: '#/components/parameters/ApiKeyAuth' - $ref: '#/components/parameters/IdempotencyKey' requestBody: required: true content: application/json: schema: $ref: '#/components/schemas/ImportVerificationRequest' responses: '200': description: The request has succeeded. content: application/json: schema: $ref: '#/components/schemas/OrganizationVerification' '400': description: The server could not understand the request due to invalid syntax. content: application/json: schema: $ref: '#/components/schemas/Error400' '401': description: Access is unauthorized. content: application/json: schema: $ref: '#/components/schemas/Error401' '403': description: Access is forbidden. content: application/json: schema: $ref: '#/components/schemas/Error403' '404': description: The server cannot find the requested resource. content: application/json: schema: $ref: '#/components/schemas/Error404' '409': description: The request conflicts with the current state of the server. content: application/json: schema: $ref: '#/components/schemas/Error409' '429': description: Client error content: application/json: schema: $ref: '#/components/schemas/Error429' '500': description: Server error content: application/json: schema: $ref: '#/components/schemas/Error500' components: parameters: ApiKeyAuth: name: Authorization in: header required: true description: 'Bearer token. Format: `Bearer `' schema: type: string IdempotencyKey: name: Idempotency-Key in: header required: false description: >- Unique key per logical operation. UUID v4 recommended. Max 255 characters. schema: type: string schemas: ImportVerificationRequest: type: object required: - shareToken properties: shareToken: type: string description: >- Single-use share token generated by the donor on their Sumsub tenant for a Reusable KYC partnership with nxos. description: Request body for `POST /v1/organizations/verification/import`. OrganizationVerification: type: object required: - object - status - type - updatedAt properties: object: type: string enum: - organization_verification description: Object type. Always `organization_verification`. status: allOf: - $ref: '#/components/schemas/VerificationStatus' description: Current verification status. type: allOf: - $ref: '#/components/schemas/VerificationType' description: Verification flow applied to the org. updatedAt: allOf: - $ref: '#/components/schemas/dateTimeString' description: ISO 8601 timestamp of the most recent status change. description: >- Verification record for an organization. Surfaces the live status plus a last-updated timestamp; polling this endpoint is the canonical way to learn when KYB completes. example: object: organization_verification status: APPROVED type: BUSINESS updatedAt: '2026-03-15T14:30:00.000Z' Error400: type: object required: - error properties: error: $ref: '#/components/schemas/ErrorBody' description: Standard error response returned by all endpoints on failure. example: error: code: invalid_request message: The request body is malformed or missing required fields. requestId: req_a1b2c3d4e5f6a1b2c3d4e5f6a1b2c3d4 Error401: type: object required: - error properties: error: $ref: '#/components/schemas/ErrorBody' description: Standard error response returned by all endpoints on failure. example: error: code: missing_api_key message: No Authorization header provided. requestId: req_a1b2c3d4e5f6a1b2c3d4e5f6a1b2c3d4 Error403: type: object required: - error properties: error: $ref: '#/components/schemas/ErrorBody' description: Standard error response returned by all endpoints on failure. example: error: code: forbidden message: Your organization is not enabled for this action. requestId: req_a1b2c3d4e5f6a1b2c3d4e5f6a1b2c3d4 Error404: type: object required: - error properties: error: $ref: '#/components/schemas/ErrorBody' description: Standard error response returned by all endpoints on failure. example: error: code: not_found message: The requested resource was not found. requestId: req_a1b2c3d4e5f6a1b2c3d4e5f6a1b2c3d4 Error409: type: object required: - error properties: error: $ref: '#/components/schemas/ErrorBody' description: Standard error response returned by all endpoints on failure. example: error: code: quote_expired message: The quote has expired. requestId: req_a1b2c3d4e5f6a1b2c3d4e5f6a1b2c3d4 Error429: type: object required: - error properties: error: $ref: '#/components/schemas/ErrorBody' description: Standard error response returned by all endpoints on failure. example: error: code: rate_limited message: 'Rate limit exceeded: 1000 requests per minute. Retry in 23 seconds.' requestId: req_a1b2c3d4e5f6a1b2c3d4e5f6a1b2c3d4 Error500: type: object required: - error properties: error: $ref: '#/components/schemas/ErrorBody' description: Standard error response returned by all endpoints on failure. example: error: code: internal_error message: An unexpected server error occurred. requestId: req_a1b2c3d4e5f6a1b2c3d4e5f6a1b2c3d4 VerificationStatus: type: string enum: - NOT_STARTED - PENDING - APPROVED - REJECTED - ON_HOLD - RESUBMISSION_REQUIRED description: >- Lifecycle status of an organization's verification record. - `NOT_STARTED` — record exists but no session has been opened. - `PENDING` — applicant is mid-flow or under review. - `APPROVED` — passed; the org can transact, hold balances, and back active LOAs. - `REJECTED` — declined; the org cannot transact. Contact support to dispute. - `ON_HOLD` — pending manual compliance review on our side. - `RESUBMISSION_REQUIRED` — provider flagged a fixable problem (blurry document, wrong type, etc.). Re-call `POST /v1/organizations/verification` to resume. VerificationType: type: string enum: - BUSINESS - INDIVIDUAL description: >- Verification flow applied to the organization. Mirrors `OrganizationType` (businesses go through KYB, individuals through KYC). dateTimeString: type: string description: ISO 8601 timestamp string. ErrorBody: type: object required: - code - message - requestId properties: code: allOf: - $ref: '#/components/schemas/ErrorCode' description: Machine-readable error code. message: type: string description: Human-readable error message. requestId: type: string description: Unique identifier for this request, useful for debugging. ErrorCode: type: string enum: - missing_api_key - authentication_failed - invalid_api_key - forbidden - not_found - organization_not_found - account_not_found - quote_not_found - beneficiary_not_found - transaction_not_found - funding_method_not_found - authorization_not_found - nxosnet_handle_not_found - quote_expired - quote_already_used - beneficiary_already_archived - beneficiary_not_archived - beneficiary_blocked - nxosnet_not_enabled - nxosnet_handle_taken - chain_send_failed - idempotency_key_in_use - idempotency_request_in_flight - invalid_request - insufficient_funds - validation_error - share_token_invalid - verification_import_unsupported - rate_limited - webhooks_unavailable - internal_error description: All possible error codes returned by the API. ````