After receiving the user’s proof from IDKit, you must verify it in your backend. Cloud Verification is a solution hosted in our Developer Portal to make this easier for you.

Optional: Hashing the signal

In you backend you need to hash the signal passed in the IDKit. If you want to implement the hashing yourself you need to use keccak256 hash function and 64 minimum padding. Take a look at how we implemented it here.
IDKit Core
import { hashToField } from "@worldcoin/idkit-core/hashing";

const signalHash = hashToField("my_signal");

Rest Endpoint

Find the full API reference here.
cURL
curl -X POST "/api/v2/verify/{app_id}" \
    -H "Content-Type: application/json" \
    -d '{
        "nullifier_hash": "0x2bf8406809dcefb1486dadc96c0a897db9bab002053054cf64272db512c6fbd8",
        "merkle_root": "0x2264a66d162d7893e12ea8e3c072c51e785bc085ad655f64c10c1a61e00f0bc2",
        "proof": "0x1aa8b8f3b2d2de5ff452c0e1a83e29d6bf46fb83ef35dc5957121ff3d3698a1119090fb...",
        "verification_level": "orb",
        "action": "my_action",
        "signal_hash": "hashed_signal" // optional: only add this parameter if you added a custom signal
    }'