入职新员工。通过一个入职链接。

You are integrating Didit into a HR / People Ops stack to onboard every new hire. ONE obligation, ONE Didit session:

  Verify the hire's identity (Know Your Customer (KYC)) — ID document, liveness, face match, AML against 1,300+ sanctions / Politically Exposed Person (PEP) / adverse-media lists — AND collect any HR-specific document (NDA, code of conduct, tax form, work-visa share code) in the same flow.

Bundle pricing (verified live, 2026-05-16):
  - Full KYC bundle: $0.33 per hire (ID + Liveness + Face Match + Device & IP)
  - AML Screening: $0.20 per hire
  - HR Questionnaire: $0.10 per hire (per stack of HR forms)
  - Total: ~$0.50 per fully-onboarded hire — public price, no minimums
  - First 500 verifications free every month, forever
  - Ongoing AML on the active workforce: $0.07 per user per year, automatic

PRE-REQUISITES
  - Production API key from https://business.didit.me (sandbox key in 60s, no card).
  - Webhook endpoint with HMAC SHA-256 verification using the X-Signature-V2 header and your webhook secret.
  - A workflow_id from the Workflow Builder that bundles ID Verification + Passive Liveness + Face Match 1:1 + AML Screening + the HR Questionnaire of choice.
  - (Optional) ATS or HRIS — Greenhouse, Workday, Lever, Rippling, BambooHR, HiBob — to receive the verdict.

STEP 1 — Open the hire session at offer-stage

  POST https://verification.didit.me/v3/session/
  Headers:
    x-api-key: <your api key>
    Content-Type: application/json
  Body:
    {
      "workflow_id": "<wf id with KYC + AML + HR Questionnaire>",
      "vendor_data": "<your applicant id, max 256 chars>",
      "callback": "https://<your-app>/hire/kyc/callback",
      "metadata": {
        "purpose": "employee_onboarding",
        "role_band": "engineering_ic",
        "country_of_work": "ES",
        "ats_application_id": "<your ATS reference>"
      }
    }

  Response: 201 Created with a hosted session URL. Email or text the URL to the candidate when the offer letter goes out. Sub-2-second median verdict on completion.

STEP 2 — Read the signed webhook when the candidate finishes

  Didit POSTs to your callback. Session statuses are Title Case With Spaces:

  Body (excerpted):
    {
      "session_id": "<uuid>",
      "vendor_data": "<your applicant id>",
      "status": "Approved",
      "id_verification": { "status": "Approved", "document_type": "Passport" },
      "liveness": { "status": "Approved" },
      "face": { "status": "Approved", "similarity_score": 0.94 },
      "aml": { "status": "Approved", "hits": [] },
      "questionnaire": { "status": "Approved", "answers": { ... } }
    }

  Status enum (exact case): Approved | Declined | In Review | Resubmitted | Expired | Not Finished | Kyc Expired | Abandoned.

  Verify the X-Signature-V2 header BEFORE reading the body — HMAC SHA-256 of the raw bytes with your webhook secret.

STEP 3 — Branch on the verdict

  Approved          → forward to ATS / HRIS as "background-clear", trigger day-one provisioning.
  In Review         → route to People Ops queue for manual review; pause start-date confirmation.
  Declined          → escalate to compliance; halt the hire pending re-screen or rescind offer.
  Resubmitted       → applicant uploaded a second time after a soft rejection — re-read.
  Kyc Expired       → session went stale; send a new session URL.

STEP 4 — Ongoing AML on the active workforce is automatic

  Every Approved hire is re-screened DAILY by Didit's continuous monitoring at $0.07 per user per year. NO separate endpoint to call — the original session is what gets monitored.

  When a previously-clear employee crosses an AML threshold (new sanction listing, new adverse-media hit, PEP status change), the session status changes to "In Review" or "Declined" and your webhook fires the update. Pipe that event back into your HRIS for People Ops triage.

WEBHOOK EVENT NAMES
  - Sessions: status changes flow through the standard session webhook.
  - Ongoing AML updates: same session webhook fires when the verdict flips post-onboarding.

  Verify X-Signature-V2 on every payload.

CONSTRAINTS
  - Session statuses use Title Case With Spaces (Approved, In Review). Do not lowercase or snake_case them.
  - HR documents collected via Questionnaire are retained alongside the identity capture — one audit pack, one retention policy. Default retention is 5 years post-employment per the EU AML package; align with your jurisdiction.
  - 200+ fraud signals are evaluated on every KYC session at no extra cost.
  - The session URL is single-use; if a candidate abandons mid-flow, create a new session for the retry.

Read the docs:
  - https://docs.didit.me/sessions-api/create-session
  - https://docs.didit.me/core-technology/aml-screening/overview
  - https://docs.didit.me/core-technology/questionnaires/overview
  - https://docs.didit.me/integration/webhooks

Start free at https://business.didit.me — sandbox key in 60 seconds, 500 verifications free every month, no credit card.