Universal Verify uses OAuth scopes to control what user data your application can access. This guide explains the available scopes and their requirements.
Access to user verification status and confidence level.
verified and verification_confidence fields in user info responseAccess to basic user identifier.
id_token field during token exchangeAccess to user's age in years.
age field in user info responseAccess to user's legal name information.
name object with first_name, middle_names, last_name, suffix, and full_name as optional fields in regional user info responseAccess to user's date of birth.
date_of_birth field (YYYY-MM-DD format) in regional user info responseAccess to information about the ID used for verification.
id_type object with country, type, and state fields in regional user info responseWhen creating an authorization URL, you can specify which scopes you need:
const authUrl = frontendSDK.createAuthorizationUrl({
codeChallenge: codeChallenge,
redirectUrl: 'https://your-app.com/callback',
scope: 'verification openid age' // Specify required scopes
});If no scope is specified, all approved scopes for your integration will be requested.
Important Notice: The following guidelines are provided for informational purposes only. Universal Verify is not responsible for how partners handle, store, or process user data. Partners are solely responsible for ensuring their own compliance with applicable laws, regulations, and industry standards. We recommend consulting with legal counsel to ensure your implementation meets all necessary requirements.