Age Verification Help
Support & Documentation

Documentation, API reference, integration guides, and direct support, everything you need to get agecheckPRO working.

Browse by
category.

Getting Started

Install the script, get your API key, and have your first verification live in 5 minutes.

SDK Configuration Reference

All configuration fields are managed from the AgeCheck.Pro.

SDK Events and Methods Reference

All available methods and all events the SDK can emit.

FAQ

Common support
questions.

How do I get my API key?

Log in to your dashboard, go to Apps, select your app, and copy the API key from the app settings panel. You can create multiple keys per app and revoke them individually. Store keys server-side only — never expose them in client-facing code or public repositories.

How do I add a new website or app to my account?

What counts as a verification, do failed attempts use my quota?

How do I view my verification logs and export audit data?

My webhook is not receiving events, what should I check?

Check that your endpoint URL is publicly reachable (not localhost) and returns a 200 status within 10 seconds. Verify the HMAC-SHA256 signature in your handler — a wrong secret silently drops events. Check the Webhooks log in your Dashboard for delivery attempts and error responses. We retry failed deliveries up to 5 times with exponential back-off (1 min → 5 min → 15 min → 1 hour → 6 hours).

How do I contact support?

View all FAQs

Advanced Features
and technical features.

Advanced configuration options, security layers, and enterprise integrations for complex deployments and regulated industries.

Geo-Targeting Configuration

Control where verification appears based on visitor location. Whitelist mode shows verification only in specified countries/cities. Blacklist mode hides verification in blocked locations. Configure via geo_allow_countries, geo_allow_cities (whitelist) or geo_block_countries, geo_block_cities (blacklist). Uses IP geolocation with ~98% accuracy via ip-api.com, ipapi.co, and ipinfo.io services.

HMAC-SHA256 Security Layer

All verification requests signed with HMAC-SHA256 cryptographic signatures. Server validates timestamp (max 5 minutes old), reconstructs message (METHOD + PATH + TIMESTAMP + BODY), and compares signature using constant-time hmac.compare_digest. Invalid signatures rejected with HTTP 400. Protects against replay attacks and request tampering.

MCP Server for AI Agents

Enterprise-only JSON-RPC 2.0 server (protocol version 2024-11-05) for AI agent integration. Four tools available: list_verification_logs (paginated queries with filters), get_verification_log (single record), get_verification_stats (aggregated analytics), get_top_ip_hashes (fraud analysis). Compatible with Claude Desktop, Cursor, Windsurf, and Cline. Requires mcp_live_* Bearer token authentication.

WebSocket Real-Time Updates

Per-session WebSocket channels for QR handoff flow. Desktop browser subscribes to verification_{session_id} channel. Mobile device completes biometric verification. Server broadcasts result via WebSocket to desktop in real-time. URL format: wss://host/ws/{method}/{session_id}/?token={auth_token}. Powered by Django Channels (ASGI).

Zero-PII Data Architecture

IP addresses stored as SHA-256 hashes (64 hex characters, irreversible). User agents hashed with SHA-256. Document images processed in-memory, immediately discarded. Facial photographs never persist. No biometric templates generated. Age stored as ranges (18-20, 21-25) not exact dates. Geolocation limited to country + generic city, no coordinates.

Multi-Tier Rate Limiting

Per-IP, per-endpoint limits with 60-second sliding window: /api/session/init (10 req/min), /api/verify/ (20 req/min), /api/verify-consent/ (30 req/min), /api/verify-token/ (60 req/min), other endpoints (100 req/min). Preview mode (sk_preview_*) bypasses rate limits entirely for internal testing. Exceeded limits return HTTP 429.

Integration Guide Setup
from start to production.

Start by creating your account at app.agecheck.pro and adding your first website or application. Configure your preferred verification methods (Self-Consent, Face-AI, Document-AI, or Verify-AI) and customize the widget appearance to match your brand.

For websites, copy the generated script tag and paste it before the closing </body> tag in your HTML. The SDK loads asynchronously without blocking page rendering. For mobile apps, integrate the REST API using your API key with HMAC authentication for secure server-to-server communication.

Test your integration in sandbox mode using test API keys before going live. Verify that verification flows work correctly on both desktop and mobile devices, check that QR handoff functions properly for camera-based methods, and confirm webhook delivery if you're using event notifications.

Implementation checklist

Create account · Add website/app · Get API key

Step 1

Configure methods · Customize UI · Set age requirement

Step 2

Install script tag · Verify domain ownership

Step 3

Test sandbox mode · Check all methods

Step 4

Deploy to production · Monitor logs

Step 5

Age Verification Help Support & Documentation

Browse bycategory.

Common supportquestions.

Advanced Featuresand technical features.

Integration Guide Setupfrom start to production.

Age Verification Help
Support & Documentation

Browse by
category.

Common support
questions.

Advanced Features
and technical features.

Integration Guide Setup
from start to production.