# Update KYC Review to get a Hosted KYC link Updates the KYC Review with a redirect URL. Returns the KYC Review object with a link field containing a URL where the end customer needs to be directed in order to complete the Hosted KYC flow. Once the Hosted KYC flow is completed by the end customer, they will be redirected to the redirectUrl provided in this API call. During the redirection, the redirectUrl will be appended with query parameters: status=success, status=failed, or status=closed. Endpoint: PATCH /v1/profiles/{profileId}/kyc-reviews/{kycReviewId} Security: UserToken ## Path parameters: - `profileId` (integer, required) The profile ID. - `kycReviewId` (string, required) The KYC Review ID. ## Header parameters: - `X-External-Correlation-Id` (string) Optional UUID for correlating requests across systems. If provided, Wise echoes it back in the response. Maximum 36 characters. Learn more. Example: "f47ac10b-58cc-4372-a567-0e02b2c3d479" ## Request fields (application/json): - `redirectUrl` (string, required) URL where the user will be redirected at the end of the flow. Can contain query params and path fragments. It has to be a valid URL as per [RFC 2396](https://www.ietf.org/rfc/rfc2396.txt). Example: "https://example.com" ## Response 200 fields (application/json): - `id` (string) Unique identifier for a KYC Review resource, generated by Wise. Example: "46e1a5c4-4a9b-4563-39d3-18174d3ac0f8" - `status` (string) Aggregated state of the underlying requirement set. Any of the states below could move into any other state. Enum: "NEW", "PASSED", "PASSED_WITH_REQUIREMENTS", "WAITING_CUSTOMER_INPUT", "PROCESSING" - `link` (object,null) Contains the URL and expiry of said URL the end customer needs to be directed to in order to go through Hosted KYC flow. link is returned only when status is WAITING_CUSTOMER_INPUT and [Update redirect URL](kycreviewredirecturlupdate) is called. - `link.value` (string) The URL that the end customer needs to be directed to in order to go through the Hosted KYC flow. Example: "https://wise-sandbox.com/embedded-flows/verification?token=d7332edb-25bf-41af-a4e9-09f5efe39ded&checkId=3120073" - `link.expiresAt` (string) Timestamp for when the one-time token in the link will expire, after which a new link needs to be generated. Example: "2024-09-03T16:29:41.203225146" - `createdAt` (string) Timestamp marking the creation of the KYC Review. Example: "2024-09-03T16:22:02.257725" - `updatedAt` (string) Timestamp marking the last update of the KYC Review. Example: "2024-09-03T16:29:41.147522" - `requiredBy` (string,null) Timestamp by which the underlying requirement set needs to be verified to not block the customer. Only relevant if the status is PASSED_WITH_REQUIREMENTS. Example: "2024-09-03T16:22:02.257725" - `triggerReferences` (array) List of trigger reference objects. - `triggerReferences.type` (string) Type of the underlying action or process this KYC Review is for. Usually a reference to which product this KYC Review pertains to (like QUOTE or TRANSFER) or a reference to a KYC process on the profile that isn't related to a specific product (like REFRESH_CYCLE or REPAPERING). Currently supported types: - QUOTE - TRANSFER - PROACTIVE_SEND_MONEY - ADD_MONEY - CARD - BANK_ACCOUNT_DETAILS - INFO_REQUEST Example: "QUOTE" - `triggerReferences.triggerData` (object) Key-value object containing metadata of the underlying product object that triggered the KYC Review. For QUOTE, TRANSFER and ADD_MONEY types, triggerData contains an id field that refers to their respective IDs. For BANK_ACCOUNT_DETAILS, triggerData has a field called currencies which contains a list of currencies (e.g. USD, SGD, EUR) that the bank details have been created for. Fields and their data types for each triggerReference.type: - QUOTE - id (uuid) - TRANSFER - id (long) - ADD_MONEY - id (long) - BANK_ACCOUNT_DETAILS - currencies (list of string) Example: {"id":"ba83a43a-f623-46f0-956d-196c13e2ab01"} - `redirectUrl` (string,null) URL where the user will be redirected at the end of the flow. Can contain query params and path fragments. It has to be a valid URL as per [RFC 2396](https://www.ietf.org/rfc/rfc2396.txt). Provided by the caller in the [Update redirect URL](kycreviewredirecturlupdate) call. Example: "https://example.com" - `requirements` (array,null) Nested list of [KYC Requirement](api-reference/kyc-review/kyc-requirement) objects in [[Requirement]] format, where each inner list represents a combination of possible requirements to be provided. To fulfil the whole KYC Review, at least one item from each inner list should be provided. For example, if the requirements are [[a, b], [c, d]] then it should be read as (a or b) and (c or d). - `requirements.key` (string) The name of the KYC requirement. A single KYC Requirement should appear in the requirements list at most once. Example: "ID_DOCUMENT" - `requirements.state` (string) The state of the KYC requirement. - NOT_PROVIDED — the information is pending. Either the Hosted KYC flow or [KYC Requirement Submit](kycreviewrequirementsubmit) endpoint should be used to fulfil the requirement. - IN_REVIEW — the required information has been retrieved and the KYC requirement is being reviewed. No action is needed. - VERIFIED — the required information has been received and verified on our side. No action is needed. Enum: "NOT_PROVIDED", "IN_REVIEW", "VERIFIED" - `requirements.apiCollectionSupported` (boolean) Indicates if the requirement can be provided via the [KYC Requirement Submit](kycreviewrequirementsubmit) endpoint. If false, the requirement should be provided via the Hosted KYC flow. Example: true - `requirements.additionalRequirements` (array,null) List of additional submissions that are needed to fulfill this requirement. These can appear when the originally submitted evidence is a wrong document, wrong format, incomplete or otherwise insufficient. Only provided if not empty. - `requirements.additionalRequirements.additionalRequirementId` (string) Unique identifier for an additional requirement, generated by Wise. Example: "8b789c45-60ae-475d-b667-c8714db9a6a4" - `requirements.additionalRequirements.key` (string) A key outlining what type of evidence is additionally required Enum: "ACKNOWLEDGEMENT,", "DOCUMENT", "WRITTEN_ANSWER", "DOCUMENT_AND_WRITTEN_ANSWER", "DOCUMENT_OR_WRITTEN_ANSWER", "EMAIL", "CUSTOM_REQUEST" - `requirements.additionalRequirements.state` (string) The state of the additional requirement. This state should be treated as independent of the parent KYC Requirement's state. They can, but don't have to, change together. - NOT_PROVIDED — the information is pending. Either the Hosted KYC flow or [KYC Requirement Submit](kycreviewrequirementsubmit) endpoint should be used to fulfil the additional requirement. - IN_REVIEW — the required information has been retrieved and the additional requirement is being reviewed. No action is needed. - VERIFIED — the required information has been received and verified on our side. No action is needed. Enum: "NOT_PROVIDED", "IN_REVIEW", "VERIFIED" - `requirements.additionalRequirements.reasons` (object) Contains information about the reason this additional requirement has been requested. - `requirements.additionalRequirements.reasons.errorCode` (string) Code for the reason this additional requirement has been requested. Enum: "NEEDED", "WRONG_DOCUMENT", "EXPIRED", "INVALID_TRADING_ADDRESS", "MISSING_ONE_SIDE", "MISSING_COUNTRY_OF_RESIDENCE", "MISSING_DIRECTORS", "MISSING_UBOS", "NO_UBO_DOC_REQUIRED", "MISMATCH_NAME", "MISMATCH_DATE_OF_BIRTH", "AGENT_DETAILS_PROVIDED", "DIRECTOR_IS_BUSINESS", "UBO_IS_BUSINESS", "UNCLEAR", "WEBSITE_LINK_BROKEN", "BUSINESS_NAME_NOT_ON_WEBSITE", "DRIVING_LICENSE_NOT_ACCEPTED", "BUSINESS_NOT_REGISTERED", "OTHER" - `requirements.additionalRequirements.reasons.description` (string) Example: "The provided document or information has expired. A valid document is required." - `requirements.additionalRequirements.reasons.dateTime` (string) Timestamp marking when this additional requirement was requested. Example: "2026-04-13T10:54:21.929314" - `requirements.additionalRequirements.attributes` (object) Contains metadata information about the additional requirement. Not returned if empty. - `requirements.additionalRequirements.attributes.fields` (object) Not returned if empty - `requirements.additionalRequirements.attributes.fields.name` (string) The name of the affected person(s) or business - `requirements.additionalRequirements.attributes.fields.website` (string) The URL of the affected website - `requirements.additionalRequirements.attributes.fields.businessName` (string) The name of the affected business - `requirements.additionalRequirements.attributes.fields.owningBusinessName` (string) The name of the affected owning business - `requirements.additionalRequirements.attributes.fields.markdownText` (string) Free format text written by a Wise Agent in markdown format. Example: "Requirement details were unclear, *please* provide a clear scan where:\n\n* All information is clearly readable\n* The document is in colour" - `requirements.additionalRequirements.attributes.issues` (array) A list of issues with the previously uploaded document. Not returned if empty Enum: "CANNOT_BE_SCREENSHOT", "INCORRECT_FILE_FORMAT", "NEED_COLOUR_VERSION", "POOR_QUALITY" - `requirements.versions` (array) Conditional: Only present when apiCollectionSupported is true. Lists the available versions and their validity. - `requirements.versions.version` (string) The version identifier. Example: "v1" - `requirements.versions.validUntil` (string,null) If present, indicates the expiry date of this version (ISO 8601). Example: "2026-06-30" ## Response 400 fields ## Response 401 fields ## Response 404 fields