Skip to main content
POST
/
v3
/
session
/
{sessionId}
/
share
Generate a share token for a User Verification (KYC) or Business Verification (KYB) session
curl --request POST \
  --url https://verification.didit.me/v3/session/{sessionId}/share/ \
  --header 'Content-Type: application/json' \
  --header 'x-api-key: <api-key>' \
  --data '
{
  "for_application_id": "<string>",
  "ttl_in_seconds": "3600"
}
'
{
  "share_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzZXNzaW9uX2lkIjoiMjBiYjNjM2ItNjE0Ni00MzlmLTg0YTQtYmQzMGQwMGFjNmEyIiwiZnJvbV9hcHBsaWNhdGlvbl9pZCI6ImRiZDIwZTM0LTQyZTktNGYyYy1iYTkxLWNmMDc2MjAxNmY2NCIsImZvcl9hcHBsaWNhdGlvbl9pZCI6ImE1ZjNiY2EyLTQ2ZTItNDExZS05MGVmLWE1ODA5MDBhNTdlZSIsImlhdCI6MTc1MzYzMDY2NiwiZXhwIjoxNzUzNjM0MjY2fQ.JJ9pNE_hqZsOtbR0XYZIWw4JzidjdEl279iUrsIkhGE",
  "for_application_id": "a5f3bca2-46e2-411e-90ef-a580900a57ee"
}

Documentation Index

Fetch the complete documentation index at: https://docs.didit.me/llms.txt

Use this file to discover all available pages before exploring further.

Session kind

Works for both User Verification (KYC) and Business Verification (KYB) sessions. Didit looks up the session_id in both tables and generates a JWT share token that includes: 
{
  "session_id": "...",
  "session_kind": "user" | "business",
  "from_application_id": "...",
  "for_application_id": "...",
  "iat": ...,
  "exp": ...
}
When the receiving partner imports the token, Didit clones the corresponding kind of session (KYC or KYB) with its relations.

Requirements

  • Session must be in a finished status (APPROVED, DECLINED, IN_REVIEW).
  • You must have the write:sessions privilege.
  • The for_application_id must be a valid Didit application (usually a partner’s application).

Examples

curl -X POST https://verification.didit.me/v3/session/4c5c7f3a-.../share/ \
  -H "x-api-key: YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "for_application_id": "partner-app-uuid",
    "ttl_in_seconds": 3600
  }'
Response:
{
  "share_token": "eyJhbGciOiJIUzI1NiJ9...",
  "for_application_id": "partner-app-uuid",
  "session_kind": "user"
}

TTL bounds

ParameterMinMaxDefault
ttl_in_seconds60864003600

Authorizations

x-api-key
string
header
required

Path Parameters

sessionId
string
required

Body

application/json
for_application_id
string
required

The application ID to share the session with. You can find this in the settings of your application in the Business Console.

ttl_in_seconds
integer
default:3600

The time to live for the share token in seconds. Minimum 60 seconds, maximum 86400 seconds (24 hours).

Response