Redact an identity

Permanently removes all personal data from an identity record, including encrypted PII and HMAC hashes used for duplicate detection. The identity record itself is retained with status `redacted` for audit purposes. This fulfills GDPR right-to-erasure (Art. 17) requests at the identity level. To also redact individual session data, use the session redaction endpoints separately. **Required scope:** `redact:write` (or legacy `identities:write`).

This fulfills GDPR right-to-erasure (Art. 17) requests at the identity level. To also redact individual session data, use the session redaction endpoints separately.

Required scope: redact:write (or legacy identities:write).

Authentication

X-API-Keystring

Organization API key. Keys are prefixed with vk_live_ (production) or vk_sandbox_ (sandbox).

Path parameters

identity_idstringRequired

Identity ID (idn_*) or external reference.

Response

Identity redacted.

idstring

statusstring

messagestring

Errors

401

Unauthorized Error

404

Not Found Error

422

Unprocessable Entity Error

This fulfills GDPR right-to-erasure (Art. 17) requests at the identity level. To also redact individual session data, use the session redaction endpoints separately.

Required scope: redact:write (or legacy identities:write).

Organization API key. Keys are prefixed with vk_live_ (production) or vk_sandbox_ (sandbox).

Identity ID (idn_*) or external reference.

API version date string (e.g. 2026-02-01). If omitted, the version pinned to your API key is used.

Unique key for idempotent requests. Cached for 24 hours. Sending the same key with different parameters returns 422.

Redact an identity

Authentication

Path parameters

Headers

Response

Errors

Authentication

Path parameters

Headers

Response

Errors

$	curl -X DELETE https://devapi.withverifa.com/api/v1/identities/identity_id/data \
>	-H "X-API-Key: <apiKey>"

1	{
2	"id": "idn_abc123",
3	"status": "redacted",
4	"message": "string"
5	}