2.5k
GitHub Stars
2
Bundled Files
2 months ago
Catalog Refreshed
4 months ago
First Indexed
Readme & install
Copy the install command, review bundled files from the catalogue, and read any extended description pulled from the listing source.
Installation
Preview and clipboard use veilstrat where the catalogue uses aiagentskills.
npx veilstrat add skill openclaw/skills --skill didit-sessions- _meta.json286 B
- SKILL.md15.1 KB
Overview
This skill integrates Didit Session & Workflow APIs to manage end-to-end identity verification sessions. It exposes endpoints to create sessions, attach workflows, retrieve decisions, manage blocklists, share/import sessions between partners, generate PDF reports, and update session status. Use it to automate KYC, fraud handling, and B2B verification handoffs.
How this skill works
The skill calls Didit’s v3 endpoints using an x-api-key header and standard JSON payloads. It creates sessions tied to a workflow_id, returns a session URL/token for user verification, and then polls or receives webhooks for decisions. It also supports session lifecycle actions: status updates, resubmissions, PDF generation, sharing/importing sessions, and blocklist management.
When to use it
- Start a KYC or biometric verification flow by creating a session with a workflow_id
- Retrieve a completed session decision to drive onboarding or fraud rules
- Update session status after manual review or to request resubmission
- Share or import finished sessions between partner organizations for B2B KYC
- Block or unblock faces/documents/phones/emails to enforce fraud prevention
- Generate official PDF reports of verification results for records or audits
Best practices
- Always send x-api-key header and validate 401/403 responses before retrying
- Use webhooks for real-time decisioning; poll GET /session/{id}/decision/ at low frequency with backoff
- Respect rate limits (per-method limits + Retry-After on 429); implement exponential backoff
- Store vendor_data and session_token to link Didit sessions to your user records
- When resubmitting, include nodes_to_resubmit to preserve approved steps and notify users only when needed
- Use share_token only via backend channels and require legal/data-sharing consent before importing
Example use cases
- Full KYC onboarding: create session → redirect user → receive decision → approve or request resubmission
- Fraud response: get decision for an In Review session, then decline and add matched entities to blocklist
- Returning-user biometric check: use Biometric Authentication workflow and pass a portrait_image for face match
- B2B exchange: Service A shares a finished session (share_token); Service B imports it, optionally trusting the original review
- Compliance reporting: generate PDF report for an audited session and store it in your records
FAQ
Include x-api-key and Content-Type: application/json for JSON endpoints. Missing or invalid keys return 401.
When should I use webhooks vs polling decisions?
Use webhooks for immediate, scalable notifications. Polling is acceptable for low-volume checks or if webhooks cannot be used; respect rate limits and backoff.
Can a shared session be imported multiple times?
No. A shared session can be imported only once per receiving partner application. Ensure legal and consent requirements before sharing.