> ## Documentation Index
> Fetch the complete documentation index at: https://docs.rails.wayex.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Submit optional reusable identity evidence

> Validates a single-use Sumsub share token and binds the reusable accepted evidence result to one beneficiary.

## What this endpoint does

Validates a single-use Sumsub share token and binds the reusable accepted evidence result to one beneficiary.

## When to use it

Use it only to add evidence to an existing beneficiary. The normal flow submits the token in `sumsub.shareToken` while creating the beneficiary, never on a payout.

## Before you call

Use a secret API key with `treasury:write`. The beneficiary must belong to this tenant account and the fresh single-use token must match that beneficiary.

## Money and balance effect

Evidence validation does not reserve or move wallet money.

## States and completion

Accepted evidence can later satisfy payout policy until it expires. Invalid, mismatched, rejected, or unavailable evidence is never silently ignored.

## Safe retries

The share token is single-use. Send one `Idempotency-Key`, then retry the exact request with the same key after a lost response so Wayex replays the result rather than validating the token again.

Read [Beneficiaries and payouts](/treasury/beneficiaries-and-payouts) for the complete workflow.


## OpenAPI

````yaml /api-reference/openapi.json post /v1/treasury/sumsub-evidence
openapi: 3.0.0
info:
  title: Wayex API
  description: >-
    Wayex APIs for direct customer payment routes and isolated, prefunded
    Treasury accounts. Each API key is bound to one tenant account and its own
    wallet, settings, webhooks, and reporting.
  version: 1.0.0
  contact: {}
servers:
  - url: https://api.sandbox.wayex.com
    description: Sandbox integration environment
security:
  - Bearer: []
  - ApiKey: []
tags:
  - name: Treasury
    description: >-
      Prefunded AUD and stablecoin wallets for one isolated tenant account.
      Fund, pay, convert, withdraw, track, and reconcile without selecting
      another account.
  - name: Customers
    description: >-
      Onboard end customers, run verification, and manage each customer's
      entitlements.
  - name: Payment routes
    description: >-
      Standing deposit instructions per customer. When a customer funds a route,
      Wayex auto-converts at the live rate and pays out/sends — no quote, no
      lock.
  - name: Transfers
    description: >-
      Read the conversion records produced when customers fund payment routes —
      the live activity feed and per-conversion lifecycle timeline.
  - name: Rates
    description: >-
      The live indicative AUD↔stablecoin rate right now — the all-in rate Wayex
      quotes. Indicative only; the binding price is struck when a route's funds
      land.
  - name: Revenue
    description: Your developer-fee revenue over time.
  - name: Invoices
    description: >-
      Your monthly invoices — Wayex platform fees due, net of your accrued
      developer-fee credit.
  - name: Webhooks
    description: Subscribe to HMAC-signed event webhooks and inspect deliveries.
  - name: API keys
    description: Create, list, and rotate API keys for programmatic access.
  - name: Fees
    description: >-
      Configure your developer fee — the markup withheld from each conversion
      and credited against your monthly invoice.
  - name: Invitations
    description: Accept a team invitation and activate your account.
paths:
  /v1/treasury/sumsub-evidence:
    post:
      tags:
        - Treasury
      summary: Submit optional reusable identity evidence
      description: >-
        Validates a single-use Sumsub share token and binds the reusable
        accepted evidence result to one beneficiary. Use it only to add evidence
        to an existing beneficiary. The normal flow submits the token in
        `sumsub.shareToken` while creating the beneficiary, never on a payout.
      operationId: TreasuryController2_submitEvidence_v1
      parameters:
        - name: Idempotency-Key
          in: header
          required: true
          description: >-
            A unique key for this logical action. Reuse the same key and
            identical payload when retrying after an unknown response.
          schema:
            type: string
            minLength: 8
            maxLength: 255
          example: 13bda8d7-87bd-4fa4-b7d5-e740725f9bd2
      requestBody:
        required: true
        content:
          application/json:
            schema:
              type: object
              properties:
                beneficiaryId:
                  type: string
                  minLength: 1
                externalReference:
                  type: string
                  minLength: 1
                shareToken:
                  type: string
                  minLength: 1
                  maxLength: 1024
              required:
                - beneficiaryId
                - externalReference
                - shareToken
      responses:
        '201':
          description: ''
          content:
            application/json:
              schema:
                type: object
                properties:
                  id:
                    type: string
                    minLength: 1
                  clientId:
                    type: string
                    minLength: 1
                  beneficiaryId:
                    type: string
                    minLength: 1
                  applicantId:
                    type: string
                    minLength: 1
                  levelName:
                    type: string
                    minLength: 1
                  externalReference:
                    type: string
                    minLength: 1
                  status:
                    type: string
                    enum:
                      - accepted
                      - pending
                      - manual_review
                      - rejected
                      - expired
                  checkedAt:
                    type: string
                    format: date-time
                  expiresAt:
                    type: string
                    format: date-time
                required:
                  - id
                  - clientId
                  - beneficiaryId
                  - applicantId
                  - levelName
                  - externalReference
                  - status
                  - checkedAt
      security:
        - Bearer: []
        - ApiKey: []
components:
  securitySchemes:
    Bearer:
      type: http
      scheme: bearer
      bearerFormat: Wayex API key
      description: 'Send the same Wayex API key as `Authorization: Bearer <key>`.'
    ApiKey:
      type: apiKey
      in: header
      name: X-Api-Key
      description: A Wayex API key. Use a secret key for write operations.

````