- How do I install and configure **alexeevdv/sumsub-client** in Laravel?
- Install via Composer with `composer require alexeevdv/sumsub-client`. Configure your `.env` file with `SUMSUB_SECRET_KEY` and `SUMSUB_WEBHOOK_SECRET`. The package uses Laravel’s service container, so no additional bootstrapping is required—just inject the `Sumsub` facade or service into your controllers.
- Does this package support Laravel’s queue system for async verification processes?
- Yes, the package is designed for async workflows. You can dispatch long-running operations like document processing or verification checks to Laravel queues. Use the `Sumsub::verify()` method in a job class and queue it with `dispatch()` for background execution.
- What Laravel versions does **alexeevdv/sumsub-client** support?
- The package is built for Laravel 8.x and 9.x, leveraging modern features like dependency injection and the HTTP client. It also works with Laravel 7.x, though some newer Laravel-specific helpers may require adjustments. Check the package’s `composer.json` for exact version constraints.
- How do I handle Sumsub webhook signatures and validate incoming payloads?
- The package includes built-in HMAC validation for webhooks. Configure your `SUMSUB_WEBHOOK_SECRET` in `.env`, then use the `Sumsub::verifyWebhookSignature()` method in your webhook endpoint. Store payloads in a database for replay safety and idempotency checks.
- Can I use this package with Sumsub’s embedded verification widgets?
- Absolutely. The package simplifies generating session tokens for Sumsub’s embedded widgets. Use `Sumsub::startVerification()` to create a session, then render the widget in your Blade view or frontend framework with the returned `sessionId`. The package handles token generation and API communication under the hood.
- What database schema is required for storing verification sessions and documents?
- You’ll need tables for `verification_sessions` (to track Sumsub session IDs, user mappings, and metadata) and `verification_documents` (for uploaded files). The package doesn’t enforce a strict schema, but it recommends fields like `sumsub_session_id`, `user_id`, and JSON columns for flexible metadata storage. Example migrations are provided in the README.
- How do I test this package locally without hitting Sumsub’s API?
- Use Laravel’s HTTP client mocking or tools like Pest/Mockery to stub Sumsub API responses. The package’s facade-based design makes it easy to swap out the real client for testing. For UI flows, test embedded widgets with Sumsub’s sandbox environment or mock the iframe in your tests.
- Are there alternatives to this package for Sumsub integration in Laravel?
- Yes, you could use Sumsub’s official PHP SDK or build a custom wrapper with Guzzle. However, **alexeevdv/sumsub-client** is tailored for Laravel, offering built-in support for queues, events, and webhooks. It also abstracts common KYC workflows (e.g., document uploads, session management) more cleanly than a generic SDK.
- How do I handle errors or rate limits when calling Sumsub’s API?
- The package throws `SumsubException` for API errors, which you can catch and log. For rate limiting, use Laravel’s `throttle` middleware or implement exponential backoff in your service layer. The package also supports retries for transient failures—configure this in your `Sumsub` service binding.
- Can I integrate this package with Laravel Events or Notifications for user alerts?
- Yes, the package is event-ready. Dispatch Laravel events like `VerificationStarted`, `VerificationCompleted`, or `VerificationFailed` from your service layer. Pair this with Laravel Notifications to send email/SMS alerts to users. Example: `event(new VerificationStarted($user, $sessionId));`