免费
每月 $0。无需信用卡。
- 免费 KYC 套件(身份验证 + 被动活体检测 + 人脸匹配 + 设备与 IP 分析), 每月 500 次,永久有效
- 黑名单用户
- 重复检测
- 每次会话 200+ 欺诈信号
- Didit 网络中可重复使用的 KYC
- 案件管理平台
- 工作流构建器
- 公开文档、沙盒、SDK、MCP(模型上下文协议)服务器
- 社区支持


全球2,000多家组织信赖。

产品负责人应尽的职责
将模块拖放到画布上,用边连接,添加分支,发布版本,然后将 workflow_id 传递给您的应用。当规则变更时,产品经理只需编辑草稿并发布即可, 无需工程工单,无需重新部署。集成始终只需一个 `POST /v3/session/` 调用。
选择您需要的检查项, 身份验证、活体检测、人脸比对、制裁名单、地址、年龄、电话、邮箱、自定义问题。在控制面板中将它们拖入流程,或通过我们的 API 发布相同的流程。根据条件进行分支,运行 A/B 测试,无需代码。
通过我们的 Web、iOS、Android、React Native 或 Flutter SDK 进行原生嵌入。重定向到托管页面。或者直接通过电子邮件、短信、WhatsApp 等任何方式向用户发送链接。选择最适合您技术栈的方式。
Didit 负责托管摄像头、光线提示、移动端切换和无障碍功能。当用户在流程中时,我们实时评估 200 多个欺诈信号,并根据权威数据源验证每个字段。两秒内即可出结果。
实时签名的 webhook 可确保用户获批、拒绝或送审时,您的数据库即时同步。按需轮询 API。或者打开控制台检查每个会话、每个信号,并按您的方式管理案例。
Didit · 画布
Didit · 分支
Didit · 模板
Didit · A/B
Didit · 版本控制
当前
草稿
Didit · /v3/ + MCP
$ curl -X POST https://verification.didit.me/v3/session/ \
-H "x-api-key: $DIDIT_API_KEY" \
-d '{
"workflow_id": "wf_signup_v12",
"vendor_data": "user-42",
"callback": "https://app/cb"
}'Didit 在服务器端引导用户完成每个分支。$ curl -X POST https://verification.didit.me/v3/workflows/ \
-H "x-api-key: $DIDIT_API_KEY" \
-H "Content-Type: application/json" \
-d '{
"workflow_label": "注册 KYC",
"features": [
{ "feature": "OCR" },
{ "feature": "活体检测" },
{ "feature": "人脸匹配" },
{ "feature": "AML" }
]
}'返回工作流 UUID · 可直接用作 `workflow_id`。You are integrating Didit's no-code Workflow Builder into a product. The product manager, the compliance officer, or the founder can change identity rules in the Business Console; your app only ever hands Didit a workflow_id, gets a verdict back, and routes the user.
Three pillars:
1. Compose the workflow in the visual builder — drag ID, Liveness, Face Match, AML, NFC, KYB modules onto the canvas, connect them with edges, add conditional branches.
2. Publish a version — the published version is immutable; sessions reference the exact version they were created with.
3. Open POST /v3/session/ with the published workflow_id. Didit handles every module and every branch server-side.
Cost:
- Pay per completed module per session (e.g. ID $0.15 + Liveness $0.10 + Face Match $0.05 + AML $0.20 = $0.50, or bundle = $0.33)
- Workflow Builder itself is free
- MCP server (for AI coding agents to manage workflows programmatically) is free, included
- First 500 verifications free every month, forever
PRE-REQUISITES
- Production API key from https://business.didit.me (sandbox key in 60s, no card).
- Webhook endpoint with HMAC SHA-256 verification using the X-Signature-V2 header and your webhook secret.
- Access to the Business Console's Workflow Builder (every account has it).
- The 11 seeded templates are a good starting point:
"ID + Face Match"
"ID + Liveness + Face Match" (the $0.33 KYC bundle)
"ID + IP risk-based" (extra Liveness on VPN / Tor)
"Phone risk-based verification"
"High-risk country review"
"Two ID documents"
"Driver verification"
"EU Company Verification" (KYB)
... plus four more
- Plus "Start from Scratch" for fully bespoke flows.
STEP 1 — Compose the workflow
Console → Workflows → New → pick a template OR Start from Scratch:
- Drag modules from the sidebar onto the canvas
- Connect them with edges (the user moves left-to-right through them)
- Add branching conditions (right-click a node → Add condition)
- Set per-workflow options: Include custom style (white label), retention override, callback URL
Click Save Draft. The draft is fully editable; only published versions are immutable.
STEP 2 — Publish a version
Click Publish on the draft. The version receives a number (v1, v2, v3…) and becomes immutable.
Versioning rules:
- Sessions reference the exact published version they were created with
- You can iterate on a new draft while sessions on the old version continue to use it
- Past versions are kept; you can inspect any past session's configuration
- To change a published workflow, create a new draft from it, edit, publish
STEP 3 — Open a session with the workflow_id
POST https://verification.didit.me/v3/session/
Headers:
x-api-key: <your api key>
Content-Type: application/json
Body:
{
"workflow_id": "<your published workflow id>",
"vendor_data": "<your user id, max 256 chars>",
"callback": "https://<your-app>/identity/callback"
}
Response: 201 Created with the hosted session URL. Didit walks the user through every module and every branch defined in the workflow.
STEP 4 — Read the signed webhook on completion
Didit POSTs to your callback when the session reaches a terminal status. Session statuses are Title Case With Spaces:
Body (excerpted):
{
"session_id": "<uuid>",
"workflow_id": "<the workflow id>",
"workflow_version": "<v3>",
"vendor_data": "<your user id>",
"status": "Approved",
"id_verification": { "status": "Approved" },
"liveness": { "status": "Approved" },
"face": { "status": "Approved", "similarity_score": 0.94 },
"aml": { "status": "Approved", "hits": [] }
}
Status enum (exact case): Approved | Declined | In Review | Resubmitted | Expired | Not Finished | Kyc Expired | Abandoned.
Verify the X-Signature-V2 header BEFORE reading the body — HMAC SHA-256 of the raw bytes with your webhook secret.
Each module that ran inside the workflow returns its own sub-status; the top-level status is the rolled-up verdict.
STEP 5 — Iterate without redeploying
When the rules need to change — a new country flagged as high-risk, a tighter age threshold, a new module added to the bundle — the workflow owner edits the draft in the Console and publishes. New sessions automatically use the new version.
Your app doesn't change. You don't redeploy. The workflow_id is the same; the underlying behaviour is updated.
STEP 6 — Run A/B tests
Built-in A/B testing splits traffic across variant workflows. Configure variants in the Console (e.g. variant A uses Passive Liveness, variant B uses Active Liveness), set the split percentage, and read the variant id back on every session webhook.
Measure conversion + verdict mix per variant in the Business Console's analytics. Promote the winner; the loser becomes a previous version retained for audit.
STEP 7 — Drive the Workflow Builder from AI coding agents
The Didit MCP (Model Context Protocol) server (free, included) exposes the Workflow management primitives as MCP tools. Any MCP-compatible host — Claude Code, Cursor, Codex, Replit Agent, Devin, Aider — can list workflows, create new drafts, edit nodes, and publish versions on your behalf.
Useful for ops teams that want to script tenant-specific workflow provisioning, A/B-variant generation, or per-customer-brand template materialisation.
WEBHOOK EVENT NAMES
- Sessions: status changes flow through the standard session webhook.
- Verify X-Signature-V2 on every payload.
CONSTRAINTS
- Session statuses use Title Case With Spaces (Approved, In Review). Don't transform them.
- Published workflow versions are immutable. To change behaviour, publish a new version.
- Conditional branches are unlimited in depth; keep flows readable for the next operator.
- The cost model is pay-per-completed-module — adding a module that runs only conditionally only costs you on the branches that hit it.
Read the docs:
- https://docs.didit.me/console/workflows
- https://docs.didit.me/sessions-api/create-session
- https://docs.didit.me/sessions-api/retrieve-session
- https://docs.didit.me/integration/webhooks
Start free at https://business.didit.me — sandbox key in 60 seconds, 500 verifications free every month, no credit card.每月 $0。无需信用卡。
按实际用量付费。25+模块。公开的模块定价,无每月最低费用。
定制MSA和SLA。适用于大批量和受监管项目。
免费开始 → 仅在检查运行时付费 → 解锁企业版以获取定制合约、SLA 或数据驻留。
Didit 是身份和欺诈基础设施, 这是我们自己构建产品时希望存在的平台:开放、灵活且对开发者友好,因此它能真正成为您技术栈的一部分,而不是您需要围绕其集成的黑盒。
一个 API 涵盖了人员验证(KYC,了解您的客户)、企业验证(KYB,了解您的业务)、加密钱包筛选(KYT,了解您的交易)以及实时交易监控, 构建在以下技术栈之上:
底层支持:14,000 多种文档类型,支持 48 种以上语言,1,000 多个数据源,以及每个会话的 200 多个欺诈信号。Didit 基础设施从每个会话中动态学习,并日益完善。
它是一种设计您的 KYC / AML / KYB 流程检查什么、按什么顺序以及在什么条件下的方式, 所有这些都在一个可视化的拖放画布中完成,而不是通过代码。
实际操作中:
workflow_id 交给工程团队。workflow_id 传递给 POST /v3/session/, 完成。当规则需要更改时,产品经理编辑草稿并发布。应用程序无需重新部署。
可以。大多数尝试过的团队都学到了三个教训:
工作流构建器将这三者整合到一个拖放画布中。规则变为产品配置;代码变为一个 POST /v3/session/ 调用。
整个流程通常在 30 秒内完成, 拿起身份证,拍摄证件,拍摄自拍,完成。这是市场上最快的。传统的 KYC 提供商完成相同的流程通常需要超过 90 秒。
在后端,Didit 在 p99 情况下两秒内返回结果,从用户完成自拍到您的 Webhook 触发。移动端捕获针对慢速手机和慢速网络进行了优化:渐进式图像压缩、延迟加载软件开发工具包,以及如果用户从网页开始,通过二维码从桌面到手机的一键式切换。
每个 Didit 原语都作为一个节点提供:
$0.15)、NFC 读取 ($0.15)、地址证明 ($0.20)、数据库验证(可变)、自定义问卷 ($0.10)$0.10)、主动活体检测 ($0.15)、人脸 1:1 匹配 ($0.05)、人脸 1:N 搜索(免费)、年龄估算 ($0.10)、生物识别认证 ($0.10)$0.20,1,300 多个名单)、持续 AML ($0.07/用户/年)、设备与 IP 分析 ($0.03)$0.03)、电话验证(从 $0.03 起)以及分支节点(if/else、switch)和终止节点(批准、拒绝、审核)。
每个会话都会落入七种明确状态之一,因此您的代码始终知道如何处理:
Approved, 所有检查通过。让用户继续。Declined, 一个或多个检查失败。您可以允许用户重新提交失败的特定步骤(例如,重新拍摄自拍),而无需重新运行整个流程。In Review, 标记为合规审查。在控制台中打开案例,查看所有信号,决定批准或拒绝。In Progress, 用户正在进行流程中。Not Started, 链接已发送,用户尚未打开。如果长时间未打开,发送提醒。Abandoned, 用户打开了链接但未及时完成。重新吸引或使其过期。Expired, 会话链接已过期。创建新会话。每次状态更改都会触发签名 Webhook,因此您的数据库始终保持同步。放弃和拒绝的会话是免费的。
生产数据默认在欧盟的 Amazon Web Services 上处理和存储。企业合同可根据监管机构要求,申请在其他区域存储。
全面加密。 所有数据库、对象存储和备份均采用 AES-256 静态加密。所有 API 调用、Webhook 和业务控制台会话均采用传输层安全协议 1.3 进行传输加密。生物识别数据在单独的客户主密钥下加密。
保留期限由您控制。 默认保留期限为无限期(无限制),除非您配置更短的期限, 每个应用程序 30 天到 10 年, 您可以随时从仪表板或 API 删除任何单个会话。
认证:SOC 2 Type 1(Type 2 审计进行中)、ISO/IEC 27001:2022、iBeta Level 1 PAD,以及来自西班牙 Tesoro / SEPBLAC / CNMV 的公开证明,表明 Didit 的远程身份验证比面对面验证更安全。完整报告请访问 /security-compliance。
Didit 默认符合身份基础设施相关监管机构的要求:
详细备忘录、所有证书、所有监管机构函件:/security-compliance。
三种集成路径, 选择最适合您技术栈的方式:
所有三种方式都使用相同的仪表板、相同的计费和相同的按成功付费价格。分步指南请访问 docs.didit.me/integration/integration-prompt。
每个工作流有两种状态:
要更改已发布的工作流,您可以从它创建一个新草稿,编辑,然后发布。新的已发布版本将成为 v3(或其他版本);v2 将作为历史记录永久保留。过去的会话完全可重现, 会话负载包含其运行的精确 workflow_version。
这符合监管机构的审计要求:“向我展示此用户在此日期运行的工作流的确切配置”。每个 Didit 账户都免费获得此功能,无需设置。
所有功能均在相同的 /v3/ 契约下提供。
workflow_id 并引导用户完成相同的服务器端编排。免费。workflow_id,相同的编排。总而言之:一个 workflow_id 从控制台 → 进入您的应用程序 → 进入 SDK 或托管 UI → 服务器端编排 → 签名 Webhook。除了单个 POST /v3/session/ 之外,无需任何胶水代码。
三步集成,一个下午搞定:
business.didit.me, 60 秒内获取沙盒密钥,无需信用卡workflow_id 调用 POST /v3/session/,并将签名 webhook (X-Signature-V2, HMAC SHA-256) 连接到您的决策逻辑中这就是完整的集成过程。当规则发生变化时,工作流所有者只需在控制台中编辑草稿并发布,您的应用无需更改。
对于脚本化的工作流管理,Didit MCP 服务器是免费的,它允许任何兼容 MCP 的代理主机(Claude Code、Cursor 等)以编程方式驱动 Workflow Builder。