Skip to main content
POST
/
applications
/
{application_id}
/
document-uploads
Create an application document upload session
curl --request POST \
  --url https://api.platform.dakota.xyz/applications/{application_id}/document-uploads \
  --header 'Content-Type: application/json' \
  --header 'X-Application-Token: <api-key>' \
  --header 'x-idempotency-key: <x-idempotency-key>' \
  --data '
{
  "document_type": "articles_of_incorporation",
  "file_type": "pdf",
  "country": "US",
  "id_number": "string",
  "filename": "source_of_wealth.pdf"
}
'
{
  "upload_url": "https://storage.googleapis.com/bucket/path?...",
  "upload_id": "2hCjxJzUAW6JVRkZqaF9E0KpM3a",
  "object_path": "applications/business/2hCjxJzUAW6JVRkZqaF9E0KpM3a/business-documents/2hDeFgHiJkLmNoPqRsTuVwXyZ",
  "expires_at": "2025-01-15T18:30:00Z"
}

Authorizations

ā€‹
X-Application-Token
string
header
required

Application-specific token for public URL access. Generated when a customer is created. Provides access to a single application without requiring an API key. Token is valid for 30 days and rate-limited to 100 requests per hour.

Headers

ā€‹
x-idempotency-key
string<uuid>
required

Unique key to ensure request idempotency. If the same key is used within a certain time window, the original response will be returned instead of executing the request again.

Path Parameters

ā€‹
application_id
string
required

The unique identifier for the application KSUID is a 27-character globally unique ID that combines a timestamp with a random component. Used for all entity identifiers in the Dakota platform.

Required string length: 27
Pattern: ^[0-9A-Za-z]{27}$
Example:

"1NFHrqBHb3cTfLVkFSGmHZqdDPi"

Body

application/json

Request to create a presigned upload session for an application-level document

ā€‹
document_type
enum<string>
required

Type of application-level document (business or EDD)

Available options:
certificate_of_incorporation,
articles_of_incorporation,
certificate_of_good_standing,
corporate_registry_extract,
shareholder_registry,
bank_reference_letter,
operating_agreement,
memorandum,
articles_of_association,
proof_of_address,
bank_statement,
utility_bill,
source_of_funds,
crypto_statement,
investment_statement,
subscription_agreement,
safe_agreement,
convertible_note,
loan_agreement,
promissory_note,
pitch_deck,
marketing_material,
business_plan,
regulatory_license,
payslip,
employment_contract,
shareholders_agreement,
income_verification_letter,
savings_statement
Example:

"articles_of_incorporation"

ā€‹
file_type
enum<string>
required

Supported file type

Available options:
pdf,
jpeg,
png
Example:

"pdf"

ā€‹
country
string
required

ISO 3166-1 alpha-2 country code for the document

Required string length: 2
Example:

"US"

ā€‹
id_number
string

Optional ID/registration number. Required for formation documents.

Required string length: 3 - 50
ā€‹
filename
string

Optional original filename. Will be sanitized for safe storage and display.

Maximum string length: 100
Example:

"source_of_wealth.pdf"

Response

Presigned URL generated successfully

Response containing a presigned URL for document upload

ā€‹
upload_url
string<uri>
required

Presigned URL to upload the document to. Use PUT method with the file content.

Example:

"https://storage.googleapis.com/bucket/path?..."

ā€‹
upload_id
string
required

Unique identifier for this upload. Use this when calling the verify endpoint.

Example:

"2hCjxJzUAW6JVRkZqaF9E0KpM3a"

ā€‹
object_path
string
required

The GCS object path where the document will be stored. Pass this to the verify endpoint.

Example:

"applications/business/2hCjxJzUAW6JVRkZqaF9E0KpM3a/business-documents/2hDeFgHiJkLmNoPqRsTuVwXyZ"

ā€‹
expires_at
string<date-time>
required

ISO 8601 timestamp when the presigned URL expires

Example:

"2025-01-15T18:30:00Z"