Quickstart: LumiID in Minutes
Start verifying identities and blocking fraud with LumiID. Get your API keys, run your first verification check, and go live — all in one guide.
What is LumiID?
LumiID is Nigeria's sovereign identity infrastructure — a platform that lets developers verify who someone really is, detect fraud in real time, and stay compliant with NDPR and CBN regulations, using a single REST API.
Think of it as a direct pipeline to government databases (NIN, BVN, CAC, TIN) combined with AI-powered biometrics, so you never have to piece together multiple vendors again.
Identity
Verify individuals and businesses with government-grade data rails. Supports NIN, BVN, CAC, TIN, biometric face-match, and liveness checks. Build full KYC or KYB flows in minutes.
- NIN & BVN verification (direct sovereign rails)
- Biometric liveness + face comparison
- CAC company lookup & TIN verification
- Account number (NUBAN) resolution
Create Your LumiID Account
Before making any API calls, you need a LumiID account. Registration is free and takes about two minutes. You'll get instant access to the sandbox environment — no credit card required.
Go to lumiid.com and click Get Started.
Fill in your name, business email, and choose a secure password. You'll receive a verification email — copy the OTP to activate your account.
Complete your business profile.
Enter your company name, industry, and intended use case. This helps LumiID configure the right verification products and compliance settings for your account.
Select your environment.
By default you start in Sandbox mode. Sandbox is free and uses simulated data so you can test every flow without touching real government databases or spending credits.
Sandbox vs. Live
Sandbox responses use realistic dummy data — perfect for development and testing. When you're ready to go live, switch to Production in the dashboard and fund your wallet. Sandbox requests are always free; production requests consume wallet credits.
Get Your API Keys
LumiID uses Bearer Tokens for security. Secret Key (API Key) (server-side only, never exposed). Every request requires both.
Open the API Keys section in your dashboard.
From the left sidebar, navigate to Settings → API Keys. You'll see separate key pairs for Sandbox and Production.
Copy your Sandbox keys for development.
Click Copy next to both your App ID and Secret Key. Store them securely — you'll need both for every API request.
Add them to your environment variables.
Never hardcode credentials in source files. Use .env files locally and your hosting platform's secrets manager in production.
# LumiID Credentials — never commit this file to version control API Key=your-sandbox-secret-key-here LUMIID_ENV=sandbox # change to "production" when going live
Keep your Secret Key private
Your Secret Key grants full access to your LumiID account. Never expose it in frontend code, public repos, or client-side JavaScript. If it's ever compromised, regenerate it immediately from the dashboard under Settings → API Keys → Regenerate.
Make Your First API Call
Let's verify a Nigerian NIN (National Identification Number). This is the most common first call developers make — it confirms that a user's NIN exists and returns their official identity record from the government database.
https://api.lumiid.com/v1/ng/nin-basic/
curl --request POST \ 'https://api.lumiid.com/v1/ng/nin-basic/' \ --header 'Authorization: your-sandbox-secret-key' \ --header 'Content-Type: application/json' \ --data '{"nin": "89184072280"}'
import requests import os secret_key = os.getenv("LUMIID_SECRET_KEY") url = "https://api.lumiid.com/v1/ng/nin-basic/" headers = { "Authorization": secret_key, "Content-Type": "application/json", } data = {"nin": "89184072280"} response = requests.post(url, headers=headers, json=data) print(response.json())
const axios = require('axios'); const secretKey = process.env.LUMIID_SECRET_KEY; async function verifyNIN(nin) { const response = await axios.post( 'https://api.lumiid.com/v1/ng/nin-basic/', { nin }, { headers: { 'Authorization': secretKey, 'Content-Type': 'application/json', }, } ); return response.data; } verifyNIN('89184072280').then(console.log).catch(console.error);
<?php $secretKey = getenv('LUMIID_SECRET_KEY'); $nin = '89184072280'; $ch = curl_init("https://api.lumiid.com/v1/ng/nin-basic/"); curl_setopt_array($ch, [ CURLOPT_RETURNTRANSFER => true, CURLOPT_HTTPHEADER => [ "Authorization: {$secretKey}", "Content-Type: application/json", ], CURLOPT_POST => true, CURLOPT_POSTFIELDS => json_encode(['nin' => $nin]), ]); $response = json_decode(curl_exec($ch), true); curl_close($ch); var_dump($response);
Authorization
Your secret key. This authenticates the request. Always send from your server, never from a browser or mobile app directly.
nin
The 11-digit NIN to verify. In sandbox mode, you can use our test 11-digit number (89184072280) — it returns realistic dummy data every time.
Understand the Response
Every LumiID response follows the same predictable JSON envelope. Once you understand this structure, handling any endpoint becomes second nature.
{
"data": {
"nin": "89184072280",
"first_name": "Adaeze",
"last_name": "Okonkwo",
"middle_name": "Chioma",
"date_of_birth": "1992-04-15",
"gender": "Female",
"phone_number": "080XXXXXXXX",
"address": "14 Adeola Odeku, Victoria Island, Lagos",
"state_of_origin": "Anambra",
"photo": "data:image/jpeg;base64,/9j/4AAQ..."
}
}
{
"error": "NIN not found",
"status_code": 404
}
{
"error": "Invalid or missing API credentials",
"status_code": 401
}
Response Fields Explained
entity
object
The root object containing all identity data returned from the government database.
entity.nin
string
The verified NIN number, echoed back for confirmation.
entity.first_name
string
Legal first name as registered with NIMC.
entity.date_of_birth
string
Date of birth in YYYY-MM-DD format.
entity.photo
string
Base64-encoded JPEG passport photo from the NIMC database. Use this for face-match verification.
What to do next with the response
Cross-reference first_name, last_name, and
date_of_birth against what the user provided during signup.
Use the photo field as the reference image in a
Face Comparison call to confirm the person
is who they claim to be.
Integration Options
LumiID meets you wherever you are in your technical stack. Pick the path that fits your team and timeline.
What Can You Build?
LumiID powers secure onboarding and fraud prevention across industries in Nigeria and beyond.
Fintech & Banking
Verify identities for account opening, loan disbursement, and wallet top-ups. Reduce fraud with AML screening and transaction risk scoring.
E-commerce
Confirm delivery addresses, prevent return fraud, and reduce chargebacks by verifying buyer identity at checkout.
Mobility & Logistics
Onboard drivers and riders securely, verify vehicle ownership, and detect device-based fraud in ride-sharing platforms.
Healthcare
Validate patient identity, eliminate duplicate records, and protect sensitive health data with biometric checks.
Telecoms
Enable NCC-compliant SIM registration, verify identity for mobile onboarding, and flag high-risk subscriber behaviors.
Corporate KYB
Verify businesses via CAC and TIN before onboarding them as vendors, partners, or merchants on your platform.
What's Next?
You've made your first LumiID API call. Here's where to go from here:
Was this guide helpful?