Identity Processor

Configuration reference for identity verification methods, consent, and NDPR compliance.

The identity processor controls which verification methods are available to your organization, whether explicit user consent is required before verification, and whether NDPR (Nigeria Data Protection Regulation) compliance mode is active.

Endpoint

GET /api/v1/identity/processor -- Read current configuration.

PUT /api/v1/identity/processor -- Update configuration.

Scope: identity:manage

Configuration schema

{
  "config": {
    "verificationMethods": ["bvn", "nin", "passport"],
    "consentRequired": true,
    "ndprCompliance": true
  }
}

Fields

Field	Type	Default	Description
`verificationMethods`	`string[]`	`["bvn", "nin", "passport"]`	Which verification methods are enabled for this tenant
`consentRequired`	`boolean`	`true`	Whether the calling application must include a consent flag in verification requests
`ndprCompliance`	`boolean`	`true`	Whether NDPR-compliant data handling rules are enforced (data minimization, audit trails, retention limits)

Available verification methods

Code	Method	Description
`bvn`	Bank Verification Number	11-digit BVN lookup against NIBSS database
`nin`	National Identity Number	NIN verification against NIMC database
`passport`	International passport	Passport MRZ extraction and verification
`drivers_license`	Drivers license	License number verification
`voters_card`	Voter's card	Voter registration verification

How it affects runtime

Verification methods: Only methods listed in verificationMethods can be used. Requests specifying a method not in the list receive a BAD_REQUEST error. This prevents accidental use of verification channels that your organization has not contracted for.
Consent requirement: When consentRequired is true, verification requests must include consent: true in the request body. Requests without it are rejected. This ensures your application explicitly obtains user consent before running identity checks.
NDPR compliance: When enabled, verification results are subject to data minimization (only necessary fields returned), audit logging (every check is recorded), and retention rules (results are purged after the configured period).

Disabling NDPR compliance is only permitted for organizations operating entirely outside Nigeria. Organizations processing Nigerian residents' data must keep this enabled.

Examples

Add drivers license and disable consent requirement

curl

curl -X PUT https://api.platformxe.com/api/v1/identity/processor \
  -H "Content-Type: application/json" \
  -H "x-api-key: pxk_live_your_api_key_here" \
  -d '{
    "config": {
      "verificationMethods": ["bvn", "nin", "passport", "drivers_license"],
      "consentRequired": false
    }
  }'

TypeScript SDK

import { PlatformXe } from '@caldera/platformxe-sdk';

const px = new PlatformXe({ apiKey: 'pxk_live_your_api_key_here' });

await px.identity.updateProcessor({
  config: {
    verificationMethods: ['bvn', 'nin', 'passport', 'drivers_license'],
    consentRequired: false,
  },
});

Python SDK

from platformxe import PlatformXe

px = PlatformXe(api_key="pxk_live_your_api_key_here")

px.identity.update_processor({
    "config": {
        "verificationMethods": ["bvn", "nin", "passport", "drivers_license"],
        "consentRequired": False
    }
})

Error responses

Code	Description
`FORBIDDEN`	API key does not have the `identity:manage` scope
`BAD_REQUEST`	Invalid config (e.g., unknown verification method)
`RATE_LIMITED`	Rate limit exceeded