API Documentation

REST API reference for integrating identity verification and credential presentation into your product.

Authentication

All API requests must include your API key in the request body as api_key. Keys are prefixed enc_live_ for production and enc_test_ for test mode. Never expose your API key client-side.

Endpoints

Create verification request

Request

POST https://verify.enclave.talk/api/v1/verify/request

{
  "api_key": "enc_live_...",
  "user_identifier": "user@example.com",
  "claims_requested": ["age_18_plus", "identity_verified"],
  "redirect_url": "https://yoursite.com/verified",
  "webhook_url": "https://yoursite.com/webhooks/verify"
}

Initiates a verification request for a user. Returns a URL to redirect the user to.

Parameter	Type	Required	Description
`api_key`	string	Yes	Your Enclave Verify API key
`user_identifier`	string	Yes	User's email or Enclave user ID
`claims_requested`	array	Yes	Claims to verify. See supported claims below
`redirect_url`	string	Yes	Where to send the user after verification
`webhook_url`	string	No	Endpoint to receive verification result

Response

{
  "request_id": "a1b2c3d4-...",
  "verify_url": "https://verify.enclave.talk/consent?request=a1b2c3d4",
  "status": "pending_consent",
  "expires_at": "2026-06-06T01:00:00Z"
}

Redirect your user to verify_url. The request expires after 1 hour.

Get request status

Request

GET https://verify.enclave.talk/api/v1/verify/request/:request_id

x-api-key: enc_live_...

Poll the status of a pending verification request.

Response

{
  "request_id": "a1b2c3d4-...",
  "status": "consented",
  "claims": {
    "age_18_plus": true,
    "identity_verified": true
  },
  "certificate_id": "uuid",
  "presented_at": "2026-06-06T00:05:00Z",
  "signature": "base64_ed25519_signature"
}

Status	Description
`pending_consent`	Awaiting user action
`consented`	User approved — claims returned
`denied`	User denied the request
`expired`	Request expired after 1 hour

Present certificate

Request

POST https://verify.enclave.talk/api/v1/verify/present

{
  "api_key": "enc_live_...",
  "user_identifier": "user@example.com",
  "claims_requested": ["age_18_plus"]
}

Request a credential presentation for a previously verified user. Billed at $0.025 per call.

Response

{
  "certificate_id": "uuid",
  "claims": {
    "age_18_plus": true
  },
  "presented_at": "2026-06-06T00:05:00Z",
  "signature": "base64_ed25519_signature"
}

Only claims the user previously consented to share will be returned.

Validate signature

Request

POST https://verify.enclave.talk/api/v1/verify/validate

{
  "certificate_id": "uuid",
  "claims": { "age_18_plus": true },
  "presented_at": "2026-06-06T00:05:00Z",
  "signature": "base64_ed25519_signature"
}

Validate a presentation signature offline against Enclave's public key. No authentication required. Free — not billed.

Response

{
  "valid": true,
  "issuer": "verify.enclave.talk",
  "verified_at": "2026-06-06T00:05:00Z"
}

Supported claims

Claim	Type	Description
`identity_verified`	boolean	Government ID validated
`age_18_plus`	boolean	User is 18 or older
`age_21_plus`	boolean	User is 21 or older
`name_verified`	boolean	Name on document confirmed
`nationality`	string	ISO country code
`document_type`	string	passport, drivers_license, national_id

Webhooks

Enclave signs every webhook with HMAC-SHA256. Validate the signature before processing.

Verification consented

{
  "event": "verification.consented",
  "request_id": "uuid",
  "claims": {
    "age_18_plus": true,
    "identity_verified": true
  },
  "certificate_id": "uuid",
  "presented_at": "2026-06-06T00:05:00Z",
  "signature": "base64_ed25519_signature"
}

Verification denied

{
  "event": "verification.denied",
  "request_id": "uuid",
  "denied_at": "2026-06-06T00:05:00Z"
}

Signature validation

import crypto from 'crypto'

const sig = req.headers['x-enclave-signature']
const expected = crypto
  .createHmac('sha256', process.env.ENCLAVE_WEBHOOK_SECRET)
  .update(JSON.stringify(req.body))
  .digest('hex')

if (sig !== expected) {
  return res.status(401).json({ error: 'Invalid signature' })
}

Error codes

Code	HTTP Status	Description
`invalid_api_key`	401	API key missing, invalid, or revoked
`user_not_found`	404	No Enclave account for this identifier
`no_certificate`	404	User has not completed verification
`certificate_expired`	410	Certificate expired — user must re-verify
`claim_not_available`	400	Requested claim not in user's certificate
`request_expired`	410	Verification request expired
`insufficient_funds`	402	Billing not set up — connect a payment method in the business dashboard