# Disclosures Disclosures control what information users reveal during identity verification. You configure them in the frontend `disclosures` object, which contains two types of settings: 1. **Verification Requirements** - conditions that must be met (must match backend) 2. **Disclosure Requests** - information users will reveal (frontend only) ## Verification Requirements These settings define verification conditions and must match your backend `verification_config`: ### `minimumAge` Verifies user is at least this age without revealing exact age or date of birth. ```javascript disclosures: { minimumAge: 18, // User must be 18 or older } ``` ### `excludedCountries` Blocks users from specific countries using [ISO 3-letter country codes](https://www.iso.org/obp/ui/#search). ```javascript disclosures: { excludedCountries: ['IRN', 'PRK'], // Block Iran and North Korea } ``` {% hint style="info" %} The maximum amount of excluded countries you can specify is 40. Any more than this will cause proofs to fail verification on the Self App. {% endhint %} ### `ofac` Enables OFAC (sanctions) checking against official watchlists. ```javascript disclosures: { ofac: true, // Enable sanctions checking } ``` ## Disclosure Requests These settings specify what information users will reveal. Configure only in frontend - backend receives this data automatically. ### Personal Information * **`name`**: User's full name from the verified document * **`nationality`**: User's nationality * **`gender`**: User's gender (M/F) * **`date_of_birth`**: Full date of birth ### Document Information * **`passport_number`**: Document number (use carefully for privacy) * **`expiry_date`**: Document expiry date * **`issuing_state`**: Country that issued the document ## Example Configuration ```javascript disclosures: { // Verification requirements (must match backend) minimumAge: 21, excludedCountries: ['IRN'], ofac: true, // Disclosure requests (frontend only) nationality: true, gender: true, name: false, // Don't request name date_of_birth: true, passport_number: false, // Don't request for privacy } ``` ## Verification Result When verification succeeds, disclosed information is available in `result.discloseOutput`: ```javascript const result = await selfBackendVerifier.verify(/*...*/); if (result.isValidDetails.isValid) { const data = result.discloseOutput; console.log(data.nationality); // "USA" (if requested) console.log(data.gender); // "M" or "F" (if requested) console.log(data.olderThan); // "18" (if minimumAge set) console.log(data.name); // undefined (if not requested) } ``` ## Frontend & Backend Alignment {% hint style="warning" %} **Critical**: The verification rules in your frontend `disclosures` object **must exactly match** the configuration in your backend `SelfBackendVerifier` or smart contract. A mismatch — even a stricter value — will cause verification to fail. {% endhint %} For example, if the backend requires `minimumAge: 18` but the frontend specifies `minimumAge: 21`, verification will fail. The values must be identical, not just compatible. {% hint style="success" %} **Best practice**: Centralize your disclosure config in a shared constants file and import it into both frontend and backend to avoid drift. {% endhint %} {% hint style="info" %} Data disclosures (`nationality`, `gender`, `name`, etc.) are **not** enforced by your backend or contracts — they only control what data the user reveals. Only verification rules (`minimumAge`, `excludedCountries`, `ofac`) need to match. {% endhint %} ## Privacy Best Practices * **Request only what you need**: Each disclosure reveals personal information * **Avoid sensitive fields**: Be cautious with `passport_number` and `name` * **Consider alternatives**: Use `minimumAge` instead of `date_of_birth` for age verification * **Store carefully**: Implement proper data protection for disclosed information ## Common Use Cases **Age verification only:** ```javascript disclosures: { minimumAge: 18, // No personal data revealed } ``` **Basic identity with nationality:** ```javascript disclosures: { minimumAge: 18, nationality: true, gender: true, } ``` **Complete identity verification:** ```javascript disclosures: { minimumAge: 21, ofac: true, nationality: true, name: true, date_of_birth: true, } ``` --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.self.xyz/self-pass/disclosures.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.