03 / Scorecard / Auth & Identity

Sumsub

Name: Sumsub Agent Readiness Scorecard
Item: Sumsub
Rating: 13
Author: Headless Index pipeline (auto)

Headless Index

13/100

denominator 40

JAIRF

N/A

Verified

MAY 21, 2026

Methodology v1 · JAIRF v1.0.0

Editorial verdict

Sumsub is not built for machine consumption today. The Headless Index thesis-fit score of 13/100 fails the floor checks of the index, and JAIRF is recorded as N/A for this vendor because no public OpenAPI specification was reachable for the open-source scorer. In practice, vendors at this tier are not built for machine consumption today: agents can poke at them, but the dashboard remains the source of truth, and the rest of this verdict explains where Sumsub lands inside that pattern. On the API surface, the question is whether the API is the product or a layer beneath the dashboard. On API-first posture, the structured collectors did not surface an OpenAPI spec, GraphQL endpoint, or SDK ecosystem strong enough to score this criterion automatically. Editorial follow-up should confirm whether an API spec exists behind authentication or in unindexed documentation.^[1] Schema observability is the related test: can an agent introspect the contract from cold, or does it have to read prose documentation to do so? REST documented at developers.sumsub.com. OpenAPI references exist.^[2] Driving this product through an agent is not realistic with the current surface: the API exists, but it is not the contract the vendor optimises for. On headless operability: On headless operability, the docs crawl did not produce topic coverage sufficient to score programmatic setup, billing, teams, schema, or CLI workflows. A targeted AI review pass should visit the vendor's docs index and confirm what programmatic surfaces actually exist.^[3] On the MCP and agent-integration axis, which is the fastest-moving criterion in the index: No first-party Sumsub MCP server.^[4] Event posture closes the loop: an agent that cannot react to state changes is reduced to polling. On webhooks and events, the docs crawler did not locate a webhooks reference page or events catalog. Editorial review should confirm whether the vendor publishes events at all, and if so whether signing and replay are documented. Net assessment: Sumsub fails the floor checks of the methodology, with MCP posture^[5] as the most acute gap. Any agent integration here will be brittle and short-lived until the vendor invests in machine-readable surfaces. Not currently suitable for agent consumption.

Verdict by Headless Index pipeline (auto)

// AI-drafted from the evidence layer. Editorial review pending.

Scores

Scorecard detail

Headless Index · 5 sub-criteria

API-first design intentUnknown

Unknown

Sumsub is all-in-one KYC/AML platform. REST API across applicants, documents, verifications, ongoing monitoring, AML screening. SDKs in Node, Python, Ruby, Java, PHP, Go.

signals (4)

+AI review appliedReviewer: Editorial review on 2026-05-20
−OpenAPI specNot found across 34 probe paths
−GraphQL endpointNot discovered (5 probes; project-scoped endpoints require a real project ID)
−SDKs maintainedNone detected in vendor org

cite (3)

openapi.probes_tried@2026-05-21
graphql.probes_tried@2026-05-21
github.sdks@2026-05-21

Headless operationUnknown

Unknown

Applicants, levels, workflows, AML rules, and case management are programmable. The Sumsub dashboard handles compliance review.

signals (9)

+AI review appliedReviewer: Editorial review on 2026-05-20
−API operations exposedNo OpenAPI spec; operations count unknown
·Docs pages crawled0 pages (crawler: none)
·Auth schemes documentedAuth documentation page not reached by crawler
·Setup / quickstart docsNot reached by crawler
·Billing docsNot reached by crawler
·Teams / org docsNot reached by crawler
·CLI docsNot reached by crawler
·Schema / data model docsNot reached by crawler

cite (8)

openapi.operations_count@2026-05-21
docs.pages_crawled@2026-05-21
docs.pages_crawled@2026-05-21
docs.topics_found.setup@2026-05-21
docs.topics_found.billing@2026-05-21
docs.topics_found.teams@2026-05-21
docs.topics_found.cli@2026-05-21
docs.topics_found.schema@2026-05-21

MCP & agent posture0/20

scored

No first-party Sumsub MCP server.

signals (4)

+AI review appliedReviewer: Editorial review on 2026-05-20
−Official MCP serverNone found in vendor's GitHub org or the official MCP registry
−Community MCP serversNone found
−Agent-friendly SDKsNo TypeScript/JavaScript SDK published (agents commonly run in TS/JS)

cite (3)

mcp.registry_query@2026-05-21
mcp.github_search_query@2026-05-21
github.sdks@2026-05-21

Schema observability5/20

scored

REST documented at developers.sumsub.com. OpenAPI references exist.

signals (3)

+AI review appliedReviewer: Editorial review on 2026-05-20
−OpenAPINot discovered across 34 standard probe paths
−GraphQL introspectionNo GraphQL endpoint discovered (5 probes; some vendors use project-scoped endpoints that require a real project handle)

cite (2)

openapi.probes_tried@2026-05-21
graphql.probes_tried@2026-05-21

Webhooks & eventsUnknown

Unknown

Applicant-status, AML-hit, and case webhooks with HMAC signing. Catalog matches KYC/AML workflows.

signals (2)

+AI review appliedReviewer: Editorial review on 2026-05-20
·Webhook docs pageNot reached by crawler within budget (0 pages crawled). Cannot confirm whether vendor offers webhooks.

cite (1)

docs.pages_crawled@2026-05-21

JAIRF · 6 dimensions

JAIRF · N/A

This vendor does not publish a public OpenAPI specification. JAIRF cannot be computed. The Headless Index score and editorial verdict carry the readiness assessment.

No public OpenAPI specification discovered during collection

Band rationale:F band triggered: HeadlessIndex=13

04 / Embed

Show Sumsub's score on your site.

Drop a live badge into your README, footer, or marketing page. It updates automatically when we re-score, and every embed is a dofollow link back here.

Get embed code

Calibration

How THI compares to external scorers

Source	Score	Measures	Last checked
Fern Agent Score	not found	Documentation completeness and SDK shape (~22 checks)	—
CLIRank Agent Friendliness	0	CLI readiness, docs quality, and overall agent affordances	—
Cloudflare Is It Agent Ready?	blocked	Cloudflare's manual agent-readiness heuristic per vendor URL	—
Jentic Scorecard	n a	JAIRF-based scorecard requiring a public OpenAPI specification	—

THI 13 vs external median 0, delta +13

THI display 13 vs external median 0 (delta +13). Within calibration band.

Peers in Auth & Identity

Stack AuthF

Headless Index 13/100

VeriffF

Headless Index 13/100

TrustPathF

Headless Index 25/100

See full Auth & Identity ranking →