We ship in the open. Here is a running log of the features, security work and fixes that make verifying a Nigerian identity safer and simpler. Newest first.
A live status page now shows real health for sign-in, verification, the OIDC provider and the database, checked the moment the page loads. No made-up uptime numbers.
Support moved fully to tickets tied to your verified identity, so no request can be filed in your name by someone else.
The account portal now shows every app you have signed in to, with a one-tap way to revoke access.
ID document and face checks now run on our own engine, on ordinary CPU hardware, so nothing about your face or ID leaves our infrastructure.
Re-verification lets a returning user confirm it is really them without starting the whole flow over.
Verification submissions are processed and then purged, so raw documents are not left sitting around after a decision.
One identity now signs you in across every auth.ng brand through a single OAuth 2.1 and OIDC provider.
Tokens are signed with EdDSA and bound to the client with DPoP, so a stolen token is far harder to replay.
New device? You get a second-factor prompt. Trusted devices stay trusted for thirty days so you are not nagged every login.
Create an app, grab test and live API keys, and add sign-in with a few lines of code.
Webhooks let your backend hear about verification and identity events as they happen.
Test mode uses sandbox data and stores no real identity, so you can build safely before going live.
A single place to see your verified profile, manage your data, and control what each app is allowed to know about you.
Download your data or request deletion straight from the privacy section.
Recovery emails now arrive faster and land in the inbox instead of spam for most providers.
Building on auth.ng? The developer docs track every API change as it lands.