Concepts
| Type | Description |
|---|---|
| Blocklist | System-created, one per entry type. Items in a blocklist cause automatic decline during verification or transaction screening. |
| Allowlist | User-created. Used in workflow conditions and to suppress duplicate/reuse actions for trusted matching items. |
| Custom | User-created. Flexible lists for workflow branching, monitoring rules, or manual review. |
Entry types
| Entry type | Checked during | On match |
|---|---|---|
face | Liveness verification | Session declined |
document | ID verification (OCR) | Session declined |
phone | Phone verification | Session declined |
email | Email verification | Session declined |
ip_address | Device & IP Analysis (supports CIDR ranges) | Session declined |
device_fingerprint | Device & IP Analysis | Session declined |
wallet_address | Transaction screening | Transaction declined |
bank_account | Transaction screening | Transaction declined |
user | Transaction screening | User blocked |
business | Transaction screening | Business blocked |
country | Workflow conditions | Configurable |
key | Custom use | Configurable |
Allowlists
Allowlists do not override blocklists or authenticity checks. They only suppress duplicate/reuse actions for the same entry type. For example, a face in a face allowlist can skip theDUPLICATED_FACE action, an IP in an IP allowlist can skip the DUPLICATED_IP_ADDRESS action, and a device fingerprint in a device allowlist can skip the DUPLICATED_DEVICE_FINGERPRINT action. Didit still records an informational allowlist warning so you can audit why the duplicate action did not run.
System blocklists
Every application automatically gets 10 system blocklists (one per supported entry type). These cannot be deleted or renamed. You can add entries to them via the API or from the console.Traceability
Every blocklist entry can be linked back to its source entity so you can navigate from the list to the original record:- From a session — pass
reference_session_idwhen creating an entry. Didit auto-extracts the value (face, document, phone, email, IP, or device), marks the underlying model as blocklisted, and links the entry back to the session. If the session has multiple instances of the same type, also passvalueto disambiguate. - From a transaction, user, or business — pass
reference_object_uuidwith the entity’s UUID and includemetadata.reference_type("transaction","vendor_user", or"vendor_business") so the console can link back to the original record.
Endpoints
List all lists
Retrieve all lists for an application.
List entries
Retrieve entries in a list.
Create entry
Add a value to a blocklist — by value, session reference, or transaction reference.
Delete entry
Remove an entry and unblock the underlying entity.
Upload face
Upload a face image directly to a face blocklist.