Redact an identity
Permanently removes all personal data from an identity record,
including encrypted PII and HMAC hashes used for duplicate detection.
The identity record itself is retained with status redacted for
audit purposes.
This fulfills GDPR right-to-erasure (Art. 17) requests at the identity level. To also redact individual session data, use the session redaction endpoints separately.
Authentication
X-API-Keystring
Organization API key. Keys are prefixed with vk_live_ (production) or
vk_sandbox_ (sandbox).
Path parameters
identity_id
Identity ID (idn_*) or external reference.
Headers
Verifa-Version
API version date string (e.g. 2026-02-01). If omitted, the version
pinned to your API key is used.
Idempotency-Key
Unique key for idempotent requests. Cached for 24 hours. Sending the
same key with different parameters returns 422.
Response
Identity redacted.
id
status
message
Errors
401
Unauthorized Error
404
Not Found Error
422
Unprocessable Entity Error