Skip to content

io.pilot.didit — Didit identity platform (KYC/AML/liveness) + no-broker self-signup#75

Merged
Alexgodoroja merged 2 commits into
mainfrom
submit/io.pilot.didit
Jul 7, 2026
Merged

io.pilot.didit — Didit identity platform (KYC/AML/liveness) + no-broker self-signup#75
Alexgodoroja merged 2 commits into
mainfrom
submit/io.pilot.didit

Conversation

@Alexgodoroja

Copy link
Copy Markdown
Collaborator

Summary

Adds io.pilot.didit — the full Didit identity-verification platform (KYC/ID, liveness, face match, AML, proof-of-address, database validation, email/phone OTP) over one HTTPS app — 39 methods + didit.help, byo auth (x-api-key), no broker.

To support it, adds a reusable scaffold feature: a no-broker signup route.

The signup scaffold feature

A byo HTTP app can now mint a per-user backend key with no Pilot broker, via a two-call email-keyed handshake:

  • didit.signup {email} → the backend emails the user a one-time code (register leg).
  • didit.verify {code} → the returned key is cached in $APP/secrets.json; every other method then authenticates automatically.

Keyed by the user's own email because identity providers suppress disposable mailboxes. Included:

  • SignupRoute (step: register|verify, url, key_path, secret_key) in the scaffold config + submission schema, with validation and a generated signup.go runtime.
  • Manifest grants fs.read+fs.write on secrets.json and net.dial to the auth host.
  • HTTP client resolves ${TOKEN} auth headers per request (HeaderFunc) so a key minted at runtime is picked up with no restart — the crux for a self-signup app whose key doesn't exist at boot.
  • Tests: config resolve/validation, manifest grants, submission validate + ToConfig, and a compile test of the generated signup project.

Validation

  • verify-submission passes across all 4 platforms.
  • Full scaffold + publish suites green.
  • Exercised end-to-end against live Didit: signup → verify (key minted + cached) → authenticated calls (billing_balance, create_workflow, create_session, get_decision, aml, workflows/sessions/users/questionnaires/blocklist/webhooks).
  • Installed from a signed catalogue → prod R2 bundle via a daemon and called through the app store.

Pricing is documented per-endpoint in the didit.help rate card; the image-upload APIs (direct ID scan, liveness, face match, face search, age, PoA) are documented and routed through the hosted-session flow.

Alex Godoroja and others added 2 commits July 7, 2026 15:50
Add a `signup:` method route so a byo HTTP app can mint a per-user backend
API key with NO Pilot broker: a two-call, email-keyed handshake
(register → the backend emails the user a one-time code → verify) that
caches the returned key in $APP/secrets.json, from which the byo ${TOKEN}
headers resolve it on every subsequent call.

Scaffold:
- SignupRoute (step register|verify, url, key_path, secret_key) in config +
  submission schema, with validation and a generated signup.go runtime.
- Manifest grants fs.read+fs.write on secrets.json and net.dial to the auth
  host(s) for a signup app.
- HTTP client resolves ${TOKEN} auth headers PER REQUEST (HeaderFunc) so a
  key minted at runtime is picked up without a restart — the crux for a
  self-signup app whose key does not exist at boot.
- Tests: config resolve/validation, manifest grants, submission validate +
  ToConfig, and a compile test of the generated signup project.

Submission io.pilot.didit: the full Didit identity platform over one HTTPS
app — 39 methods (signup/verify, workflows, hosted sessions, standalone AML
+ database validation, email/phone OTP, billing, blocklist, questionnaires,
users, webhooks) + didit.help, with per-endpoint pricing in the rate card.
byo auth (x-api-key), no broker. verify-submission passes on all 4 platforms.
@Alexgodoroja Alexgodoroja merged commit c600f3a into main Jul 7, 2026
7 checks passed
@Alexgodoroja Alexgodoroja deleted the submit/io.pilot.didit branch July 7, 2026 23:07
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant