Skip to content

Instantly share code, notes, and snippets.

@STrRedWolf

STrRedWolf/HOWTO-IDVerify.md

Created February 19, 2026 01:18
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save STrRedWolf/951e8f680835a9d10ed3e5b1d7558dab to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save STrRedWolf/951e8f680835a9d10ed3e5b1d7558dab to your computer and use it in GitHub Desktop.
Download ZIP
HOWTO Properly verify IDs w/o storing any data
Raw
HOWTO-IDVerify.md

The idea is simple: Make the state DMV/MVA or country's embassy verify the ID.

It goes like this:

  1. Site contacts agency to generate token and redirect URL, giving return URLs and age/drinking requirements
  2. Site has user browser redirect
  3. Agency securely checks ID, logs results.
  4. Agency redirects to site URL.
  5. Site contacts agency to follow up, get result code
  6. Site acts accordingly.

Result codes are:

200 OK:  Person verified as legal adult.
400 Bad Request:  Token not registered
403 Forbidden:  Person is legal adult but has court order against access
404 Not Found:  Person unknown
410 Gone: Person is dead
425 Too Early:  Person is underage
451 Unavail/Legal:  Site banned

Site may only store 200, 403, and 410 results. Site must verify 403 and 451 error codes with site's legal team. All other codes must not be stored and must be rechecked every time the user attempts access.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment