# Didit API — Orthogonal API

> Pay-per-use API on Orthogonal. Each call is billed to your Orthogonal balance.
> Base API: `https://api.orth.sh/v1/run` · [llms.txt](https://orthogonal.com/llms.txt) · [browse all APIs](https://orthogonal.com/discover)

The all-in-one identity platform. Powering the fastest identity verification while fighting fraud and unifying all identity checks.

**Verified:** yes

## Access

**Run API:** `POST https://api.orth.sh/v1/run`
**Auth:** `Authorization: Bearer $ORTHOGONAL_API_KEY`
Get an API key at https://orthogonal.com/dashboard/settings/api-keys

Every call goes through the unified Run API: send the API `slug`, the endpoint `path`, and the `query`/`body` parameters. The response is `{ "success": true, "price": "<usd>", "data": { ... } }`.

## Endpoints

### AML Screening

The AML Screening API allows you to screen individuals or companies against global watchlists and high-risk databases. This API provides real-time screening capabilities to detect potential matches and mitigate risks associated with financial fraud and terrorism. You can screen both persons and companies by specifying the `entity_type` parameter.

`POST /v3/aml`

**Estimated cost:** $0.36

**Docs:** https://docs.didit.me/reference/aml-screening-standalone-api

| Field | Type | Required | Description |
|-------|------|----------|-------------|
| `full_name` | string | Yes | Full name of the person or company to be screened. |
| `entity_type` | string | No | Type of entity to screen. Either 'person' or 'company'. Defaults to 'person'. |
| `date_of_birth` | date | No | Date of birth for persons or incorporation date for companies, with format: YYYY-MM-DD. For example, `1990-05-15`. |
| `nationality` | string | No | Nationality of the person to be screened with format ISO 3166-1 alpha-2. For example: `ES`. Only applicable for person entity type. |
| `document_number` | string | No | Document number of the person to be screened. Only applicable for person entity type. |
| `aml_score_approve_threshold` | number | No | Score threshold below which hits are auto-approved (0-100). Hits with match scores below this threshold will be marked as approved. Default: 86. |
| `aml_score_review_threshold` | number | No | Score threshold above which hits are auto-declined (0-100). Hits with match scores above this threshold will be declined. Scores between approve and review thresholds require manual review. Default: 100. |
| `aml_name_weight` | integer | No | Weight for name similarity in match score calculation (0-100). The sum of aml_name_weight + aml_dob_weight + aml_country_weight must equal 100. Default: 60. |
| `aml_dob_weight` | integer | No | Weight for date of birth in match score calculation (0-100). The sum of aml_name_weight + aml_dob_weight + aml_country_weight must equal 100. Default: 25. |
| `aml_country_weight` | integer | No | Weight for country/nationality in match score calculation (0-100). The sum of aml_name_weight + aml_dob_weight + aml_country_weight must equal 100. Default: 15. |
| `aml_match_score_threshold` | integer | No | Match score threshold (0-100) that determines if a hit is a False Positive or Unreviewed (Possible Match). Hits with match_score below this are marked as 'False Positive' and excluded from risk assessment. Hits at or above are 'Unreviewed' (Possible Match). Default: 93. |
| `include_adverse_media` | boolean | No | Wheter to include adverse media in the screening. If included, the request will take approximately 10 seconds. |
| `include_ongoing_monitoring` | boolean | No | Whether to include ongoing monitoring in the screening. If included, the save_api_request must be included as well, otherwise it will raise an error. |
| `save_api_request` | boolean | No | Whether to save this API request. If true, then it will appear on the `Manual Checks` section in the Business Console. |
| `vendor_data` | string | No | A unique identifier for the vendor or user, such as a UUID or email. This field enables proper session tracking and user data aggregation across multiple verification sessions. |

```bash
curl -X POST 'https://api.orth.sh/v1/run' \
  -H 'Authorization: Bearer $ORTHOGONAL_API_KEY' \
  -H 'Content-Type: application/json' \
  -d '{"api":"didit","path":"/v3/aml","body":{"full_name":"<string>","entity_type":"<string>","date_of_birth":"<string>","nationality":"<string>","document_number":"<string>","aml_score_approve_threshold":"<number>","aml_score_review_threshold":"<number>","aml_name_weight":"<integer>","aml_dob_weight":"<integer>","aml_country_weight":"<integer>","aml_match_score_threshold":"<integer>","include_adverse_media":"<boolean>","include_ongoing_monitoring":"<boolean>","save_api_request":"<boolean>","vendor_data":"<string>"}}'
```

### Send Email Code

Send a one-time verification code to an email address.

`POST /v3/email/send`

**Estimated cost:** $0.04

**Docs:** https://docs.didit.me/reference/send-email-verification-code-api

| Field | Type | Required | Description |
|-------|------|----------|-------------|
| `email` | string | Yes | Email address to verify |
| `options` | object | No | Options object with code_size (4-8, default 6) and locale (e.g. en-US) |
| `signals` | object | No | Fraud detection signals: ip, device_id, user_agent |
| `vendor_data` | string | No | Unique identifier for vendor/user (UUID or email) for session tracking |

```bash
curl -X POST 'https://api.orth.sh/v1/run' \
  -H 'Authorization: Bearer $ORTHOGONAL_API_KEY' \
  -H 'Content-Type: application/json' \
  -d '{"api":"didit","path":"/v3/email/send","body":{"email":"<string>","options":"<object>","signals":"<object>","vendor_data":"<string>"}}'
```

### Send Phone Code

Send a one-time verification code to a phone number.

`POST /v3/phone/send`

**Estimated cost:** $0.3

**Docs:** https://docs.didit.me/reference/send-phone-verification-code-api

| Field | Type | Required | Description |
|-------|------|----------|-------------|
| `phone_number` | string | Yes | Phone number in E.164 format (e.g. +14155552671) |
| `options` | object | No | Options object with code_size (4-8, default 6), locale (e.g. en-US), preferred_channel (sms/whatsapp/telegram/voice, default whatsapp) |
| `signals` | object | No | Fraud detection signals: ip, device_id, device_platform (android/ios/ipados/tvos/web), device_model, os_version, app_version, user_agent |
| `vendor_data` | string | No | Unique identifier for vendor/user (UUID or email) for session tracking |

```bash
curl -X POST 'https://api.orth.sh/v1/run' \
  -H 'Authorization: Bearer $ORTHOGONAL_API_KEY' \
  -H 'Content-Type: application/json' \
  -d '{"api":"didit","path":"/v3/phone/send","body":{"phone_number":"<string>","options":"<object>","signals":"<object>","vendor_data":"<string>"}}'
```

### Check Email Code

Verify a code sent to an email address.

`POST /v3/email/check`

**Cost:** Free

**Docs:** https://docs.didit.me/reference/check-email-verification-code-api

| Field | Type | Required | Description |
|-------|------|----------|-------------|
| `email` | string | Yes | Email address to verify |
| `code` | string | Yes | Verification code (4-8 characters) |
| `duplicated_email_action` | string | No | Action for duplicated emails: NO_ACTION (default) or DECLINE |
| `breached_email_action` | string | No | Action for breached emails: NO_ACTION (default) or DECLINE |
| `disposable_email_action` | string | No | Action for disposable emails: NO_ACTION (default) or DECLINE |
| `undeliverable_email_action` | string | No | Action for undeliverable emails: NO_ACTION (default) or DECLINE |

```bash
curl -X POST 'https://api.orth.sh/v1/run' \
  -H 'Authorization: Bearer $ORTHOGONAL_API_KEY' \
  -H 'Content-Type: application/json' \
  -d '{"api":"didit","path":"/v3/email/check","body":{"email":"<string>","code":"<string>","duplicated_email_action":"<string>","breached_email_action":"<string>","disposable_email_action":"<string>","undeliverable_email_action":"<string>"}}'
```

### Database Validation API

Validate user-provided identity data against authoritative national and global data sources.

`POST /v3/database-validation`

**Estimated cost:** $0.31

**Docs:** https://docs.didit.me/reference/database-validation-api

| Field | Type | Required | Description |
|-------|------|----------|-------------|
| `issuing_state` | string | Yes | ISO 3166-1 alpha-3 country code. Valid: ARG, BOL, BRA, CHL, COL, CRI, DOM, ECU, ESP, GTM, HND, MEX, PAN, PER, PRY, SLV, URY, VEN |
| `validation_type` | string | Yes | Validation type: one_by_one or two_by_two |
| `identification_number` | string | Yes | Universal ID field - auto-maps to country-specific format |
| `document_type` | string | No | Document type: P (Passport), DL (Driver License), ID (National ID), RP (Residence Permit). Required for some countries. |
| `expiration_date` | string | No | Document expiration date YYYY-MM-DD. Required for some countries (e.g. ESP). |
| `first_name` | string | No | First name |
| `last_name` | string | No | Last name |
| `date_of_birth` | string | No | Date of birth YYYY-MM-DD |
| `nationality` | string | No | ISO 3166-1 alpha-3 nationality code |
| `address` | string | No | Residential address |

```bash
curl -X POST 'https://api.orth.sh/v1/run' \
  -H 'Authorization: Bearer $ORTHOGONAL_API_KEY' \
  -H 'Content-Type: application/json' \
  -d '{"api":"didit","path":"/v3/database-validation","body":{"issuing_state":"<string>","validation_type":"<string>","identification_number":"<string>","document_type":"<string>","expiration_date":"<string>","first_name":"<string>","last_name":"<string>","date_of_birth":"<string>","nationality":"<string>","address":"<string>"}}'
```

### Check Phone Code

Verify a one-time code sent to a phone number. Maximum of three verification attempts per code.

`POST /v3/phone/check`

**Cost:** Free

**Docs:** https://docs.didit.me/reference/check-phone-verification-code-api-1

| Field | Type | Required | Description |
|-------|------|----------|-------------|
| `phone_number` | string | Yes | Phone number in E.164 format (e.g. +14155552671) |
| `code` | string | Yes | Verification code (4-8 characters) |
| `duplicated_phone_number_action` | string | No | Action for duplicated numbers: NO_ACTION (default) or DECLINE |
| `disposable_number_action` | string | No | Action for disposable numbers: NO_ACTION (default) or DECLINE |
| `voip_number_action` | string | No | Action for VoIP numbers: NO_ACTION (default) or DECLINE |

```bash
curl -X POST 'https://api.orth.sh/v1/run' \
  -H 'Authorization: Bearer $ORTHOGONAL_API_KEY' \
  -H 'Content-Type: application/json' \
  -d '{"api":"didit","path":"/v3/phone/check","body":{"phone_number":"<string>","code":"<string>","duplicated_phone_number_action":"<string>","disposable_number_action":"<string>","voip_number_action":"<string>"}}'
```

---

Full details and an interactive quickstart: https://orthogonal.com/discover/didit