Set Requirement Policy¶
Overview¶
Use the SetRequirementPolicy endpoint to configure compliance and verification requirements for your partner
integration. This allows you to define rules that determine what attestations or data are required from users based on
certain conditions such as nationality, or residency country.
Endpoint¶
POST https://api.brij.fi/brij.core.v1.partner.Service/SetRequirementPolicy
Request Body¶
{
"policy": {
"countryGroups": [
{
"name": "EU",
"description": "European Union member states",
"countryCodes": [
"DEU",
"FRA",
"ITA",
"ESP",
"NLD"
]
},
{
"name": "HIGH_RISK",
"description": "High-risk jurisdictions requiring enhanced verification",
"countryCodes": [
"IRN",
"PRK",
"SYR"
]
}
],
"rules": [
{
"name": "eu_residents_verification",
"condition": {
"in": {
"field": "RESIDENCY_COUNTRY_GROUP",
"values": [
"EU"
]
}
},
"action": {
"addRequirements": {
"requirements": [
{
"attestation": "KYC_BASIC",
"maxAgeDays": 365
}
]
}
}
},
{
"name": "block_high_risk_countries",
"condition": {
"in": {
"field": "NATIONALITY_COUNTRY_GROUP",
"values": [
"HIGH_RISK"
]
}
},
"action": {
"reject": {}
}
}
]
}
}
Request Parameters¶
policy (object)¶
The root policy object containing country groups and rules.
| Field | Type | Required | Description |
|---|---|---|---|
countryGroups |
array | No | Defines named groups of countries for use in rules |
rules |
array | Yes | Defines the requirement rules to apply |
countryGroups (array)¶
Defines reusable groups of countries that can be referenced in rule conditions.
| Field | Type | Required | Description |
|---|---|---|---|
name |
string | Yes | Unique identifier for the country group |
description |
string | No | Human-readable description of the group |
countryCodes |
array | Yes | List of ISO 3166-1 alpha-3 country codes (e.g., "USA") |
rules (array)¶
Defines rules that evaluate conditions and trigger actions.
| Field | Type | Required | Description |
|---|---|---|---|
name |
string | Yes | Unique identifier for the rule |
condition |
object | Yes | The condition to evaluate (see Conditions) |
action |
object | Yes | The action to take if condition matches |
Conditions¶
Conditions determine when a rule applies. They support logical operators and field comparisons.
Logical Operators¶
| Operator | Description | Structure |
|---|---|---|
and |
All operands must be true | {"and": {"operands": [<conditions>]}} |
or |
At least one operand must be true | {"or": {"operands": [<conditions>]}} |
not |
Negates the operand | {"not": {"operand": <condition>}} |
Comparison Operators¶
| Operator | Description | Structure |
|---|---|---|
gte |
Field is greater than or equal to | {"gte": {"field": "<FIELD>", "value": "<val>"}} |
eq |
Field equals value | {"eq": {"field": "<FIELD>", "value": "<val>"}} |
in |
Field is in list of values | {"in": {"field": "<FIELD>", "values": [<vals>]}} |
Available Fields¶
| Field | Description |
|---|---|
NATIONALITY_COUNTRY |
User's nationality country code (ISO 3166-1 alpha-3) |
NATIONALITY_COUNTRY_GROUP |
Nationality country group name (defined in countryGroups) |
RESIDENCY_COUNTRY |
User's residency country code (ISO 3166-1 alpha-3) |
RESIDENCY_COUNTRY_GROUP |
Residency country group name (defined in countryGroups) |
Actions¶
Actions define what happens when a rule's condition is met.
reject¶
Rejects the transaction outright.
{
"action": {
"reject": {}
}
}
addRequirements¶
Adds verification requirements that the user must satisfy.
{
"action": {
"addRequirements": {
"requirements": [
{
"attestation": "KYC_BASIC",
"maxAgeDays": 365
},
{
"data": "PROOF_OF_ADDRESS",
"maxAgeDays": 90
}
]
}
}
}
Requirement Types¶
Each requirement must specify either an attestation or data type:
| Field | Type | Required | Description |
|---|---|---|---|
attestation |
string | No1 | Type of attestation required (e.g., "KYC_BASIC") |
data |
string | No1 | Type of data required (e.g., "PROOF_OF_ADDRESS") |
maxAgeDays |
integer | No | Maximum age in days for the requirement to be valid |
Response¶
{}
A successful response returns an empty object, indicating the policy was accepted.
Error Responses¶
| Status Code | Description |
|---|---|
400 |
Invalid policy structure |
401 |
Invalid or missing API key |
404 |
Partner not found |
500 |
Internal server error |
Examples¶
Example 1: Country-Specific Verification¶
Require KYC for users from a specific country:
{
"policy": {
"countryGroups": [],
"rules": [
{
"name": "usa_kyc",
"condition": {
"eq": {
"field": "NATIONALITY_COUNTRY",
"value": "USA"
}
},
"action": {
"addRequirements": {
"requirements": [
{
"attestation": "KYC_BASIC",
"maxAgeDays": 365
}
]
}
}
}
]
}
}
Example 2: Region-Based Requirements¶
Require enhanced verification for EU users:
{
"policy": {
"countryGroups": [
{
"name": "EU",
"description": "European Union member states",
"countryCodes": [
"DEU",
"FRA",
"ITA",
"ESP",
"NLD",
"BEL",
"AUT",
"PRT",
"GRC",
"IRL"
]
}
],
"rules": [
{
"name": "eu_enhanced_verification",
"condition": {
"in": {
"field": "NATIONALITY_COUNTRY_GROUP",
"values": [
"EU"
]
}
},
"action": {
"addRequirements": {
"requirements": [
{
"attestation": "KYC_ENHANCED",
"maxAgeDays": 180
},
{
"data": "PROOF_OF_ADDRESS",
"maxAgeDays": 90
}
]
}
}
}
]
}
}
Example 3: Combined Conditions¶
Require additional verification for users who are both nationals and residents of specific regions:
{
"policy": {
"countryGroups": [
{
"name": "HIGH_RISK",
"description": "High-risk jurisdictions",
"countryCodes": [
"IRN",
"PRK",
"SYR"
]
}
],
"rules": [
{
"name": "high_risk_national_and_resident",
"condition": {
"and": {
"operands": [
{
"in": {
"field": "NATIONALITY_COUNTRY_GROUP",
"values": [
"HIGH_RISK"
]
}
},
{
"in": {
"field": "RESIDENCY_COUNTRY_GROUP",
"values": [
"HIGH_RISK"
]
}
}
]
}
},
"action": {
"addRequirements": {
"requirements": [
{
"attestation": "KYC_ENHANCED",
"maxAgeDays": 365
}
]
}
}
}
]
}
}
Example 4: Blocking Specific Countries¶
Reject transactions from restricted jurisdictions:
{
"policy": {
"countryGroups": [
{
"name": "RESTRICTED",
"description": "Restricted jurisdictions",
"countryCodes": [
"PRK",
"IRN",
"SYR"
]
}
],
"rules": [
{
"name": "block_restricted",
"condition": {
"in": {
"field": "NATIONALITY_COUNTRY_GROUP",
"values": [
"RESTRICTED"
]
}
},
"action": {
"reject": {}
}
}
]
}
}
Example 5: Exclusion with NOT Condition¶
Require verification for users residing outside of low-risk jurisdictions:
{
"policy": {
"countryGroups": [
{
"name": "LOW_RISK",
"description": "Low-risk jurisdictions",
"countryCodes": [
"USA",
"CAN",
"GBR",
"AUS"
]
}
],
"rules": [
{
"name": "non_low_risk_resident_verification",
"condition": {
"not": {
"operand": {
"in": {
"field": "RESIDENCY_COUNTRY_GROUP",
"values": [
"LOW_RISK"
]
}
}
}
},
"action": {
"addRequirements": {
"requirements": [
{
"attestation": "KYC_ENHANCED",
"maxAgeDays": 180
}
]
}
}
}
]
}
}