> ## Documentation Index
> Fetch the complete documentation index at: https://docs.didit.me/llms.txt
> Use this file to discover all available pages before exploring further.

# WordPress + WooCommerce

> Add identity verification and age gating to WordPress and WooCommerce stores in minutes. No-code plugin, pay-per-call from $0.30, 500 free/month.

Add Didit identity verification and age gating to any WordPress site or WooCommerce store. The plugin works as a secure backend proxy — your API key stays on the server — and exposes shortcodes, a WooCommerce checkout gate, and developer hooks so you can drop verification in without writing JavaScript.

## Prerequisites

* WordPress 6.0 or higher
* PHP 7.4 or higher
* A [Didit Console](https://business.didit.me) account

## Step 1: Get your Didit credentials

1. Sign up or log in at **[business.didit.me](https://business.didit.me)**
2. Go to **API & Webhooks** and copy your **API Key**
3. Go to **Workflows**, create or select a workflow, and copy the **Workflow ID**

<Note>
  You can also copy the **UniLink URL** (click "Copy Link" on the workflow) if you want the simplest setup without API keys.
</Note>

## Step 2: Install the plugin

1. Download `didit-verify.zip` from the **[latest release](https://github.com/didit-protocol/plugin-wordpress/releases/latest)**
2. In your WordPress admin, go to **Plugins → Add New → Upload Plugin**
3. Choose the downloaded ZIP file and click **Install Now**
4. Click **Activate**

<Note>
  Once the plugin is approved on WordPress.org, you will also be able to install it directly by searching "Didit Verify" in **Plugins → Add New**.
</Note>

## Step 3: Configure the plugin

Go to **Settings → Didit Verify**.

### Choose your mode

| Mode                          | Best for       | What you need                           |
| ----------------------------- | -------------- | --------------------------------------- |
| **UniLink**                   | Quick testing  | Just the UniLink URL from your workflow |
| **API Session** (recommended) | Production use | Workflow ID + API Key                   |

**For UniLink:** Set Mode to "UniLink", paste your URL, and save.

**For API Session:** Set Mode to "API Session", enter your Workflow ID and API Key, and save.

<Note>
  The API key is stored securely on your server and never exposed to visitors.
</Note>

### Configure session options (API mode only)

These are optional settings that give you more control:

* **Vendor Data** — Links each verification to a specific user in your Didit dashboard, so you can track who verified. Default is WordPress User ID (e.g. `wp-42`). You can also choose User Email, a custom prefix, or disable it.
* **Callback URL** — A page on your site where users are redirected after verification. Didit appends `verificationSessionId` and `status` as query parameters.
* **Callback Method** — Which device handles the redirect: `initiator` (the device that started), `completer` (the device that finishes), or `both`.
* **Language** — Choose from 49 languages or let it auto-detect from the browser.

### Configure display options

* **Display Mode** — Modal (popup overlay) or Embedded (inline on the page)
* **Close Button** — Show or hide the X button on the modal
* **Exit Confirmation** — Show an "Are you sure?" dialog when closing
* **Auto-close** — Automatically close the modal when verification completes
* **Debug Logging** — Log SDK events to the browser console (for troubleshooting)

### Customize the button

Under **Button Appearance**, you can change:

* Button text and success text
* Background color and text color
* Border radius, padding, and font size

A live preview updates in real time as you change values.

## Step 4: Add verification to your site

### For WooCommerce stores

1. In **Settings → Didit Verify → WooCommerce**, check **Require identity verification at checkout**
2. Choose where the verification section appears:
   * Top of checkout page
   * After billing details
   * After order notes
   * Before "Place Order" (recommended)
3. Optionally enable **Send Billing Data** to auto-send the customer's name, email, phone, and address to Didit for pre-filling and cross-validation

<Note>
  Country codes are automatically converted from WooCommerce's alpha-2 format to Didit's required alpha-3 format.
</Note>

Customers must complete verification before they can place an order. The session ID is saved to the order metadata for audit purposes.

### For any WordPress page

Add this shortcode to any page or post:

```
[didit_verify]
```

A verification button will appear, styled with your Button Appearance settings.

You can override the text per page:

```
[didit_verify text="Verify Now" success_text="Done!"]
```

Or force embedded mode on a specific page:

```
[didit_verify mode="embedded"]
```

## Step 5: Restrict content to verified users (optional)

Show or hide content based on verification status:

```
[didit_gate]
This content is only visible to verified users.
[/didit_gate]
```

Unverified users see a message and a verification button. You can customize the message:

```
[didit_gate message="Please verify to continue."]Secret content here.[/didit_gate]
```

Show the user's verification status anywhere:

```
[didit_status]
```

Displays "Identity Verified" or "Not Verified" for the logged-in user.

## Checking verification status

| Where                  | How                                                                 |
| ---------------------- | ------------------------------------------------------------------- |
| **Admin panel**        | **Users → All Users** — a "Didit" column shows ✓ for verified users |
| **WooCommerce orders** | The Didit session ID appears in the order details                   |
| **Shortcode**          | `[didit_status]` displays the status on any page                    |

## Troubleshooting

| Issue                             | Solution                                                                                           |
| --------------------------------- | -------------------------------------------------------------------------------------------------- |
| "Creating session..." hangs       | Check that your Workflow ID and API Key are correct in **Settings → Didit Verify**                 |
| Modal doesn't open                | Make sure the page contains `[didit_verify]` or WooCommerce checkout verification is enabled       |
| Verification UI in wrong language | Change the **Language** setting in **Session Options**                                             |
| Need to debug                     | Enable **Debug Logging** in Display Options, then open the browser console (F12) to see SDK events |

## Security

The plugin acts as a secure backend proxy. Your API key never reaches the browser. Every session request is protected by:

1. **CSRF nonce** — requests must originate from your WordPress site
2. **Login requirement** — only registered users can create sessions (configurable)
3. **Rate limiting** — 10 sessions/hour per user, 3/hour per IP for guests
4. **Input sanitization** — all fields are whitelisted and sanitized server-side

***

## For developers

### PHP hooks

The plugin fires WordPress actions that other plugins or themes can hook into:

```php theme={null}
// When a user completes verification
add_action('didit_verification_completed', function ($user_id, $session_id, $status) {
    // Update CRM, send email, grant access, etc.
}, 10, 3);

// When a user cancels verification
add_action('didit_verification_cancelled', function ($user_id, $session_id) {
    // Log cancellation
}, 10, 2);

// When a session is created server-side
add_action('didit_session_created', function ($url, $user_id, $vendor_data) {
    // Log, notify, etc.
}, 10, 3);
```

### JavaScript event

A DOM event is dispatched when verification finishes:

```javascript theme={null}
document.addEventListener('didit:complete', function (e) {
    console.log('Result:', e.detail); // { type, session }
});
```

### Check verification in PHP

```php theme={null}
$is_verified = get_user_meta($user_id, '_didit_verified', true); // returns 1 if verified
```

## Resources

* [Plugin source code (GitHub)](https://github.com/didit-protocol/plugin-wordpress)
* [Didit API documentation](/)
* [Didit Console](https://business.didit.me)
* [Create Session API reference](/sessions-api/create-session)
