# Key Validation

Starting with GBDS 5 new settings were added to the API

<table><thead><tr><th width="261.727294921875">Configuration</th><th>Default Value</th></tr></thead><tbody><tr><td>gbds.keyValidation.oneKeyOnly</td><td>false</td></tr><tr><td>gbds.keyValidation.keyFormat</td><td>false</td></tr><tr><td>gbds.keyValidation.inconsistentKeys</td><td>true</td></tr></tbody></table>

## Behavior

### Single key validation

The API will reject any transaction that has more than one key (enroll, update, trusted enroll and trusted update)

### Key format validation

The API will reject any transaction whose keys fail format validation.

The API will evaluate the format in the table `gbds.key_format` for each provided key ID

The API will check the following:

| Type         | Validation                                                                      |
| ------------ | ------------------------------------------------------------------------------- |
| CPF          | Must pass the checksum validation for CPF                                       |
| TITULO       | Must pass the checksum validation for the voter registration                    |
| REGEX        | Must pass the regex provided in the field `regex`                               |
| ALPHANUMERIC | Key must contain only alphanumeric characters                                   |
| NUMERIC      | Key must contain only numeric characters                                        |
| ALPHABETIC   | Key must contain only alphabetic characters                                     |
| LENGTH       | If a minimum/maximum size is configured, the key will have its length validated |

### Inconsistent Keys

When this setting is enabled, the transaction will be rejected on enroll/update/trusted when keys are potentially inconsistent when an update is performed

Cases of inconsistent keys:

* If the payload is provided with more than one key and those keys match more than one person

| IDs       | Keys in the Payload | Person 1 in the Database | Person 2 in the Database |
| --------- | ------------------- | ------------------------ | ------------------------ |
| ***cpf*** | cpf-01              | cpf-01                   | -                        |
| ***rg***  | rg-01               | -                        | rg-01                    |

* If the payload is provided with more than one key and one key matches a person's key but that person has any other key with an ID that matches another key in the payload, but with a different value.

| IDs       | Keys in the Payload | Person in the Database |
| --------- | ------------------- | ---------------------- |
| ***cpf*** | cpf-01              | cpf-01                 |
| ***rg***  | rg-01               | rg-02                  |

The id "rg" matches in the payload and in the person in the database, but both have different values

{% hint style="info" %}
With the setting disabled, the above transaction will raise an exception as happens in GBDS 4
{% endhint %}