# Require identity verification

Source: https://docs.settlemint.com/docs/operators/compliance/identity-verification
Set up the identity-verification module so every holder must carry a valid claim from a trusted issuer before transacting on a regulated asset.



The identity-verification module is the platform's primary holder-eligibility gate. It blocks any regulated operation where a participant lacks a valid claim for the configured topic, signed by one of the asset's trusted issuers. Use it for assets where holders must complete KYC, accreditation, or another verification process before they can transact.

For the full module reference, including the runtime claim evaluation, trusted issuer path, expression semantics, and failure modes, see [Identity Verification reference](/docs/compliance-security/compliance/identity-verification). For the underlying wallet, OnchainID, claim-topic, and trusted issuer model, see [Claims and identity](/docs/architecture/concepts/claims-and-identity). For the API configuration approach, see [Configure identity verification via API](/docs/developers/compliance/smart-identity-verification).

## What the module does [#what-the-module-does]

The module checks that a recipient's OnchainID contains a valid claim for a configured topic from a trusted issuer before the token operation executes. If the claim is missing, expired, or signed by an untrusted issuer, the operation reverts with `RecipientNotVerified`.

## Operator tasks [#operator-tasks]

* **Configure the module during asset creation** through the Asset Designer compliance step. Pick the identity-verification module, then select the trusted issuers and the verification topic ID.
* **Configure the module on an existing asset** from the asset detail workspace, open the compliance tab and add or update the identity-verification module configuration. Changes apply forward; holders already verified under the old configuration keep their verified status until their claim expires.
* **Issue verification claims** through [Verify KYC](/docs/operators/compliance/verify-kyc).
* **Refresh or revoke claims** through [Manage KYC data](/docs/operators/compliance/manage-kyc-data).

## Prerequisites [#prerequisites]

* Asset administrator role on the asset, or the asset is being created.
* One or more trusted issuers configured on the platform. See [Configure trusted issuers](/docs/operators/compliance/configure-trusted-issuers).
* The verification topic ID matches the claim shape your operating model uses (standard KYC, accreditation, qualified-investor, etc.).
* Every prospective holder has a registered OnchainID that will receive the verification claim.

## Key points [#key-points]

* The module accepts any claim signed by a configured trusted issuer for the configured topic. To narrow further, use the identity allow-list alongside the verification module.
* Claim expiry is enforced at evaluation time. Plan re-verification cycles to match the claim TTL your issuer uses.
* The module checks the OnchainID, not the wallet itself. The wallet must be registered to the OnchainID through the identity registry.
* The KYC, accreditation, or other verification process the trusted issuer runs before signing a claim stays with the issuer. DALP records the resulting claim; it does not perform the verification.

## Troubleshooting [#troubleshooting]

| What you see                                 | What to check                                                                                            |
| -------------------------------------------- | -------------------------------------------------------------------------------------------------------- |
| Holder cannot transact despite a valid claim | Confirm the claim was signed by a trusted issuer the module accepts and that the topic ID matches.       |
| Claim expired in the middle of an operation  | Reissue the claim through [Verify KYC](/docs/operators/compliance/verify-kyc) and have the holder retry. |
| Multiple trusted issuers needed              | Add each issuer to the module configuration. The module accepts a claim signed by any configured issuer. |

## Read next [#read-next]

* [Identity Verification reference](/docs/compliance-security/compliance/identity-verification) for the full module reference
* [Configure trusted issuers](/docs/operators/compliance/configure-trusted-issuers)
* [Verify KYC](/docs/operators/compliance/verify-kyc)
* [Manage KYC data](/docs/operators/compliance/manage-kyc-data)
* [Compliance overview](/docs/operators/compliance/overview)
