Verisoul Docs

Decision, Enroll & Block Accounts


Once your application has received the account metadata and attributes, either through a configured web hook or via Verisoul's API, you're ready to decision the account.
Verisoul enables applications to customize their own decisioning logic to fit their needs. With the account information you can determine whether the user account should be enrolled. For example, if an application wanted a "one person one account" ecosystem, their logical flow may look like this:
One person one account logic
See our page on Decision Approaches for some a deeper dive on decisioning an account.

Account Enrollment

If the account passes your decisioning logic you can enroll the account. Through enrolling, your application is telling Verisoul to include the account in any future account linkages and metadata calculations. An account is not considered "verified" until it is successfully enrolled. Enrolling an account enables your application to:
  • Track the number of accounts a user has and/or prevent multi accounting
  • Determine whether an account has a linked account that is blocked
  • Block a user's account or all of their accounts
In other words, enrolling the account may change other GET /account/{accountId} results. It is recommend to call the GET /account/{accountId} endpoint at each user sign-in event. Here is an example of one-person one-account decisioning/enrollment:
if (account.numAccounts === 0) { // if user is unique (has no other accounts in the project), then enroll
let enroll = await fetch(`${accountId}/enroll`, {
method: 'POST',
body: JSON.stringify({
"externalId": req.query.externalId,
redirect: 'follow'
if (!enroll.ok) {
throw new Error(`failed to enroll Verisoul session: ${enroll.status}`);

Using an ExternalId

When enrolling an account it can be helpful to associate an externalId to the account. Verisoul saves this Id and provides a lookup API endpoint to retrieve the relevant accountId.
This can be helpful for applications that already store an ID analogous to accountId or keep extraneous attributes or metadata about a user that Verisoul doesn't capture.

Block Accounts

From here, you can use Verisoul's blocklist API to block and unblock accounts as you see fit. How and when to block an account can depend on myriad factors usually specific to your use case. Verisoul's API makes it easy to block a user's account or all of their accounts for cases where you have chosen to allow more than one account per person. You can also set blocks that expire after a certain amount of time. For example:
  • Strike 1 -> block for a week
  • Strike 2 -> block for a month
  • Strike 3 -> permanently block