Back to Tutorials
intermediate
Configuration
Creating Verification Policies
Master the policy engine for defining verification requirements.
12 min read
5 sections
Prerequisites
- CredLyr account with API access
- Understanding of verifiable credentials
In this tutorial
Overview
Verification policies define what credentials are required, which issuers are trusted, and how claims should be validated. This guide covers policy creation and configuration.
Policy Structure
A policy consists of credential requirements, trusted issuers, and optional claim validations.
{
"name": "Age Verification Policy",
"description": "Verify user is 18+ years old",
"credential_requirements": [
{
"type": "AgeCredential",
"claims": ["birthDate"]
}
],
"trusted_issuers": ["did:web:dmv.gov", "did:web:passport.gov"],
"claim_validations": {
"birthDate": {
"type": "age_check",
"min_age": 18
}
}
}Create a Policy via API
Use the API to create a new verification policy.
const policy = await credlyr.policies.create({
name: 'KYC Policy',
description: 'Full KYC verification for onboarding',
credentialRequirements: [
{
type: 'IdentityCredential',
claims: ['givenName', 'familyName', 'birthDate', 'address'],
},
],
trustedIssuers: ['did:web:trusted-issuer.com'],
});
console.log('Policy ID:', policy.id);Claim Validations
Add validation rules to verify claim values meet your requirements.
{
"claim_validations": {
"birthDate": {
"type": "age_check",
"min_age": 21
},
"address.country": {
"type": "enum",
"allowed_values": ["US", "CA", "UK"]
},
"licenseExpiry": {
"type": "date_comparison",
"operator": "after",
"value": "now"
}
}
}Using Policies in Verifications
Reference your policy when creating verification sessions.
const verification = await credlyr.verifications.create({
policyId: 'pol_your_kyc_policy',
returnUrl: 'https://yourapp.com/verify-callback',
});