Sovera API Documentation

Sovera is a sovereign identity verification API. Confirm that a person is real and present (liveness), that a selfie matches an ID photo (face match), that a document is genuine, and that a subject is not on a sanctions or watchlist (AML), then wrap it all in a hosted verification session. Biometric data is processed and stored inside Zimbabwe.

What Sovera does

Sovera exposes two ways to verify a person:

  • Verify primitives. Single-purpose endpoints you call directly: passive liveness (presentation attack detection), face-match (selfie to reference), active-liveness (an on-device oval plus a turn-left or turn-right challenge), document authenticity, aml screening, and national id-validate.
  • Verification sessions. A single hosted flow that orchestrates several checks, returns a hostedUrl for capture, and returns a decision when the flow completes. Use sessions when you want Sovera to run and score the whole journey for you.

Every write is authenticated with a bearer key, scoped deny-by-default, and idempotent. Errors follow RFC 9457 application/problem+json.

Data sovereignty

Sovera is designed so that biometric templates and captured media are processed and stored inside Zimbabwe, rather than being sent to a third country for matching. Consent is required before any biometric template is created, subject PII is tokenized, and a data subject access request (DSAR) erasure endpoint lets you delete a subject on request.

To be precise about what Sovera does and does not claim today:

  • Sovera does process and store biometric data inside Zimbabwe by design.
  • Sovera does not claim a signed partnership with, or an endorsement by, ZCHPC or POTRAZ.
  • Sovera does not claim iBeta or any third party presentation attack detection certification. Thresholds are provisional pending in-house calibration.

Guides

Authentication

Authenticate requests with a bearer key and understand deny-by-default scopes.

Read more

Verification sessions

Create a hosted flow, capture at the hostedUrl, then read the decision and report.

Read more

Consent & privacy

Record consent before any biometric template and erase a subject on request.

Read more

Errors

Read the RFC 9457 problem+json shape and the request ID returned on every call.

Read more

Resources

Liveness

Passive presentation attack detection from a single frame. Returns isLive and a score.

Face match

Compare a selfie to a reference image and get a cosine similarity plus a match flag.

Active liveness

On-device oval plus a turn-left or turn-right challenge. The Sovera differentiator.

Document & AML

Verify a document, screen a name against watchlists, and validate a national ID.

Was this page helpful?