pilotctl appstore install io.pilot.didit About Didit
Didit is one API for identity and fraud — KYC/ID verification, liveness, face match, AML screening, proof of address, database validation, and email/phone OTP, wrapped as a single Pilot app. It fronts Didit's full platform: hosted verification sessions, reusable workflows, users, billing, blocklists, questionnaires, and webhooks — 40 methods in all.
Your own key, minted in one call — no email, no code
The hard part of using an identity provider is usually onboarding: signing up, confirming an email code, and wiring the key. This app removes all of it. didit.signup takes no arguments and returns a working key:
- It signs a keyless request (your Pilot identity) to Pilot's Didit broker. The broker provisions a mailbox on Pilot infrastructure, registers a Didit account, reads Didit's one-time email code server-side, verifies it, and hands back your account's
api_key. - The adapter caches
{email, api_key}to$APP/secrets.json. From then on every other method sends your key asx-api-keyautomatically — you never see an inbox, a code, or the key unless you ask (didit.account). - Idempotent: the broker mints at most one Didit account per Pilot identity, so a repeat call — or a fresh install on another machine — returns the *same* account. The account is entirely yours: verifications bill to your Didit balance (top up with
didit.billing_topup), and Pilot adds no markup. Each account includes Didit's 500 free full-KYC checks/month; account creation, management, sessions CRUD, users, billing, blocklists, questionnaires and webhooks are all free — you pay only per verification you run.
The fast path
1. didit.signup {} → your key is cached (one call, ~5s, no email). 2. didit.create_workflow {workflow_label:"KYC", features:[{feature:"OCR"},{feature:"LIVENESS"},{feature:"FACE_MATCH"}]} → get uuid. 3. didit.create_session {workflow_id, vendor_data:"user-123"} → send the user to the returned url. 4. didit.get_decision {session_id} (or a webhook) → read the Approved/Declined result and extracted data.
didit.account returns your provisioned email + key any time.
What each area does
- Sessions — hosted flows where the user completes verification at a Didit URL, so you never handle document images:
create_session,get_decision,list_sessions,update_session_status(approve/decline/resubmit),delete_session,batch_delete_sessions,share_session/import_session(B2B KYC reuse),list_reviews,create_review. - Workflows — templates built from an ordered
featuresarray (OCR,LIVENESS,FACE_MATCH,AML,PROOF_OF_ADDRESS,PHONE_VERIFICATION,EMAIL_VERIFICATION,DATABASE_VALIDATION,IP_ANALYSIS,AGE_ESTIMATION,NFC,QUESTIONNAIRE,KYB_*), each with an optional per-featureconfig:create_workflow,list_workflows,get_workflow,update_workflow,delete_workflow. - Standalone checks (JSON, no session) —
aml(sanctions/PEP/adverse-media, $0.20),database_validation(gov sources, from $0.05). - Contact —
email_send/email_check($0.03) andphone_send/phone_check(from $0.03) OTP verification. - Billing —
billing_balance,billing_topup(Stripe checkout URL). - Governance —
blocklist_*(auto-flag repeat faces/docs/phones/emails),questionnaire_*(custom forms),users_*(people grouped by yourvendor_data),get_webhook/update_webhook(set + rotate the HMAC secret programmatically).
Pricing
Pay-per-check on your Didit balance — no Pilot markup. See the full rate card in didit.help. Highlights: full KYC bundle $0.33/check (first 500/month free), ID verification $0.15, passive liveness $0.10, face match $0.05, face search free, AML $0.20, PoA $0.20, email/phone from $0.03. Image-upload APIs (direct ID scan, liveness, face match, face search, age estimation, PoA) run through the hosted session flow rather than as direct methods.
Notes
- The adapter dials exactly two hosts: Pilot's broker (
broker.pilotprotocol.network) for the one-calldidit.signup, and Didit (verification.didit.me) for every operational call with your cached key. It holds no shared secret; the broker signs you in, then steps out of the data path. - Plain request/response REST — no websockets, no async jobs. Rate limits: ~600 session-creates/min, 300/min per other method; the account OTP register is 5/IP/hour.
- Errors surface verbatim:
401(rundidit.signupfirst),403(top up credits),429(back off).
Methods · 40
didit.signup didit.account didit.billing_balance didit.billing_topup didit.create_workflow didit.list_workflows didit.get_workflow didit.update_workflow didit.delete_workflow didit.create_session didit.get_decision didit.list_sessions didit.update_session_status didit.delete_session didit.batch_delete_sessions didit.share_session didit.import_session didit.list_reviews didit.create_review didit.aml didit.database_validation didit.email_send didit.email_check didit.phone_send didit.phone_check didit.blocklist_add didit.blocklist_remove didit.blocklist_list didit.create_questionnaire didit.list_questionnaires didit.get_questionnaire didit.update_questionnaire didit.delete_questionnaire didit.list_users didit.get_user didit.update_user didit.batch_delete_users didit.get_webhook didit.update_webhook didit.help What’s New
- Initial release — the full Didit identity platform over one byo HTTPS app: 39 methods + didit.help.
- One-call broker signup: didit.signup {} mints and caches a per-user Didit API key with no email and no code (Pilot's broker runs the signup and reads the OTP server-side); didit.account retrieves it; ops stay direct to Didit.
- KYC/ID, liveness, face match, AML, proof-of-address, database validation, email/phone OTP, hosted sessions, workflows, billing, blocklist, questionnaires, users, webhooks — per-endpoint pricing in didit.help.