AgeKit: Universal Age API

Introduction

AgeKit is k-ID's Universal Age API that provides instant access to digital consent age requirements and regulatory information across 195+ countries and 240+ jurisdictions. With a single API integration, you can determine whether age gates should be displayed and understand local age requirements for digital consent and data processing compliance.

The API returns comprehensive age gate requirements based on a user's jurisdiction, helping you implement appropriate age verification flows, understand local regulations, and ensure global compliance while optimizing user experiences.

Key Features

Global Coverage: 195+ countries and 240+ jurisdictions
Regulatory Intelligence: Real-time access to local age requirements
Privacy-First: Minimal data processing with no personal data retention
Always Current: Monthly regulatory updates
Simple Integration: Single endpoint for worldwide compliance

Base URL

https://game-api.k-id.com/api/v1/

Authentication

All API requests require authentication using a Bearer token in the Authorization header. This token is provided to you in your AgeKit welcome email.

Authorization: Bearer YOUR_API_KEY

⚠️ Security Best Practice: Never include your API key in client-side code or frontend applications. This endpoint is designed for server-to-server communication only.

Endpoint: Get Age Gate Requirements

`GET /age-gate/get-requirements`

Fetches the requirements to display an age gate based on the player's jurisdiction. This endpoint helps you determine whether an age gate should be shown, what the local age requirements are, and which age collection methods are approved in the jurisdiction.

Parameters

Parameter	Type	Required	Description
`jurisdiction`	string	Yes	The jurisdiction as an ISO 3166-1 alpha-2 country code (e.g., "US") or ISO 3166-2 subdivision code (e.g., "US-CA"). Subdivision codes are recommended when available.

Request Examples

cURL
JavaScript
Python
PHP
C#

curl -X GET "https://game-api.k-id.com/api/v1/age-gate/get-requirements?jurisdiction=US-CA" \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Accept: application/json"

const axios = require('axios');

async function getAgeGateRequirements(jurisdiction) {
  try {
    const response = await axios.get('https://game-api.k-id.com/api/v1/age-gate/get-requirements', {
      params: { jurisdiction },
      headers: {
        'Authorization': `Bearer ${process.env.AGEKIT_API_KEY}`,
        'Accept': 'application/json'
      }
    });
    
    return response.data;
  } catch (error) {
    console.error('Error fetching age gate requirements:', error.response?.data || error.message);
    throw error;
  }
}

// Usage
getAgeGateRequirements('US-CA')
  .then(result => {
    console.log('Should display age gate:', result.shouldDisplay);
    console.log('Digital consent age:', result.digitalConsentAge);
    console.log('Approved methods:', result.approvedAgeCollectionMethods);
  })
  .catch(error => console.error(error));

import requests
import os

def get_age_gate_requirements(jurisdiction):
    url = "https://game-api.k-id.com/api/v1/age-gate/get-requirements"
    
    headers = {
        "Authorization": f"Bearer {os.getenv('AGEKIT_API_KEY')}",
        "Accept": "application/json"
    }
    
    params = {
        "jurisdiction": jurisdiction
    }
    
    try:
        response = requests.get(url, headers=headers, params=params)
        response.raise_for_status()
        return response.json()
    except requests.exceptions.RequestException as e:
        print(f"Error fetching age gate requirements: {e}")
        raise

# Usage
try:
    result = get_age_gate_requirements("US-CA")
    print(f"Should display age gate: {result['shouldDisplay']}")
    print(f"Digital consent age: {result['digitalConsentAge']}")
    print(f"Approved methods: {result['approvedAgeCollectionMethods']}")
except Exception as e:
    print(f"Error: {e}")

<?php
function getAgeGateRequirements($jurisdiction) {
    $url = 'https://game-api.k-id.com/api/v1/age-gate/get-requirements';
    $url .= '?' . http_build_query(['jurisdiction' => $jurisdiction]);
    
    $headers = [
        'Authorization: Bearer ' . $_ENV['AGEKIT_API_KEY'],
        'Accept: application/json'
    ];
    
    $ch = curl_init();
    curl_setopt($ch, CURLOPT_URL, $url);
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
    curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
    
    $response = curl_exec($ch);
    $httpCode = curl_getinfo($ch, CURLINFO_HTTP_CODE);
    curl_close($ch);
    
    if ($httpCode !== 200) {
        throw new Exception("API request failed with status code: $httpCode");
    }
    
    return json_decode($response, true);
}

// Usage
try {
    $result = getAgeGateRequirements('US-CA');
    echo "Should display age gate: " . ($result['shouldDisplay'] ? 'Yes' : 'No') . "\n";
    echo "Digital consent age: " . $result['digitalConsentAge'] . "\n";
    echo "Approved methods: " . implode(', ', $result['approvedAgeCollectionMethods']) . "\n";
} catch (Exception $e) {
    echo "Error: " . $e->getMessage() . "\n";
}
?>

using System;
using System.Net.Http;
using System.Threading.Tasks;
using System.Text.Json;

public class AgeKitClient
{
    private readonly HttpClient _httpClient;
    private readonly string _apiKey;

    public AgeKitClient(string apiKey)
    {
        _apiKey = apiKey;
        _httpClient = new HttpClient();
        _httpClient.DefaultRequestHeaders.Add("Authorization", $"Bearer {apiKey}");
        _httpClient.DefaultRequestHeaders.Add("Accept", "application/json");
    }

    public async Task<AgeGateRequirementsResponse> GetAgeGateRequirementsAsync(string jurisdiction)
    {
        var url = $"https://game-api.k-id.com/api/v1/age-gate/get-requirements?jurisdiction={jurisdiction}";
        
        try
        {
            var response = await _httpClient.GetAsync(url);
            response.EnsureSuccessStatusCode();
            
            var json = await response.Content.ReadAsStringAsync();
            return JsonSerializer.Deserialize<AgeGateRequirementsResponse>(json, new JsonSerializerOptions 
            { 
                PropertyNamingPolicy = JsonNamingPolicy.CamelCase 
            });
        }
        catch (HttpRequestException ex)
        {
            throw new Exception($"Error fetching age gate requirements: {ex.Message}");
        }
    }
}

public class AgeGateRequirementsResponse
{
    public bool ShouldDisplay { get; set; }
    public bool AgeAssuranceRequired { get; set; }
    public int DigitalConsentAge { get; set; }
    public int CivilAge { get; set; }
    public int MinimumAge { get; set; }
    public string[] ApprovedAgeCollectionMethods { get; set; }
}

// Usage
var client = new AgeKitClient(Environment.GetEnvironmentVariable("AGEKIT_API_KEY"));
var result = await client.GetAgeGateRequirementsAsync("US-CA");

Console.WriteLine($"Should display age gate: {result.ShouldDisplay}");
Console.WriteLine($"Digital consent age: {result.DigitalConsentAge}");
Console.WriteLine($"Approved methods: {string.Join(", ", result.ApprovedAgeCollectionMethods)}");

Response Format

Success Response (200 OK)

{
  "shouldDisplay": true,
  "ageAssuranceRequired": true,
  "digitalConsentAge": 13,
  "civilAge": 18,
  "minimumAge": 0,
  "approvedAgeCollectionMethods": [
    "date-of-birth",
    "age-slider", 
    "platform-account"
  ]
}

Response Fields

Field	Type	Required	Description
`shouldDisplay`	boolean	Yes	Indicates whether the age gate should be displayed to the player based on local regulations
`ageAssuranceRequired`	boolean	Yes	Whether age assurance (verification) is required for players in this jurisdiction
`digitalConsentAge`	integer	Yes	The minimum age at which a player can provide digital consent for data processing
`civilAge`	integer	Yes	The civil/contract age at which a player is considered a legal adult in the jurisdiction
`minimumAge`	integer	Yes	The minimum age required to access the platform/game (typically 0 unless restricted)
`approvedAgeCollectionMethods`	array	Yes	List of approved methods for collecting age signals from players in this jurisdiction

Age Collection Methods

The approvedAgeCollectionMethods array may contain:

Approved Collection Method	Description
`date-of-birth`	Full date of birth (YYYY-MM-DD)
`age-slider`	Age range or approximate age selection
`platform-account`	Using existing platform account age verification

Jurisdiction Format

Jurisdictions should be provided as:

ISO 3166-1 alpha-2 country codes: US, GB, DE, AU
ISO 3166-2 subdivision codes: US-CA, GB-ENG, DE-BY, AU-NSW

Recommendation: Always use subdivision codes when available for more precise regulatory compliance.

Error Responses

HTTP 400 - Bad Request

{
  "error": "INVALID_INPUT",
  "errorMessage": "Invalid jurisdiction"
}

HTTP 401 - Unauthorized

{
  "error": "UNAUTHORIZED",
  "errorMessage": "Unauthorized"
}

Best Practices

Security

Never expose your API key: Keep your API key secure and never include it in client-side code
Use environment variables: Store your API key in environment variables, not in source code
Server-side only: Make all API calls from your backend servers, not from browsers or mobile apps
HTTPS only: Always use HTTPS for API requests to protect your API key in transit

Performance

Cache responses: Cache age gate requirements for jurisdictions to reduce API calls
Error handling: Implement proper error handling and retry logic with exponential backoff

Implementation

Handle regional variations: Use subdivision codes (US-CA, GB-ENG) when available for accurate compliance
Graceful degradation: Have fallback logic if the API is temporarily unavailable
User experience: Use the shouldDisplay flag to conditionally show age gates only when required

AgeKit: Universal Age API

Introduction​

Key Features​

Base URL​

Authentication​

Endpoint: Get Age Gate Requirements​

GET /age-gate/get-requirements​

Parameters​

Request Examples​

Response Format​

Success Response (200 OK)​

Response Fields​

Age Collection Methods​

Jurisdiction Format​

Error Responses​

Best Practices​

Security​

Performance​

Implementation​