> ## Documentation Index
> Fetch the complete documentation index at: https://docs.world.org/llms.txt
> Use this file to discover all available pages before exploring further.

# Configure Credentials

A [Credential](https://docs.rs/world-id-primitives/latest/world_id_primitives/credential/struct.Credential.html) is a statement an issuer makes about a World ID holder. In IDKit, the credential you request determines what the user proves to your application.

# What you can request with IDKit

| Offering       | What it proves                                                                                   | Common SDK path                                                                        |
| -------------- | ------------------------------------------------------------------------------------------------ | -------------------------------------------------------------------------------------- |
| Proof of Human | The user is a unique human, backed by anonymous biometric verification by the Orb.               | `proofOfHuman`                                                                         |
| Passport       | The user holds a verified NFC passport credential.                                               | `passport`                                                                             |
| Selfie Check   | A low-assurance biometric credential using the device camera for liveness and facial similarity. | `selfieCheckLegacy` today. World ID 4.0 support is rolling out soon.                   |
| Identity Check | An attestation that a document-backed property about the user matches your requested attributes. | `identityCheck` with attributes like `minimum_age`, `nationality`, or `document_type`. |

You can also add a liveness check to any preset with `require_user_presence`.

<Note>
  If you have an existing legacy integration, see the [World ID 4.0 migration guide](/world-id/4-0-migration).
</Note>

# SDK presets

This page focuses on preset helpers for common credential requests: `proofOfHuman`, `passport`, `selfieCheckLegacy`, `identityCheck`, and the legacy presets.

The snippets below use `rp_context` as if it was already generated and signed by your backend. See [Integrate IDKit](/world-id/idkit/integrate) for the full RP-signing flow.

## Proof of Human

Use `proofOfHuman` for the current World ID 4.0 Proof of Human credential. The preset also includes legacy Orb fallback for users who do not yet have a World ID 4.0 proof available.

<CodeGroup title="Proof of Human">
  ```typescript title="JavaScript" theme={null}
  import { IDKit, proofOfHuman } from "@worldcoin/idkit-core";

  const preset = proofOfHuman({ signal: "user-123" });

  const request = await IDKit.request({
    app_id: "app_xxxxx",
    action: "my-action",
    rp_context,
    allow_legacy_proofs: true,
  }).preset(preset);
  ```

  ```tsx title="React" theme={null}
  import { IDKitRequestWidget, proofOfHuman } from "@worldcoin/idkit";

  const preset = proofOfHuman({ signal: "user-123" });

  <IDKitRequestWidget
    open={open}
    onOpenChange={setOpen}
    app_id="app_xxxxx"
    action="my-action"
    rp_context={rpContext}
    allow_legacy_proofs={true}
    preset={preset}
    handleVerify={handleVerify}
    onSuccess={(result) => { /* ... */ }}
  />;
  ```
</CodeGroup>

## Passport

Use `passport` for the current World ID 4.0 Passport credential. The preset also includes legacy Document fallback for users who do not yet have a World ID 4.0 proof available.

<CodeGroup title="Passport">
  ```typescript title="JavaScript" theme={null}
  import { IDKit, passport } from "@worldcoin/idkit-core";

  const preset = passport({ signal: "user-123" });

  const request = await IDKit.request({
    app_id: "app_xxxxx",
    action: "my-action",
    rp_context,
    allow_legacy_proofs: true,
  }).preset(preset);
  ```

  ```tsx title="React" theme={null}
  import { IDKitRequestWidget, passport } from "@worldcoin/idkit";

  const preset = passport({ signal: "user-123" });

  <IDKitRequestWidget
    open={open}
    onOpenChange={setOpen}
    app_id="app_xxxxx"
    action="my-action"
    rp_context={rpContext}
    allow_legacy_proofs={true}
    preset={preset}
    handleVerify={handleVerify}
    onSuccess={(result) => { /* ... */ }}
  />;
  ```
</CodeGroup>

## Selfie Check

Selfie Check is available through the legacy preset today and returns a World ID 3.0 Face proof. World ID 4.0 support is rolling out soon.

Learn more in [Selfie Check](/world-id/credentials/11).

<CodeGroup title="Selfie Check">
  ```typescript title="JavaScript" theme={null}
  import { IDKit, selfieCheckLegacy } from "@worldcoin/idkit-core";

  const preset = selfieCheckLegacy({ signal: "user-123" });

  const request = await IDKit.request({
    app_id: "app_xxxxx",
    action: "my-action",
    rp_context,
    allow_legacy_proofs: true,
  }).preset(preset);
  ```

  ```tsx title="React" theme={null}
  import { IDKitRequestWidget, selfieCheckLegacy } from "@worldcoin/idkit";

  const preset = selfieCheckLegacy({ signal: "user-123" });

  <IDKitRequestWidget
    open={open}
    onOpenChange={setOpen}
    app_id="app_xxxxx"
    action="my-action"
    rp_context={rpContext}
    allow_legacy_proofs={true}
    preset={preset}
    handleVerify={handleVerify}
    onSuccess={(result) => { /* ... */ }}
  />;
  ```
</CodeGroup>

## Identity Check (Preview)

<Note>
  Identity Check is currently in preview. If you're interested in using or learning more about Identity Check, please contact us.
</Note>

Identity Check lets your app ask the user to attest that document-backed attributes match your policy, without asking you to handle the underlying document data. Use it for eligibility checks such as minimum age, document type, issuing country, or nationality. You can request attributes such as:

| Attribute         | Value type                       |
| ----------------- | -------------------------------- |
| `document_type`   | `"passport"`, `"eid"` or `"mnc"` |
| `document_number` | `string`                         |
| `issuing_country` | ISO 3166-1 alpha-3 country code  |
| `full_name`       | `string`                         |
| `minimum_age`     | `number`                         |
| `nationality`     | ISO 3166-1 alpha-3 country code  |

<CodeGroup title="Identity Check">
  ```typescript title="JavaScript" theme={null}
  import { IDKit, identityCheck } from "@worldcoin/idkit-core";

  const preset = identityCheck({
    attributes: [
      { type: "document_type", value: "passport" },
      { type: "minimum_age", value: 18 },
    ],
  });

  const request = await IDKit.request({
    app_id: "app_xxxxx",
    action: "my-action",
    rp_context,
    allow_legacy_proofs: false,
  }).preset(preset);
  ```

  ```tsx title="React" theme={null}
  import { IDKitRequestWidget, identityCheck } from "@worldcoin/idkit";

  const preset = identityCheck({
    attributes: [
      { type: "document_type", value: "passport" },
      { type: "minimum_age", value: 18 },
    ],
  });

  <IDKitRequestWidget
    open={open}
    onOpenChange={setOpen}
    app_id="app_xxxxx"
    action="my-action"
    rp_context={rpContext}
    allow_legacy_proofs={false}
    preset={preset}
    handleVerify={handleVerify}
    onSuccess={(result) => { /* ... */ }}
  />;
  ```
</CodeGroup>

Successful Identity Check responses include `identity_attested` so your backend can distinguish whether the requested attributes matched.

## User presence and liveness

To check for user presence and liveness, add the `require_user_presence` flag to your request. This is a request-level flag, not a credential; it asks World App for a fresh liveness check before returning the proof and fails with `user_presence_failed` if the check is not completed.

Depending on the credential requested, World App matches the user's live selfie to the credential image, such as the passport photo or the image captured during Orb verification.

<CodeGroup title="User presence">
  ```typescript title="JavaScript" theme={null}
  import { IDKit, proofOfHuman } from "@worldcoin/idkit-core";

  const preset = proofOfHuman({ signal: "user-123" });

  const request = await IDKit.request({
    app_id: "app_xxxxx",
    action: "my-action",
    rp_context,
    allow_legacy_proofs: true,
    require_user_presence: true,
  }).preset(preset);
  ```

  ```tsx title="React" theme={null}
  import { IDKitRequestWidget, proofOfHuman } from "@worldcoin/idkit";

  const preset = proofOfHuman({ signal: "user-123" });

  <IDKitRequestWidget
    open={open}
    onOpenChange={setOpen}
    app_id="app_xxxxx"
    action="my-action"
    rp_context={rpContext}
    allow_legacy_proofs={true}
    require_user_presence={true}
    preset={preset}
    handleVerify={handleVerify}
    onSuccess={(result) => { /* ... */ }}
  />;
  ```
</CodeGroup>

## Other legacy presets

These presets only return World ID 3.0 proofs. Keep them for existing integrations or when you specifically need the older verification level.

<table>
  <thead>
    <tr>
      <th className="p-2 text-left align-middle whitespace-nowrap">Preset</th>
      <th className="p-2 text-left align-middle">What it requests</th>
    </tr>
  </thead>

  <tbody>
    <tr>
      <td className="p-2 align-middle whitespace-nowrap"><code>orbLegacy</code></td>
      <td className="p-2 align-middle">Orb verification.</td>
    </tr>

    <tr>
      <td className="p-2 align-middle whitespace-nowrap"><code>secureDocumentLegacy</code></td>
      <td className="p-2 align-middle">At least a Secure Document verification. Returns the user's highest legacy credential: Secure Document or Orb.</td>
    </tr>

    <tr>
      <td className="p-2 align-middle whitespace-nowrap"><code>documentLegacy</code></td>
      <td className="p-2 align-middle">At least a Document verification. Returns the user's highest legacy credential: Document, Secure Document, or Orb.</td>
    </tr>

    <tr>
      <td className="p-2 align-middle whitespace-nowrap"><code>deviceLegacy</code></td>
      <td className="p-2 align-middle">At least a Device verification. Returns the user's highest legacy credential: Device, Document, Secure Document, or Orb.</td>
    </tr>
  </tbody>
</table>

## Common parameters

<table>
  <thead>
    <tr>
      <th className="p-2 text-left align-middle whitespace-nowrap">Parameter</th>
      <th className="p-2 text-left align-middle">Where it is used</th>
      <th className="p-2 text-left align-middle">Description</th>
    </tr>
  </thead>

  <tbody>
    <tr>
      <td className="p-2 align-middle whitespace-nowrap"><code>signal</code></td>
      <td className="p-2 align-middle">Presets</td>
      <td className="p-2 align-middle">Binds application context into the proof, such as a user ID or wallet address. Your backend should enforce the same value.</td>
    </tr>

    <tr>
      <td className="p-2 align-middle whitespace-nowrap"><code>allow\_legacy\_proofs</code></td>
      <td className="p-2 align-middle">Request config and widgets</td>
      <td className="p-2 align-middle">Required for request flows. Set to <code>true</code> while accepting World ID 3.0 fallback proofs; set to <code>false</code> for World ID 4.0-only requests.</td>
    </tr>

    <tr>
      <td className="p-2 align-middle whitespace-nowrap"><code>require\_user\_presence</code></td>
      <td className="p-2 align-middle">Request config and widgets</td>
      <td className="p-2 align-middle">Optional liveness step. Defaults to <code>false</code>.</td>
    </tr>
  </tbody>
</table>
