For AI agents: a documentation index is available at the root level at /llms.txt and /llms-full.txt. Append /llms.txt to any URL for a page-level index, or .md for the markdown version of any page.
  • Getting Started
    • Introduction
    • How Verifa Works
    • Quickstart
    • Choosing an Integration Method
  • Use Cases
    • KYC Onboarding
    • Age Verification
    • AML Compliance
    • Fraud Prevention
    • Marketplace Trust & Safety
  • Core Concepts
    • Overview
    • Sessions
    • Verifications & Checks
    • Workflows
    • Identities
    • Cases
    • Screening & Reports
    • Lists
  • Integration Guides
    • Overview
    • JavaScript SDK
    • Web Capture Flow
    • API-Only Integration
    • Mobile SDK
    • Webhooks Guide
    • MCP Server
    • Migrating from Persona
  • API Details
    • Overview
    • Authentication
    • Pagination
    • Rate Limiting
    • Versioning
    • Errors
    • Webhooks
    • Idempotency
    • Key Inflection
    • Data Access
    • Data Retention
  • Tutorials
    • Creating Your First Verification Session
    • Creating a Workflow
    • Receiving Webhooks & Validating Signatures
    • Handling Webhook Events
    • Custom Document Types & AI Extraction
  • Best Practices
    • Testing
    • Preventing Duplicates
    • Fraud Signals
    • Changelog
  • API Reference
      • GETList sessions
      • POSTCreate a verification session
      • GETGet a session
      • PATCHUpdate a session
      • POSTResume a session
      • POSTResend the invitation email
      • POSTExpire a session
      • POSTSimulate a session action (sandbox only)
      • GETGet session result
      • DELRedact session data
      • GETExport session data (GDPR Art. 15 DSAR)
      • POSTBulk redact sessions
      • POSTSubmit a session for verification
      • POSTAdd a tag to a session
      • POSTRemove a tag from a session
      • POSTReplace all tags on a session
      • POSTGenerate a one-time verification link
      • GETList one-time links for a session
      • GETList verification checks
      • POSTRetry a failed verification check
      • GETList verification attempts
      • GETGenerate PDF verification report
      • POSTSubmit external gate decision
      • POSTReprocess a session
      • GETList webhook deliveries for a session
      • GETGet session risk assessment
API ReferenceSessions

Export session data (GDPR Art. 15 DSAR)

GET
https://devapi.withverifa.com/api/v1/sessions/:session_id/export
GET
/api/v1/sessions/:session_id/export
$curl https://devapi.withverifa.com/api/v1/sessions/session_id/export \
>     -H "X-API-Key: <apiKey>" \
>     -H "Content-Type: application/json"
1{
2  "session": {
3    "id": "ses_7f9d3a2b",
4    "status": "pending",
5    "is_sandbox": true,
6    "environment": "sandbox",
7    "created_at": "2024-06-15T09:30:00Z",
8    "updated_at": "2024-06-16T10:45:00Z",
9    "external_ref": "order_20240615_001",
10    "metadata": {
11      "customer_id": "cust_123456",
12      "source": "mobile_app"
13    },
14    "country": "US",
15    "checks": [
16      "chk_987654"
17    ],
18    "workflow_id": "wf_standard_01",
19    "document_type": "passport",
20    "retention_status": "active",
21    "processing_attempts": 2,
22    "consent_ip": "203.0.113.42",
23    "capture_url": "https://sandbox.withverifa.com/capture/ses_7f9d3a2b",
24    "token_expires_at": "2024-07-15T09:30:00Z",
25    "case_id": "rvc_4b2d1f7e",
26    "case_status": "open",
27    "tags": [
28      "kyc",
29      "priority"
30    ]
31  },
32  "result": {
33    "session_id": "ses_7f9d3a2b",
34    "status": "needs_review",
35    "is_sandbox": true,
36    "created_at": "2024-06-15T09:30:00Z",
37    "face_match_passed": true,
38    "face_match_score": 0.92,
39    "age_check_passed": true,
40    "extracted_age": 29,
41    "extracted_data": {
42      "first_name": "Emily",
43      "last_name": "Johnson",
44      "date_of_birth": "1995-04-12",
45      "address": {
46        "line1": "123 Maple Street",
47        "line2": "Apt 4B",
48        "city": "Springfield",
49        "state": "IL",
50        "zip": "62704"
51      },
52      "document_number": "X12345678",
53      "nationality": "US",
54      "gender": "female",
55      "ssn": "123-45-6789",
56      "document_type": "passport",
57      "document_expiration_date": "2030-04-11",
58      "document_issuing_state": "US"
59    },
60    "rejection_reason": "Document image was blurry",
61    "rejection_reason_code": "document_unreadable",
62    "processing_mode": "auto",
63    "country_used": "US",
64    "sensitive_data_expired": false
65  },
66  "documents": [
67    {
68      "id": "doc_9f8e7d6c",
69      "document_type": "passport",
70      "download_url": "https://sandbox.withverifa.com/download/doc_9f8e7d6c?sig=abc123def456",
71      "download_url_expires_at": "2024-06-16T09:35:00Z",
72      "page": "front",
73      "mime_type": "image/jpeg",
74      "size_bytes": 245678,
75      "captured_at": "2024-06-15T09:35:00Z"
76    }
77  ],
78  "screening": [
79    {
80      "id": "schk_4a3b2c1d",
81      "check_type": "sanction",
82      "status": "clear",
83      "has_match": false,
84      "hit_count": 0,
85      "provider": "aml_screening",
86      "session_id": "ses_7f9d3a2b",
87      "identity_id": "id_5e6f7g8h",
88      "external_ref": "order_20240615_001",
89      "monitoring_enabled": true,
90      "is_sandbox": true,
91      "tags": [
92        "priority"
93      ],
94      "batch_id": "batch_20240615",
95      "pep_risk_tier": null,
96      "pep_recommended_action": null,
97      "redacted_at": null,
98      "last_checked_at": "2024-06-15T10:00:00Z",
99      "created_at": "2024-06-15T09:40:00Z",
100      "expires_at": "2024-07-15T09:40:00Z",
101      "result": {
102        "match_count": 0,
103        "highest_score": 0
104      },
105      "hits": []
106    }
107  ],
108  "review_case": {
109    "id": "rvc_4b2d1f7e",
110    "session_id": "ses_7f9d3a2b",
111    "status": "open",
112    "created_at": "2024-06-15T09:45:00Z",
113    "decision": "approved",
114    "assigned_to": "rev_123abc456def",
115    "claimed_at": "2024-06-15T10:00:00Z",
116    "entered_review_at": "2024-06-15T09:50:00Z",
117    "decided_at": "2024-06-16T11:00:00Z"
118  },
119  "case_notes": [
120    {
121      "note_id": "note_001",
122      "author": "rev_123abc456def",
123      "content": "Initial review completed, awaiting second opinion.",
124      "created_at": "2024-06-15T10:15:00Z"
125    }
126  ],
127  "fraud_signals": [
128    {
129      "signal_type": "ip_risk",
130      "risk_score": 45,
131      "risk_level": "medium",
132      "details": "IP address flagged for suspicious activity in last 30 days."
133    }
134  ],
135  "webhook_deliveries": [
136    {
137      "id": "whd_7c6b5a4d",
138      "event": "session.approved",
139      "url": "https://clientapp.example.com/webhooks/verifa",
140      "status": "delivered",
141      "attempts": 1,
142      "max_attempts": 3,
143      "created_at": "2024-06-16T11:05:00Z",
144      "http_status": 200,
145      "last_error": null
146    }
147  ]
148}
Returns a JSON document containing every record Verifa holds for a single session, decrypted and ready to deliver to a data subject as part of a GDPR Article 15 Subject Access Request (DSAR). The export is scoped to the API key's environment — sandbox keys can only export sandbox sessions, and vice versa. **Audit:** Every successful call writes an `api.session.export` audit-log entry recording the actor, session ID, IP, and timestamp. **Required scope:** `sessions:read` ### Sections returned - `session` — session-level fields (status, metadata, timestamps). - `result` — verification result with decrypted PII. - `documents` — list of captured documents. Each entry includes a 24-hour-TTL signed `download_url` so the caller can fetch the original image bytes. - `screening` — every screening check tied to this session, with hits. - `review_case` — review case state if one exists. - `case_notes` — chronological review-case notes. - `fraud_signals` — risk and fraud signals captured for the session. - `webhook_deliveries` — full delivery history (event, URL, status, attempts).
Was this page helpful?
Previous

Bulk redact sessions

Next
Built with

Returns a JSON document containing every record Verifa holds for a single session, decrypted and ready to deliver to a data subject as part of a GDPR Article 15 Subject Access Request (DSAR).

The export is scoped to the API key’s environment — sandbox keys can only export sandbox sessions, and vice versa.

Audit: Every successful call writes an api.session.export audit-log entry recording the actor, session ID, IP, and timestamp.

Required scope: sessions:read

Sections returned

  • session — session-level fields (status, metadata, timestamps).
  • result — verification result with decrypted PII.
  • documents — list of captured documents. Each entry includes a 24-hour-TTL signed download_url so the caller can fetch the original image bytes.
  • screening — every screening check tied to this session, with hits.
  • review_case — review case state if one exists.
  • case_notes — chronological review-case notes.
  • fraud_signals — risk and fraud signals captured for the session.
  • webhook_deliveries — full delivery history (event, URL, status, attempts).

Authentication

X-API-Keystring

Organization API key. Keys are prefixed with vk_live_ (production) or vk_sandbox_ (sandbox).

Path parameters

session_idstringRequired

Session ID (ses_*).

Headers

Verifa-VersiondateOptional

API version date string (e.g. 2026-02-01). If omitted, the version pinned to your API key is used.

Key-InflectionenumOptionalDefaults to snake

Response key casing. Defaults to snake.

Allowed values:

Response

Decrypted DSAR bundle for the session.
sessionobject
resultobject or null
documentslist of objects
screeninglist of objects
All screening checks tied to this session, with hits.
review_caseobject or null
case_noteslist of maps from strings to any

Chronological review-case notes (oldest first).

fraud_signalslist of maps from strings to any
Risk and fraud signals captured for the session.
webhook_deliverieslist of objects

Errors

401
Unauthorized Error
403
Forbidden Error
404
Not Found Error