Chapa yako. Didit chini.

You are integrating Didit white-label KYC. You're either reselling identity verification to your own customers under your brand, or embedding KYC inside your SaaS product so the end-user never sees Didit. Either way, the verification stack is Didit's; the visible brand is yours.

Three pillars:

  1. Configure your brand once in the Style Editor — colours, typography, square + rectangular logos, optional custom domain.
  2. Toggle Include custom style ON for every workflow that should ship under your brand. Leave it OFF for internal admin flows.
  3. Open POST /v3/session/ as usual. The hosted UI returns under your brand on your domain.

Cost:
  - Didit KYC bundle: $0.33 per check (Sessions API floor)
  - White-label fee: $0.20 per check (adds branding + custom domain + per-workflow style toggle)
  - Reseller cost in: $0.53 per check
  - Mark up to your buyer as you choose — published rate at scale, custom contracts above 100k/month
  - First 500 verifications free every month, forever

PRE-REQUISITES
  - Production API key from https://business.didit.me (sandbox key in 60s, no card).
  - White-label add-on enabled on your account (talk to sales to switch it on).
  - Webhook endpoint with HMAC SHA-256 verification using the X-Signature-V2 header and your webhook secret.
  - A workflow_id from the Workflow Builder that bundles the modules you ship (typically ID Verification + Passive Liveness + Face Match 1:1 + AML Screening) with Include custom style ENABLED.
  - Optional: custom domain (e.g. verify.yourbrand.com) configured in the Business Console — Didit handles the CNAME target + TLS cert via Let's Encrypt.

STEP 1 — Configure brand in the Style Editor (no code)

  Console → White Label → Style Editor:
    Colors:      buttons, text, panels, backgrounds
    Typography:  fonts that match your brand
    Logos:       square + rectangular uploads
    Layout:      border radius for panels and buttons
    Login:       show or skip the Didit login screen
    Domain:      add verify.yourbrand.com (CNAME target = verify.didit.me; TLS auto-provisioned)

STEP 2 — Enable custom style on the workflow

  Console → Workflows → <your workflow> → Settings → Options:
    Toggle Include custom style ON. Without this, the workflow ships with default Didit branding.

  Repeat per workflow. You can mix branded + unbranded workflows on the same account — useful for an internal admin flow that doesn't need the customer brand.

STEP 3 — Open a session as usual

  POST https://verification.didit.me/v3/session/
  Headers:
    x-api-key: <your api key>
    Content-Type: application/json
  Body:
    {
      "workflow_id": "<wf id with Include custom style ON>",
      "vendor_data": "<your end-user id, max 256 chars>",
      "callback": "https://<your-app>/kyc/callback",
      "metadata": {
        "purpose": "white_label_onboarding",
        "tenant_id": "<your reseller tenant id if multi-brand>"
      }
    }

  Response: 201 Created with the hosted session URL — under YOUR domain if you set one. Sub-2-second median verdict on completion.

STEP 4 — Read the signed webhook on completion

  Didit POSTs to your callback. Session statuses are Title Case With Spaces:

  Body (excerpted):
    {
      "session_id": "<uuid>",
      "vendor_data": "<your end-user id>",
      "status": "Approved",
      "id_verification": { "status": "Approved" },
      "liveness": { "status": "Approved" },
      "face": { "status": "Approved", "similarity_score": 0.94 },
      "aml": { "status": "Approved", "hits": [] }
    }

  Status enum (exact case): Approved | Declined | In Review | Resubmitted | Expired | Not Finished | Kyc Expired | Abandoned.

  Verify the X-Signature-V2 header BEFORE reading the body — HMAC SHA-256 of the raw bytes with your webhook secret.

  On Approved → onboard the end-user. On Declined → reject. On In Review or Resubmitted → hold + route to your compliance team.

STEP 5 — Multi-brand on one account (reseller pattern)

  When you serve multiple end-customer brands from a single Didit account:

  - Create one workflow per end-customer brand
  - Configure each workflow with the customer's brand style (or use the Style Editor presets per workflow if your account supports it)
  - On POST /v3/session/, pick the workflow_id that matches the end-customer's brand

  The end-customer sees their own brand; you see one consolidated invoice per month. Didit's MCP (Model Context Protocol) server is included free for programmatic per-tenant workflow management.

STEP 6 — Audit + compliance retained

  Swapping the brand does not change the underlying compliance bar. Every session is still:
  - iBeta Level 1 PAD (Presentation Attack Detection) certified on liveness
  - Backed by Spain's Tesoro / SEPBLAC attestation (only EU member-state government attestation of safer-than-in-person verification)
  - Aligned with SOC 2 Type 1 + ISO/IEC 27001 + GDPR (General Data Protection Regulation)
  - Logged with X-Signature-V2 webhook signing on every event
  - Retained 5 years post-relationship by default per the EU Anti-Money-Laundering package; configurable upward per your supervisor's guidance

  Sub-processor disclosure available on request for your DPA (Data Processing Agreement).

WEBHOOK EVENT NAMES
  - Sessions: status changes flow through the standard session webhook.
  - Verify X-Signature-V2 on every payload.

CONSTRAINTS
  - Session statuses use Title Case With Spaces (Approved, In Review). Don't transform them.
  - The white-label add-on is a per-account feature — talk to sales to enable it. Once enabled, the Style Editor + custom-domain pipeline is no-code.
  - Custom domain TLS auto-renews 30 days before expiry. Monitor the cert status in the Console.
  - Some end-user browsers (mobile in-app webviews) constrain custom domains — keep verify.didit.me as a fallback for these edge cases.

Read the docs:
  - https://docs.didit.me/console/white-label
  - https://docs.didit.me/console/workflows
  - https://docs.didit.me/sessions-api/create-session
  - https://docs.didit.me/integration/webhooks

Start free at https://business.didit.me — sandbox key in 60 seconds, 500 verifications free every month, no credit card.