Changelog

Verifa uses date-based API versioning. Breaking changes are released as new dated versions. Non-breaking changes (new fields, new endpoints, new webhook events) ship continuously and are available on all versions.

See Versioning for how to pin your API version.

2026-01-01 (current)

Initial public API version.

  • Session lifecycle: create, retrieve, list, expire, redact
  • Document OCR extraction
  • Face match with configurable security levels
  • Workflow engine with DAG-based execution
  • Webhook delivery with HMAC-SHA256 signatures
  • Key inflection support (kebab-case, camelCase, snake_case)
  • Idempotency for POST requests
  • Sandbox environment with simulated results
  • Basic watchlist screening (OFAC, EU, UN, UK sanctions)
  • Enhanced AML screening with continuous monitoring
  • Risk assessment with 150+ fraud signals
  • Duplicate detection across sessions
  • Standalone checks API (POST /api/v1/checks, POST /api/v1/checks/full)
  • Email risk enhanced and phone risk enhanced checks
  • Address validation check
  • Custom lists API (allow/block/flag lists)
  • PDF report generation for screening checks
  • GDPR redaction endpoint for checks
  • Identity cross-reference check (identity_crossref)
  • Proof of address check (proof_of_address_check)
  • Case templates and custom fields APIs
  • SCIM 2.0 provisioning
  • API log retrieval and analytics endpoints
  • Cursor-based pagination for identity listing
  • Rate limit headers on all responses

Non-breaking changes

These changes ship continuously and are available without a version upgrade.

March 2026

  • NFC chip authentication check (nfc_chip_auth)
  • Mobile SDK endpoints (/api/v1/sdk/config, /api/v1/sdk/nfc, /api/v1/sdk/attest)
  • Device attestation for iOS and Android
  • Video-based liveness detection
  • Deepfake detection signal
  • Mobile-specific fraud signals (root/jailbreak, emulator, screen recording)
  • TOTP two-factor authentication for dashboard users

February 2026

  • Case escalation workflows with SLA tracking
  • Second-reviewer support for cases
  • Org-level feature overrides
  • Data retention policies with configurable periods
  • Webhook retry improvements (exponential backoff, 7 retries)

January 2026

  • Initial release
  • Dashboard with HTMX-based UI
  • Admin portal for platform management
  • RBAC with 6 admin roles and 5 org roles
  • Sandbox mode with all features unlocked

Upcoming

We publish planned changes here before they ship.

  • Client libraries — Official Python, TypeScript, Go, and Java SDKs (auto-generated from the OpenAPI spec)
  • GraphQL-style field selection — Request only the fields you need with a fields query parameter
  • Versioning — How to set and manage your API version
  • Webhooks — Subscribe to API change notifications
  • Errors — Error codes including version-related responses