Disclosures

Disclosures control what information users reveal during identity verification. You configure them in the frontend disclosures object, which contains two types of settings:

Verification Requirements - conditions that must be met (must match backend)
Disclosure Requests - information users will reveal (frontend only)

Verification Requirements

These settings define verification conditions and must match your backend verification_config:

`minimumAge`

Verifies user is at least this age without revealing exact age or date of birth.

disclosures: {
  minimumAge: 18, // User must be 18 or older
}

`excludedCountries`

Blocks users from specific countries using ISO 3-letter country codes.

disclosures: {
  excludedCountries: ['IRN', 'PRK'], // Block Iran and North Korea
}

The maximum amount of excluded countries you can specify is 40. Any more than this will cause proofs to fail verification on the Self App.

`ofac`

Enables OFAC (sanctions) checking against official watchlists.

disclosures: {
  ofac: true, // Enable sanctions checking
}

Disclosure Requests

These settings specify what information users will reveal. Configure only in frontend - backend receives this data automatically.

Personal Information

name: User's full name from passport
nationality: User's nationality
gender: User's gender (M/F)
date_of_birth: Full date of birth

Document Information

passport_number: Passport number (use carefully for privacy)
expiry_date: Passport expiry date
issuing_state: Country that issued the passport

Example Configuration

disclosures: {
  // Verification requirements (must match backend)
  minimumAge: 21,
  excludedCountries: ['IRN'],
  ofac: true,
  
  // Disclosure requests (frontend only)
  nationality: true,
  gender: true,
  name: false,           // Don't request name
  date_of_birth: true,
  passport_number: false, // Don't request for privacy
}

Verification Result

When verification succeeds, disclosed information is available in result.discloseOutput:

const result = await selfBackendVerifier.verify(/*...*/);
if (result.isValidDetails.isValid) {
  const data = result.discloseOutput;
  
  console.log(data.nationality);    // "USA" (if requested)
  console.log(data.gender);         // "M" or "F" (if requested)
  console.log(data.olderThan);      // "18" (if minimumAge set)
  console.log(data.name);           // undefined (if not requested)
}

Privacy Best Practices

Request only what you need: Each disclosure reveals personal information
Avoid sensitive fields: Be cautious with passport_number and name
Consider alternatives: Use minimumAge instead of date_of_birth for age verification
Store carefully: Implement proper data protection for disclosed information

Common Use Cases

Age verification only:

disclosures: {
  minimumAge: 18, // No personal data revealed
}

Basic identity with nationality:

disclosures: {
  minimumAge: 18,
  nationality: true,
  gender: true,
}

Complete identity verification:

disclosures: {
  minimumAge: 21,
  ofac: true,
  nationality: true,
  name: true,
  date_of_birth: true,
}

PreviousQuickstart NextUse deeplinking

Last updated 4 months ago

hashtagVerification Requirements

hashtagminimumAge

hashtagexcludedCountries

hashtagofac

hashtagDisclosure Requests

hashtagPersonal Information

hashtagDocument Information

hashtagExample Configuration

hashtagVerification Result

hashtagPrivacy Best Practices

hashtagCommon Use Cases