For AI agents: a documentation index is available at the root level at /llms.txt and /llms-full.txt. Append /llms.txt to any URL for a page-level index, or .md for the markdown version of any page.
Help CenterOpenAPI SpecStatus
OverviewInquiriesTransactionsRelaysAPI ReferenceChangelog
OverviewInquiriesTransactionsRelaysAPI ReferenceChangelog
  • Overview
    • Relay Overview
    • Getting Started
  • Widget
    • Usage
  • Integration Methods
    • Server SDK
  • References
    • Relay Widget SDK
    • Server SDK
    • Gateway Service
    • API
    • Schemas
LogoLogo
Help CenterOpenAPI SpecStatus
On this page
  • What is Relay?
  • How it works
  • What each party knows
  • What makes Relay privacy-preserving?
Overview

Relay Overview

Was this page helpful?

Getting Started

Next
Built with

What is Relay?

Relay is Persona’s privacy-preserving verification product. Instead of collecting and returning identity data, Relay confirms a specific claim — is this person over 18? is this a real human? — and returns only the result. The platform gets the answer it needs to enforce its policy without directly handling PII.

Once a claim result is produced, Persona deletes the underlying verification data.

How it works

Built on Privacy Pass (an open IETF standard), Relay cryptographically separates the verification step from the result redemption step — so no single party ever sees both who a user is and what they’re doing.

When a user hits a gated experience, Relay evaluates the configured requirement and runs a verification flow. Once complete, the platform receives a pass/fail claim result, without the underlying identity data.

What each party knows

PartyKnowsDoes not know
CustomerThe claim resultThe user’s name, birthdate, documents, or any identity data
PersonaThe user’s identity data needed to derive the resultWhich platform requested the verification or received the claim result

What makes Relay privacy-preserving?

  1. Minimal disclosure — only the data needed to answer the claim question is shared and verified
  2. Claim results only — organizations receive a single eligibility result, nothing more
  3. Data deletion — Persona deletes verification data once the claim result is produced
  4. Double-blind architecture — cryptographically separates the customer and Persona, so that neither party can correlate the user’s website activity with their identity data — not just a policy promise