Skip to main content
Didit Raises $7.5M to Build the Infrastructure for Identity and Fraud
Didit
Back to blog
Blog · March 7, 2026

Migrating Legacy Identity Verification with Strangler Fig & Didit

Modernizing legacy identity verification systems can be daunting. This post explores how to use the Strangler Fig pattern in Java/Spring Boot to incrementally migrate to Didit's advanced API, minimizing risk and ensuring a.

By DiditUpdated
migrating-legacy-identity-verification-with-strangler-fig-didit.png

Incremental Migration StrategyThe Strangler Fig pattern allows for a piecemeal migration, where new functionality is built alongside the old system, gradually replacing legacy components without disruptive big-bang rewrites.

Minimizing Risk and DowntimeBy isolating new features and routing traffic selectively, organizations can reduce the risk of system failures and maintain continuous service availability during the transition.

Leveraging Modern APIsIntegrating with Didit's API enables access to AI-native identity verification capabilities, offering superior fraud detection, compliance, and user experience compared to outdated systems.

Didit's Modular and Developer-First ApproachDidit's platform provides a modular, API-driven architecture with Free Core KYC, making it ideal for incremental adoption and seamless integration into existing Spring Boot applications.

The Challenge of Legacy Identity Verification Systems

Many organizations rely on legacy identity verification (IDV) systems that are difficult to maintain, costly to scale, and often lack the advanced fraud detection capabilities of modern solutions. The thought of a complete overhaul can be paralyzing, leading to stagnation and increased risk. These older systems might struggle with new compliance requirements, offer poor user experiences, or be unable to detect sophisticated deepfake and synthetic identity fraud. The traditional "big-bang" migration, where an entire system is replaced at once, is fraught with risk, potential downtime, and significant development costs. This is where a more strategic, incremental approach becomes invaluable.

Introducing the Strangler Fig Pattern for IDV Migration

The Strangler Fig pattern, famously coined by Martin Fowler, provides an elegant solution for gradually migrating a legacy system by building new functionality around its periphery, eventually "strangling" the old system until it can be retired. For identity verification, this means replacing specific IDV functions with calls to a modern API like Didit's, while the rest of the legacy application remains untouched initially. This pattern is particularly well-suited for Java/Spring Boot applications, allowing developers to introduce new services and API calls incrementally.

The core idea involves placing a facade or an API gateway in front of the legacy system. New requests are routed through this gateway, which decides whether to handle them using the new system (Didit) or pass them to the legacy system. Over time, more and more functionality is migrated to the new system, and the legacy components are slowly decommissioned. This approach minimizes risk, allows for continuous delivery, and provides immediate value from the new system's capabilities.

Implementing Strangler Fig with Spring Boot and Didit

Let's consider a practical scenario in a Spring Boot application. Imagine you have a legacy service responsible for ID document processing and liveness checks. You want to replace this with Didit's advanced ID Verification and Passive & Active Liveness features. You can introduce a new Spring Boot service, or a component within your existing service, that acts as the "strangler."

Step 1: Create a Proxy/Facade Layer

Develop a new Spring component that intercepts calls meant for identity verification. This component will contain the logic to decide whether to use the legacy system or Didit. For example, if you're only migrating new user registrations, you can route those to Didit, while existing user re-verifications might still go through the legacy system initially.


@Service
public class IdentityVerificationGateway {

    private final DiditApiClient diditApiClient;
    private final LegacyIdvService legacyIdvService;

    public IdentityVerificationGateway(DiditApiClient diditApiClient, LegacyIdvService legacyIdvService) {
        this.diditApiClient = diditApiClient;
        this.legacyIdvService = legacyIdvService;
    }

    public VerificationResult verifyIdentity(User user) {
        // Logic to decide whether to use Didit or legacy
        if (user.isNewUser() || featureFlags.isDiditEnabledFor(user.getRegion())) {
            // Call Didit API for ID Verification and Liveness
            return diditApiClient.performVerification(user);
        } else {
            // Fallback to legacy system
            return legacyIdvService.performVerification(user);
        }
    }
}

Step 2: Integrate Didit's API

Within your DiditApiClient, you'll make calls to Didit's robust API endpoints. Didit's modular architecture means you can pick and choose the exact identity primitives you need. For instance, to perform ID Verification and Liveness, you'd typically initiate a session and then process the results. Didit's API is truly developer-first, offering clean APIs and an instant sandbox for rapid integration.


@Service
public class DiditApiClient {

    private final RestTemplate restTemplate;
    private final String diditApiKey;
    private final String diditApiUrl;

    public DiditApiClient(@Value("${didit.api.key}") String diditApiKey,
                          @Value("${didit.api.url}") String diditApiUrl) {
        this.restTemplate = new RestTemplate();
        this.diditApiKey = diditApiKey;
        thisitApiUrl = diditApiUrl;
    }

    public VerificationResult performVerification(User user) {
        HttpHeaders headers = new HttpHeaders();
        headers.set("x-api-key", diditApiKey);
        headers.setContentType(MediaType.APPLICATION_JSON);

        // Example: Create a session for ID Verification and Liveness
        // The workflow_id would be configured in Didit's Business Console
        // for your desired sequence of checks.
        String workflowId = "your-didit-workflow-id"; 
        Map<String, String> requestBody = Map.of("workflow_id", workflowId, "vendor_data", user.getUserId());

        HttpEntity<Map<String, String>> request = new HttpEntity<>(requestBody, headers);

        ResponseEntity<DiditSessionResponse> response = restTemplate.postForEntity(
            diditApiUrl + "/v3/session/", request, DiditSessionResponse.class);

        // Handle the session URL, redirect user, and process webhooks for results
        // This simplified example assumes synchronous results for brevity.
        return new VerificationResult(response.getBody().getSessionId(), "PENDING");
    }
}

Remember that Didit also offers a no-code Business Console for designing complex Orchestrated Workflows, combining elements like ID Verification, Passive & Active Liveness, 1:1 Face Match, AML Screening, and Proof of Address. This allows you to define your verification journey once and then trigger it via a simple API call, simplifying your Spring Boot integration.

Step 3: Gradual Traffic Shifting and Monitoring

Once the Didit integration is in place, you can gradually shift traffic. Start with a small percentage of users, A/B test, or enable it for specific cohorts. Monitor performance, user experience, and verification accuracy closely. Didit's comprehensive analytics and webhook capabilities make this monitoring process efficient, providing real-time updates as users progress through verification. As confidence grows, you can increase the traffic routed to Didit, eventually decommissioning the legacy components entirely.

How Didit Helps

Didit is uniquely positioned to facilitate seamless migrations using the Strangler Fig pattern. Our AI-native, developer-first identity platform offers a modular architecture that makes integrating advanced identity verification capabilities straightforward. With Didit, you gain access to a suite of powerful tools:

  • ID Verification (OCR, MRZ, barcodes): Accurately extract data from identity documents globally.
  • Passive & Active Liveness: Combat deepfakes and presentation attacks with advanced biometric liveness detection.
  • 1:1 Face Match: Ensure the person presenting the ID is its rightful owner.
  • AML Screening & Monitoring: Stay compliant with global regulations by screening against sanctions and PEP lists.
  • Proof of Address: Verify residential addresses efficiently.
  • Age Estimation (privacy-preserving): For compliance in age-restricted industries without compromising privacy.
  • Phone & Email Verification: Enhance account security and deter fraud.

Didit's advantages are clear: we offer Free Core KYC to get you started, a truly modular architecture that allows you to integrate only what you need, and an AI-native approach that provides cutting-edge accuracy and fraud prevention. Our platform has no setup fees, and our developer-first ethos ensures clean APIs and extensive documentation for quick integration, perfectly aligning with the incremental nature of the Strangler Fig pattern.

Ready to Get Started?

Ready to see Didit in action? Get a free demo today.

Start verifying identities for free with Didit's free tier.

Infrastructure for identity and fraud.

One API for KYC, KYB, Transaction Monitoring, and Wallet Screening. Integrate in 5 minutes.

Start freeTalk to us
Ask an AI to summarise this page
Migrate Legacy IDV with Strangler Fig & Didit.