Developer's Guide: Optimizing Didit API Calls for CDN Edge Caching

Understand Rate LimitsDidit enforces global and endpoint-specific rate limits to maintain API stability, providing X-RateLimit-Limit, X-RateLimit-Remaining, and X-RateLimit-Reset headers for client-side throttling.

Implement Exponential BackoffFor 429 responses, integrate an exponential backoff strategy (e.g., 5s → 10s → 20s) to gracefully handle temporary API overloads and prevent client-side rate limit breaches.

Leverage CDN for Static AssetsWhile Didit's core API cannot be cached by traditional CDNs, optimize your application's static assets (JS, CSS, images) via CDN to reduce load times and improve perceived performance.

Didit's Performance ArchitectureDidit's AI-native, globally distributed infrastructure inherently offers low latency and high availability, making it an ideal choice for performance-critical identity verification needs.

In today's fast-paced digital landscape, every millisecond counts. For developers integrating identity verification services, optimizing API calls for speed and efficiency is paramount. While Content Delivery Networks (CDNs) are often associated with caching static assets, understanding how to best interact with API services, especially those designed for dynamic, real-time operations like identity verification, is crucial for overall application performance. This guide delves into optimizing your Didit API integrations, focusing on rate limiting, efficient call patterns, and how Didit's architecture inherently supports high performance.

Understanding Didit's API Rate Limits

Didit, like any robust API service, implements rate limits to ensure stability and fair usage across all clients. These limits are critical for preventing abuse and maintaining consistent performance. Understanding and adhering to them is the first step towards optimized API interactions.

Didit enforces multiple layers of rate limiting:

• Global Limits: For general GET endpoints, there's a limit of 300 requests per minute per application. Similarly, POST, PATCH, and DELETE (write/delete) endpoints also have a global ceiling of 300 requests per minute per application.
• Endpoint-Specific Limits: Certain high-impact operations have more restrictive limits. For instance, POST /v2/session/ (for creating verification sessions, often involving Didit's ID Verification or Age Estimation products) is limited to 600 requests per minute. Retrieving session decisions (`GET /v2/session//decision/) is throttled to 100 requests per minute to prevent excessive polling, and PDF generation (GET /session//generate-pdf/`) is also capped at 100 requests per minute due to its CPU-intensive nature.

When a rate limit is exceeded, Didit's API responds with a 429 Too Many Requests status code. Crucially, these responses include helpful headers:

• X-RateLimit-Limit: The maximum number of requests allowed.
• X-RateLimit-Remaining: The number of requests remaining in the current window.
• X-RateLimit-Reset: The time (in epoch seconds) when the current rate limit window resets.

By monitoring these headers, your application can proactively self-throttle, preventing unnecessary 429 errors and ensuring a smoother operational flow for services like Didit's AML Screening or Liveness Detection.

Implementing Smart Client-Side Throttling and Backoff

Effective client-side handling of rate limits is vital for a resilient integration. Here’s how to do it:

1. Watch Rate-Limit Headers: Implement logic to read the X-RateLimit-Remaining header. When this value drops below a certain threshold (e.g., 15% of X-RateLimit-Limit), your client should begin to slow down its request rate.

2. Exponential Backoff for 429s: This is a critical strategy. If your application receives a 429 response, it should pause before retrying the request. Instead of immediate retries, implement an exponential backoff algorithm. For example, wait 5 seconds, then 10 seconds, then 20 seconds, and so on. This prevents overwhelming the API further and allows the rate limit window to reset. Didit's Retry-After header can also inform your backoff strategy.

3. Log and Alert: Keep track of when rate limits are hit and when retries are triggered. This provides valuable insights into your application's usage patterns and can help identify areas for optimization or indicate a need to request a higher limit from Didit support for specific use cases.

The Role of CDN Edge Caching in API Performance

While Didit's core identity verification APIs, such as those for ID Verification, 1:1 Face Match, or NFC Verification, involve dynamic, real-time processing that cannot be effectively cached by a CDN (as each request is unique and requires fresh computation), CDNs still play a role in the overall performance of your application.

CDNs excel at caching static content (images, JavaScript, CSS files, videos) at edge locations closer to your users. By serving these assets from a CDN, you reduce the load on your origin server and decrease latency for your users. This improves the perceived performance of your application, making the overall experience, including the identity verification flow, feel much faster and more responsive.

For example, if your application uses a Didit workflow that involves a web-based user interface (e.g., for collecting document uploads or liveness detection selfies), the static assets for that UI can be served via a CDN. While the API calls to Didit's backend for processing the verification are direct, the speed of the surrounding application environment significantly impacts user satisfaction.

Didit's AI-Native Architecture for Unmatched Performance

Didit is built from the ground up as an AI-native, developer-first identity platform. This architectural choice inherently provides significant performance advantages that complement your CDN strategies for static assets:

• Global Distribution: Didit's infrastructure is globally distributed, ensuring low latency for users regardless of their geographical location. This means that API calls to Didit's verification endpoints are routed to the nearest data center, minimizing network travel time.
• Optimized for Real-time: Products like Passive & Active Liveness and 1:1 Face Match are designed for real-time processing, leveraging advanced AI models that execute quickly and efficiently.
• Scalability: Didit's modular architecture is built for scale, capable of handling high volumes of verification requests without degradation in performance, even during peak periods. This is crucial for applications requiring high throughput for services like Phone & Email Verification or Proof of Address.
• Developer-First APIs: Clean, well-documented APIs ensure that developers can integrate efficiently, reducing development time and potential for integration-related performance bottlenecks. The programmatic registration process, requiring just two API calls, exemplifies this developer-first approach.

By focusing on efficient API consumption practices, such as smart rate limit handling and exponential backoff, you can fully leverage Didit's high-performance, AI-native backend to deliver a seamless and rapid identity verification experience.

How Didit Helps

Didit is designed to provide a high-performance, reliable identity verification experience. Our AI-native platform offers a modular architecture, allowing you to integrate specific identity primitives like ID Verification (with OCR, MRZ, and barcode support), Passive & Active Liveness, 1:1 Face Match, and AML Screening & Monitoring as needed. This modularity means you only use the resources you require, optimizing both cost and performance. Didit's Free Core KYC offering, with no setup fees and a pay-per-successful-check model, makes it incredibly accessible to get started. Our globally distributed infrastructure ensures that your API calls benefit from low latency and high availability, making the need for traditional CDN caching of API responses less relevant, as the dynamic nature of identity verification demands real-time processing. We empower developers with a robust, scalable solution that inherently prioritizes speed and efficiency, allowing you to focus on building great applications while we handle the complexities of identity trust.

Ready to Get Started?

Ready to see Didit in action? Get a free demo today.

Start verifying identities for free with Didit's free tier.