Skip to main content
The status field on an identity is the single source of truth for what it can do. The status_details object — available on Get Identity and List Identities responses — gives a structured breakdown of why an identity is in a given state and what, if anything, needs to happen next. Use it to drive onboarding flows, surface actionable messaging to your users, and respond to lifecycle events.

Summary Status

An identity has five possible states:
StatusMeaning
PENDINGUnder review. No onboarding decision has been made yet. The identity cannot transact.
APPROVEDPassed all verifications. The identity has full access to your integration.
DENIEDFailed review. The identity cannot be used with integrations.
DISABLEDPreviously approved but off-boarded. Restricted access only.
ERRORFrozen for compliance reasons. Entirely disabled.
The onboarding decision — APPROVED or DENIED — is made asynchronously after you submit the identity. The decision is based on the identity’s risk rating and the outcome of its verification checks. Use webhooks to be notified when the decision is made rather than polling.
{
  "id": "f190b163-208f-4d73-8deb-4fb8b24add00",
  "status": "PENDING",
  "status_details": { ... }
}
Use status to gate access to your integration — only identities in APPROVED status can transact. This status determines what the identity can do:
StatusHold AssetsCreate Buy OrdersCreate Sell OrdersExecute Open OrdersCreate Crypto Deposit AddressCreate Crypto WithdrawalReceive Crypto Deposits
PENDING
DENIED
APPROVED
DISABLED❌*
ERROR❌*
*Crypto deposits received by identities in DISABLED or ERROR status are held for review.
summary_status returns the same values and is deprecated. Use status going forward.

Requirements

status_details.requirements lists all outstanding requirements affecting an identity. Use it to understand what is blocking or pending, drive onboarding flows, and determine whether your application needs to take action.
"requirements": [
  {
    "type": "KYC_REFRESH",
    "status": "FAILED",
    "awaiting_action_from": "CLIENT",
    "errors": [
      {
        "code": "KYC_REFRESH_OVERDUE",
        "description": "KYC refresh has expired."
      }
    ]
  },
  {
    "type": "SCREENING_CHECK",
    "status": "PENDING",
    "awaiting_action_from": "PAXOS",
    "errors": [
      {
        "code": "SCREENING_IN_PROGRESS",
        "description": "Screening check is in progress."
      }
    ]
  }
]
Each entry has the following fields:
FieldDescription
typeThe requirement type — see types below.
statusThe state of the requirement — see below.
awaiting_action_fromWho must act to resolve it: PAXOS or CLIENT. Not present for MEMBERS type.
errorsStructured detail for developer use. Do not expose code or description directly to end users.

Requirement Status

statusMeaning
PENDINGNot yet resolved. Could be under review (awaiting_action_from: PAXOS) or waiting on your application (awaiting_action_from: CLIENT).
FAILEDA verification did not pass. May or may not require action from your side — always check awaiting_action_from.

Requirement Types

TypeApplies toDescription
ID_VERIFICATIONPersonGovernment-issued ID verification. See Required Details.
DOCUMENT_VERIFICATIONInstitutionBusiness document review. See Required Details.
SCREENING_CHECKBothBackground screening. Typically no client action required.
COMPLIANCE_CHECKBothInternal compliance review. No client action required.
ENHANCED_DUE_DILIGENCEBothRequired for higher-risk identities. Submit additional documentation. See Enhanced Due Diligence.
KYC_REFRESHBothPeriodic re-verification of identity information. See Periodic KYC Refresh.
TAX_DETAILS_VERIFICATIONBothTax identification number verification.
MEMBERSInstitutionOne or more institution members have outstanding requirements. Check institution_members in the response.

Who Needs to Act

Use awaiting_action_from to decide whether to wait or take action:
awaiting_action_fromWhat to do
CLIENTYour application needs to act — for example, initiate a KYC refresh flow or submit additional documentation.
PAXOSPaxos is processing. No action needed from your side.
Not presentApplies to MEMBERS type only — check institution_members for member-level detail.

Surfacing Requirements to Users

You are responsible for crafting user-facing copy. Use the combination of type, awaiting_action_from, and status to determine what to show. The messages below are illustrative examples only — tailor them to your product’s tone and your users’ context:
typeawaiting_action_fromstatusExample user-facing message
AnyPAXOSPENDING”Your account is under review.”
ID_VERIFICATIONCLIENTPENDING”Please complete identity verification.”
DOCUMENT_VERIFICATIONCLIENTFAILED”Document verification was not successful. Please resubmit.”
KYC_REFRESHCLIENTFAILED”Your information needs to be updated.”
ENHANCED_DUE_DILIGENCECLIENTPENDING”Additional documentation is required to continue.”
TAX_DETAILS_VERIFICATIONCLIENTFAILED”Please verify your tax details.”
MEMBERSFAILED”One or more account members require attention.”

Error Codes

The errors[].code field is a machine-readable enum for logging and routing logic. Do not expose code or description directly to end users — both are intended for developer use only.
  • IDENTITY_VERIFICATION_REQUIRED
  • IDENTITY_VERIFICATION_FAILED
  • DOCUMENT_UPLOAD_REQUIRED
  • DOCUMENT_VERIFICATION_FAILED
  • SCREENING_IN_PROGRESS
  • SCREENING_FAILED
  • COMPLIANCE_REVIEW_REQUIRED
  • COMPLIANCE_REVIEW_FAILED
  • EDD_DOCUMENTATION_REQUIRED
  • MEMBER_VERIFICATION_PENDING
  • MEMBER_VERIFICATION_FAILED
  • TIN_NOT_FOUND
  • KYC_REFRESH_REQUIRED
  • KYC_REFRESH_OVERDUE
Additional error codes may be added in the future. Build your integration to handle unknown codes gracefully.
{
  "type": "KYC_REFRESH",
  "status": "FAILED",
  "awaiting_action_from": "CLIENT",
  "errors": [
    {
      "code": "KYC_REFRESH_OVERDUE",
      "description": "KYC refresh has expired."
    }
  ]
}

The MEMBERS Requirement

When type is MEMBERS, check the top-level institution_members array in the response to identify which members are failing or pending:
"institution_members": [
  {
    "id": "m1",
    "identity_id": "b8e1f234-0011-4abc-9900-aabbccddeeff",
    "name": "John Doe",
    "roles": ["BENEFICIAL_OWNER"],
    "summary_status": "DENIED"
  },
  {
    "id": "m2",
    "identity_id": "c9f2a345-1122-5bcd-aa11-bbccddeeff00",
    "name": "Jane Doe",
    "roles": ["CONTROL_PERSON"],
    "summary_status": "APPROVED"
  }
]
Call Get Identity on each member’s identity_id to retrieve their individual status_details and requirements.

Active Controls

Controls allow Paxos or your application to restrict what an identity can do — independently of its compliance status. An identity that has passed all requirements can still have a control applied to limit its activity. status reflects the outcome of the compliance review; active_controls reflects operational restrictions layered on top. Controls are applied by two parties:
  • Paxos (SET_BY_PAXOS) — applied for compliance or risk reasons. Contact Support if you believe a control was applied in error.
  • Your application (SET_BY_CLIENT) — applied programmatically via the Identity Controls API, for example to mark an inactive account as dormant.
Control typeApplied byUse case
SELL_ONLYPaxos or ClientIdentity can only sell or liquidate assets. No new purchases or deposits.
FROZENPaxosAll transactions blocked. Identity holds assets but cannot move them.
DORMANTClientIdentity marked inactive by your application to reduce costs. See Dormancy Lifecycle.
CLOSEDPaxos or ClientIdentity closed. No further activity permitted.
status_details.active_controls lists all controls currently in effect:
"active_controls": [
  {
    "id": "ctrl-001",
    "type": "SELL_ONLY",
    "set_by": "SET_BY_PAXOS",
    "is_overridable": false,
    "reason_code": "COMPLIANCE_KYC",
    "reason": "Prohibited risk rating",
    "created_at": "2026-04-10T08:00:00Z"
  }
]
FieldDescription
typeThe restriction applied — see types above.
set_bySET_BY_PAXOS — contact Support to resolve. SET_BY_CLIENT — your application applied it.
is_overridableWhether your application can remove this control via the Identity Controls API.
reasonHuman-readable explanation of why the control was applied.
An empty active_controls array means no controls are in effect.

Sub-statuses

These fields are deprecated. Use status_details.requirements instead — it provides the same information in a structured, actionable format. See Migrating from Deprecated Fields.
The following fields may still appear in identity responses and reflect the outcome of individual verification checks.

Sanctions Verification (sanctions_verification_status)

  • PENDING — Sanctions check in progress.
  • APPROVED — No sanctions hit found.
  • DENIED — Sanctions hit found. Cannot proceed.
  • ERROR — Possible sanctions hit, held for manual review.

Additional Screening (additional_screening_status)

  • PENDING — Screening checks in progress.
  • APPROVED — Passed all screening checks.
  • DENIED — Failed screening checks.
  • ERROR — Possible screening hit, held for manual review.
Additional screening covers negative news and politically exposed person checks. Sanctions checks are reported separately in sanctions_verification_status.

ID Verification (id_verification_status, persons only)

  • PENDING — Verification in progress.
  • APPROVED — Identity confirmed.
  • DENIED — Unable to verify the person’s identity.
When using Passthrough IDV, id_verification_status reflects the passthrough_verification_status provided at identity creation. Note that passthrough_verification_status can only be set to a terminal status — APPROVED or DENIED.

Staying Current with Webhooks

The identity_summary_status_change webhook fires when an identity’s status changes and includes status_details.requirements in the Event API response.
This webhook fires on status changes only — not on every individual requirement change within a stable status. Call Get Identity to retrieve the latest requirements at any point.

Migrating from Deprecated Fields

The following fields are deprecated and will be removed in a future release. Migrate to status and status_details instead.
Deprecated fieldReplacement
summary_statusstatus
user_disabledstatus_details.active_controls
admin_disabledstatus_details.active_controls
id_verification_statusstatus_details.requirements
sanctions_verification_statusstatus_details.requirements
additional_screening_statusstatus_details.requirements
document_verification_statusstatus_details.requirements
summary_tin_verification_statusstatus_details.requirements
Questions? Contact Support.