Get Webhook Configuration

curl --request GET \
  --url https://verification.didit.me/v3/webhook/ \
  --header 'x-api-key: <api-key>'

{
  "webhook_url": "https://myapp.com/webhooks/didit",
  "webhook_version": "v3",
  "secret_shared_key": "whsec_a1b2c3d4e5f6g7h8i9j0...",
  "capture_method": "both",
  "data_retention_months": null
}

GET

webhook

curl --request GET \
  --url https://verification.didit.me/v3/webhook/ \
  --header 'x-api-key: <api-key>'

{
  "webhook_url": "https://myapp.com/webhooks/didit",
  "webhook_version": "v3",
  "secret_shared_key": "whsec_a1b2c3d4e5f6g7h8i9j0...",
  "capture_method": "both",
  "data_retention_months": null
}

Authorizations

x-api-key

string

header

required

Response

200 - application/json

Webhook configuration.

webhook_url

string | null

URL where webhook notifications are sent. Null if not configured.

webhook_version

enum<string>

Webhook payload version. v3 recommended.

Available options:

v1,

v2,

v3

secret_shared_key

string

HMAC secret for verifying webhook signatures. Use this to validate that webhooks come from Didit.

capture_method

enum<string>

Allowed capture method for verification sessions.

Available options:

mobile,

desktop,

both

data_retention_months

integer | null

Months to retain session data. Null = unlimited.

Create Session Review Update Webhook Configuration

Overview

Sessions

Blocklist

Workflows

Questionnaires

Users

Session Operations

Webhook

Billing

Management API Overview

Auth API (Programmatic)

Identity & Documents

Biometrics & Face

Compliance & Risk

Email Verification

Phone Verification

Get Webhook Configuration

Authorizations

Response