端到端了解您的客户(KYC)验证。此技能创建KYC工作流,生成一个会话URL,真实用户在该URL完成身份证扫描+自拍+人脸比对,并检索验证决策。
用户体验流程:
- 收到验证链接
- 扫描身份证件(护照、身份证、驾照)
- 进行实时自拍
- 系统自动将自拍与证件照片比对
- 获得批准、拒绝或标记待审核
API参考:
- 工作流:https://docs.didit.me/management-api/workflows/create
- 会话:https://docs.didit.me/sessions-api/create-session
- 决策:https://docs.didit.me/sessions-api/retrieve-session
- 程序化注册:https://docs.didit.me/integration/programmatic-registration
- 完整API概述:https://docs.didit.me/sessions-api/management-api
认证
所有请求都需要
x-api-key头。从
Didit Business Console → API & Webhooks获取您的密钥,或通过程序化注册(见下文)。
入门(还没有账户?)
如果您没有Didit API密钥,只需2次API调用即可创建一个:
- 注册:
POST https://apx.didit.me/auth/v2/programmatic/register/ 包含 {"email": "you@gmail.com", "password": "MyStr0ng!Pass"}
- 检查邮箱 获取6位字符的OTP验证码
- 验证:
POST https://apx.didit.me/auth/v2/programmatic/verify-email/ 包含 {"email": "you@gmail.com", "code": "A3K9F2"} → 响应包含api_key
添加积分: GET /v3/billing/balance/ 查看余额,POST /v3/billing/top-up/ 包含 {"amount_in_dollars": 50} 获取Stripe结账链接。请参阅didit-verification-management技能获取完整平台管理(工作流、会话、用户、计费)。
快速开始 — 3次API调用完成KYC
import requests, timeAPI_KEY = "your_api_key"
headers = {"x-api-key": API_KEY, "Content-Type": "application/json"}
BASE = "https://verification.didit.me/v3"
# 1. 创建KYC工作流(一次性设置 — 复用workflow_id用于所有用户)
workflow = requests.post(f"{BASE}/workflows/", headers=headers, json={
"workflow_label": "KYC Onboarding",
"workflow_type": "kyc",
"is_liveness_enabled": True,
"is_face_match_enabled": True,
"face_match_score_decline_threshold": 50,
"max_retry_attempts": 3,
}).json()
workflow_id = workflow["uuid"]
# 2. 为特定用户创建会话
session = requests.post(f"{BASE}/session/", headers=headers, json={
"workflow_id": workflow_id,
"vendor_data": "user-abc-123",
"callback": "https://yourapp.com/verification-done",
"language": "en",
}).json()
print(f"Send user to: {session['url']}")
# 用户打开此URL → 扫描身份证 → 自拍 → 完成
# 3. 轮询获取决策(或使用webhooks)
while True:
decision = requests.get(
f"{BASE}/session/{session['session_id']}/decision/",
headers={"x-api-key": API_KEY},
).json()
status = decision["status"]
if status in ("Approved", "Declined", "In Review"):
break
time.sleep(10)
print(f"Result: {status}")
if status == "Approved":
id_data = decision["id_verifications"][0]
print(f"Name: {id_data['first_name']} {id_data['last_name']}")
print(f"DOB: {id_data['date_of_birth']}")
print(f"Document: {id_data['document_type']} ({id_data['issuing_country']})")
步骤1:创建KYC工作流
工作流定义运行哪些检查。为每个用例创建一个并复用于所有用户。
POST https://verification.didit.me/v3/workflows/
API参考: https://docs.didit.me/management-api/workflows/create
推荐的KYC配置
| 参数 | 值 | 原因 |
|---|
workflow_type | "kyc" | 带ID+自拍的完整KYC模板 |
is_liveness_enabled | true | 防止欺骗(打印照片、屏幕) |
is_face_match_enabled | true | 将自拍与证件照片比对 |
face_match_score_decline_threshold | 50 | 匹配度低于50%→自动拒绝 |
is_aml_enabled | false | 设置true进行制裁/PEP筛查(+成本) |
max_retry_attempts | 3 | 用户失败后可重试3次 |
响应
{
"uuid": "d8d2fa2d-c69c-471c-b7bc-bc71512b43ef",
"workflow_label": "KYC Onboarding",
"workflow_type": "kyc",
"features": ["ocr", "liveness", "face_match"],
"total_price": "0.10",
"workflow_url": "https://verify.didit.me/..."
}
将uuid保存为您的workflow_id。
步骤2:为每个用户创建会话
每个用户获得自己的会话。会话生成一个唯一URL,用户在该URL完成验证。
POST https://verification.didit.me/v3/session/
API参考: https://docs.didit.me/sessions-api/create-session
关键参数
| 参数 | 类型 | 必填 | 描述 |
|---|
workflow_id | uuid | 是 | 来自步骤1 |
vendor_data | string | 推荐 | 您的用户ID — 将会话链接到您的系统 |
callback | url | 推荐 | 验证后的重定向URL。Didit会附加?verificationSessionId=...&status=... |
language | string | 否 | UI语言(ISO 639-1)。省略则自动检测 |
contact_details.email | string | 否 | 预填邮箱用于通知 |
expected_details.first_name | string | 否 | 如果证件姓名不同会触发不匹配警告 |
expected_details.date_of_birth | string | 否 | YYYY-MM-DD格式 |
metadata | JSON字符串 | 否 | 与会话一起存储的自定义数据 |
响应
{
"session_id": "11111111-2222-3333-4444-555555555555",
"session_token": "abcdef123456",
"url": "https://verify.didit.me/session/abcdef123456",
"status": "Not Started",
"workflow_id": "d8d2fa2d-..."
}
将用户发送到url — 这是他们完成验证的地方(网页或移动端)。
步骤3:获取决策
用户完成验证后,检索结果。
GET https://verification.didit.me/v3/session/{sessionId}/decision/
API参考: https://docs.didit.me/sessions-api/retrieve-session
两种方式获知准备就绪
选项A:Webhooks(生产环境推荐)
在Business Console → API & Webhooks配置webhook URL。Didit在决策就绪时发送包含session_id和status的POST请求。
选项B:轮询
每10-30秒轮询一次GET /v3/session/{id}/decision/。检查status — 当状态为Approved、Declined或In Review时停止。
决策响应字段
{
"session_id": "...",
"status": "Approved",
"features": ["ID_VERIFICATION", "LIVENESS", "FACE_MATCH"],
"id_verifications": [{
"status": "Approved",
"document_type": "PASSPORT",
"issuing_country": "USA",
"first_name": "John",
"last_name": "Doe",
"date_of_birth": "1990-01-15",
"document_number": "ABC123456",
"expiry_date": "2030-06-01",
"gender": "M",
"nationality": "USA",
"mrz": "P
关键决策状态
| 状态 | 含义 | 操作 |
|---|
Approved | 所有检查通过 | 用户已验证 |
Declined | 一个或多个检查失败 | 查看warnings了解详情 |
In Review | 边缘结果 | 需要人工审核,或通过API自动决定 |
Not Started | 用户尚未打开链接 | 等待或提醒用户 |
In Progress | 用户正在完成验证 | 等待 |
Expired | 会话已过期(默认:7天) | 创建新会话 |
可选:决策后操作
手动批准或拒绝
PATCH https://verification.didit.me/v3/session/{sessionId}/update-status/
API参考: https://docs.didit.me/sessions-api/update-status
requests.patch(f"{BASE}/session/{session_id}/update-status/", headers=headers, json={"new_status": "Approved", "comment": "Manual review passed"})
请求重新提交
如果身份证照片模糊,让用户仅重做该步骤:
requests.patch(f"{BASE}/session/{session_id}/update-status/", headers=headers, json={
"new_status": "Resubmitted",
"nodes_to_resubmit": [{"node_id": "feature_ocr", "feature": "OCR"}],
"send_email": True,
"email_address": "user@example.com",
})
阻止欺诈用户
requests.post(f"{BASE}/blocklist/add/", headers=headers, json={"session_id": session_id, "blocklist_face": True, "blocklist_document": True})
API参考: https://docs.didit.me/sessions-api/blocklist/add
生成PDF报告
response = requests.get(f"{BASE}/session/{session_id}/generate-pdf", headers={"x-api-key": API_KEY})
API参考: https://docs.didit.me/sessions-api/generate-pdf
KYC工作流变体
KYC + AML筛查
添加制裁/PEP筛查以捕获高风险个人:
requests.post(f"{BASE}/workflows/", headers=headers, json={
"workflow_type": "kyc",
"is_liveness_enabled": True,
"is_face_match_enabled": True,
"is_aml_enabled": True,
"aml_decline_threshold": 80,
})
KYC + 电话 + 邮箱
在流程中添加联系方式验证:
requests.post(f"{BASE}/workflows/", headers=headers, json={
"workflow_type": "kyc",
"is_liveness_enabled": True,
"is_face_match_enabled": True,
"is_phone_verification_enabled": True,
"is_email_verification_enabled": True,
})
KYC + NFC(芯片读取)
对于带NFC芯片的护照 — 最高保证:
requests.post(f"{BASE}/workflows/", headers=headers, json={
"workflow_type": "kyc",
"is_liveness_enabled": True,
"is_face_match_enabled": True,
"is_nfc_enabled": True,
})
实用脚本
run_kyc.py — 命令行完整KYC设置
# 需要:pip install requests
export DIDIT_API_KEY="your_api_key"# 创建KYC工作流(一次性)
python scripts/run_kyc.py setup --label "My KYC" --liveness --face-match
# 为用户创建会话
python scripts/run_kyc.py session --workflow-id --vendor-data user-123
# 获取决策
python scripts/run_kyc.py decision
# 完整流程:一次命令创建工作流+会话
python scripts/run_kyc.py full --vendor-data user-123 --callback https://myapp.com/done
也可以导入使用:
from scripts.run_kyc import setup_kyc_workflow, create_kyc_session, get_decision
End-to-end Know Your Customer (KYC) verification. This skill creates a KYC workflow, generates a session URL where a real user completes ID scan + selfie + face match, and retrieves the verification decision.
What the user experiences:
- Receives a verification link
- Scans their ID document (passport, ID card, driver's license)
- Takes a live selfie
- System auto-matches selfie to document photo
- Gets approved, declined, or flagged for review
API Reference:
- Workflows: https://docs.didit.me/management-api/workflows/create
- Sessions: https://docs.didit.me/sessions-api/create-session
- Decisions: https://docs.didit.me/sessions-api/retrieve-session
- Programmatic Registration: https://docs.didit.me/integration/programmatic-registration
- Full API Overview: https://docs.didit.me/sessions-api/management-api
Authentication
All requests require x-api-key header. Get your key from Didit Business Console → API & Webhooks, or via programmatic registration (see below).
Getting Started (No Account Yet?)
If you don't have a Didit API key, create one in 2 API calls:
- Register:
POST https://apx.didit.me/auth/v2/programmatic/register/ with {"email": "you@gmail.com", "password": "MyStr0ng!Pass"}
- Check email for a 6-character OTP code
- Verify:
POST https://apx.didit.me/auth/v2/programmatic/verify-email/ with {"email": "you@gmail.com", "code": "A3K9F2"} → response includes api_key
To add credits: GET /v3/billing/balance/ to check, POST /v3/billing/top-up/ with {"amount_in_dollars": 50} for a Stripe checkout link.
See the didit-verification-management skill for full platform management (workflows, sessions, users, billing).
Quick Start — KYC in 3 API Calls
import requests, timeAPI_KEY = "your_api_key"
headers = {"x-api-key": API_KEY, "Content-Type": "application/json"}
BASE = "https://verification.didit.me/v3"
# 1. Create a KYC workflow (one-time setup — reuse the workflow_id for all users)
workflow = requests.post(f"{BASE}/workflows/", headers=headers, json={
"workflow_label": "KYC Onboarding",
"workflow_type": "kyc",
"is_liveness_enabled": True,
"is_face_match_enabled": True,
"face_match_score_decline_threshold": 50,
"max_retry_attempts": 3,
}).json()
workflow_id = workflow["uuid"]
# 2. Create a session for a specific user
session = requests.post(f"{BASE}/session/", headers=headers, json={
"workflow_id": workflow_id,
"vendor_data": "user-abc-123",
"callback": "https://yourapp.com/verification-done",
"language": "en",
}).json()
print(f"Send user to: {session['url']}")
# User opens this URL → scans ID → takes selfie → done
# 3. Poll for the decision (or use webhooks)
while True:
decision = requests.get(
f"{BASE}/session/{session['session_id']}/decision/",
headers={"x-api-key": API_KEY},
).json()
status = decision["status"]
if status in ("Approved", "Declined", "In Review"):
break
time.sleep(10)
print(f"Result: {status}")
if status == "Approved":
id_data = decision["id_verifications"][0]
print(f"Name: {id_data['first_name']} {id_data['last_name']}")
print(f"DOB: {id_data['date_of_birth']}")
print(f"Document: {id_data['document_type']} ({id_data['issuing_country']})")
Step 1: Create a KYC Workflow
A workflow defines what checks run. Create one per use case and reuse it for all users.
POST https://verification.didit.me/v3/workflows/
API Reference: https://docs.didit.me/management-api/workflows/create
Recommended KYC Configuration
| Parameter | Value | Why |
|---|
workflow_type | "kyc" | Full KYC template with ID + selfie |
is_liveness_enabled | true | Prevents spoofing (printed photos, screens) |
is_face_match_enabled | true | Compares selfie to document photo |
face_match_score_decline_threshold | 50 | Match below 50% → auto-decline |
is_aml_enabled | false | Set true for sanctions/PEP screening (+cost) |
max_retry_attempts | 3 | User can retry 3 times on failure |
Response
{
"uuid": "d8d2fa2d-c69c-471c-b7bc-bc71512b43ef",
"workflow_label": "KYC Onboarding",
"workflow_type": "kyc",
"features": ["ocr", "liveness", "face_match"],
"total_price": "0.10",
"workflow_url": "https://verify.didit.me/..."
}
Save uuid as your workflow_id.
Step 2: Create a Session for Each User
Each user gets their own session. The session generates a unique URL where they complete verification.
POST https://verification.didit.me/v3/session/
API Reference: https://docs.didit.me/sessions-api/create-session
Key Parameters
| Parameter | Type | Required | Description |
|---|
workflow_id | uuid | Yes | From Step 1 |
vendor_data | string | Recommended | Your user ID — links the session to your system |
callback | url | Recommended | Redirect URL after verification. Didit appends ?verificationSessionId=...&status=... |
language | string | No | UI language (ISO 639-1). Auto-detected if omitted |
contact_details.email | string | No | Pre-fill email for notification |
expected_details.first_name | string | No | Triggers mismatch warning if document name differs |
expected_details.date_of_birth | string | No | YYYY-MM-DD format |
metadata | JSON string | No | Custom data stored with session |
Response
{
"session_id": "11111111-2222-3333-4444-555555555555",
"session_token": "abcdef123456",
"url": "https://verify.didit.me/session/abcdef123456",
"status": "Not Started",
"workflow_id": "d8d2fa2d-..."
}
Send the user to url — this is where they complete verification (web or mobile).
Step 3: Get the Decision
After the user completes verification, retrieve the results.
GET https://verification.didit.me/v3/session/{sessionId}/decision/
API Reference: https://docs.didit.me/sessions-api/retrieve-session
Two Ways to Know When It's Ready
Option A: Webhooks (recommended for production)
Configure a webhook URL in Business Console → API & Webhooks. Didit sends a POST with session_id and status when the decision is ready.
Option B: Polling
Poll GET /v3/session/{id}/decision/ every 10–30 seconds. Check status — stop when it's Approved, Declined, or In Review.
Decision Response Fields
{
"session_id": "...",
"status": "Approved",
"features": ["ID_VERIFICATION", "LIVENESS", "FACE_MATCH"],
"id_verifications": [{
"status": "Approved",
"document_type": "PASSPORT",
"issuing_country": "USA",
"first_name": "John",
"last_name": "Doe",
"date_of_birth": "1990-01-15",
"document_number": "ABC123456",
"expiry_date": "2030-06-01",
"gender": "M",
"nationality": "USA",
"mrz": "P
Key Decision Statuses
| Status | Meaning | Action |
|---|
Approved | All checks passed | User is verified |
Declined | One or more checks failed | Check warnings for details |
In Review | Borderline result | Manual review needed, or auto-decide via API |
Not Started | User hasn't opened the link yet | Wait or remind user |
In Progress | User is completing verification | Wait |
Expired | Session expired (default: 7 days) | Create a new session |
Optional: Post-Decision Actions
Approve or Decline Manually
PATCH https://verification.didit.me/v3/session/{sessionId}/update-status/
API Reference: https://docs.didit.me/sessions-api/update-status
requests.patch(f"{BASE}/session/{session_id}/update-status/",
headers=headers,
json={"new_status": "Approved", "comment": "Manual review passed"})
Request Resubmission
If the ID photo was blurry, ask the user to redo just that step:
requests.patch(f"{BASE}/session/{session_id}/update-status/",
headers=headers,
json={
"new_status": "Resubmitted",
"nodes_to_resubmit": [{"node_id": "feature_ocr", "feature": "OCR"}],
"send_email": True,
"email_address": "user@example.com",
})
Block Fraudulent Users
requests.post(f"{BASE}/blocklist/add/",
headers=headers,
json={"session_id": session_id, "blocklist_face": True, "blocklist_document": True})
API Reference: https://docs.didit.me/sessions-api/blocklist/add
Generate PDF Report
response = requests.get(f"{BASE}/session/{session_id}/generate-pdf",
headers={"x-api-key": API_KEY})
API Reference: https://docs.didit.me/sessions-api/generate-pdf
KYC Workflow Variants
KYC + AML Screening
Add sanctions/PEP screening to catch high-risk individuals:
requests.post(f"{BASE}/workflows/", headers=headers, json={
"workflow_type": "kyc",
"is_liveness_enabled": True,
"is_face_match_enabled": True,
"is_aml_enabled": True,
"aml_decline_threshold": 80,
})
KYC + Phone + Email
Add contact verification to the flow:
requests.post(f"{BASE}/workflows/", headers=headers, json={
"workflow_type": "kyc",
"is_liveness_enabled": True,
"is_face_match_enabled": True,
"is_phone_verification_enabled": True,
"is_email_verification_enabled": True,
})
KYC + NFC (Chip Reading)
For passports with NFC chips — highest assurance:
requests.post(f"{BASE}/workflows/", headers=headers, json={
"workflow_type": "kyc",
"is_liveness_enabled": True,
"is_face_match_enabled": True,
"is_nfc_enabled": True,
})
Utility Scripts
run_kyc.py — Full KYC setup from the command line
# Requires: pip install requests
export DIDIT_API_KEY="your_api_key"# Create a KYC workflow (one-time)
python scripts/run_kyc.py setup --label "My KYC" --liveness --face-match
# Create a session for a user
python scripts/run_kyc.py session --workflow-id --vendor-data user-123
# Get the decision
python scripts/run_kyc.py decision
# Full flow: create workflow + session in one command
python scripts/run_kyc.py full --vendor-data user-123 --callback https://myapp.com/done
Can also be imported:
from scripts.run_kyc import setup_kyc_workflow, create_kyc_session, get_decision
by