SDKs
Official SDKs are planned for Q4 2026. Until then, integrate directly via HTTP — the API is intentionally simple.
| Language | Package | Status |
|---|---|---|
| Go | github.com/pylon-id/sdk-go | Planned (Q4 2026) |
| JavaScript/TypeScript | @pylon-id/sdk | Planned (Q4 2026) |
| Python | pylon-id | Planned (Q4 2026) |
| Java | com.pylonid:sdk | Planned (Q4 2026) |
| Rust | pylon-sdk | Planned (Q4 2026) |
Each SDK page includes complete working examples for direct HTTP integration — calling the API, handling webhooks, and validating signatures.
Integration Pattern
Every language follows the same pattern:
- Call
POST /v1/verify/agewith your API key, policy, and callback URL - Get
walletUrlfrom the response — display as QR code - Customer scans with EUDI wallet and consents
- PylonID POSTs result to your
callbackUrl - Validate the
X-Pylon-Signatureheader (HMAC-SHA256) - Process the verification result
Webhook Signature
Every webhook includes an X-Pylon-Signature header:
X-Pylon-Signature: sha256=a1b2c3d4e5f6...
This is HMAC-SHA256(your_webhook_secret, raw_request_body) formatted as sha256={hex}.
Always validate signatures and always use the raw request body (before JSON parsing). See each SDK page for language-specific examples, or the Webhooks guide for full details.
Environment Variables
export PYLON_API_KEY="pyl_..."
export PYLON_WEBHOOK_SECRET="your-webhook-secret"
Questions? See API Reference or email hello@pylonid.eu