Email Verification API - Didit Documentation

The Email Verification API provides a two-step flow: send a one-time code to an email address, then verify the code the user enters. The system also performs risk assessment including breach exposure, disposable provider detection, and deliverability checks.

Endpoints

Send Email Code

POST /v3/email/send/ — Send a one-time verification code to an email address.

Check Email Code

POST /v3/email/check/ — Verify the code and retrieve email risk data.

How it works

Call Send Email Code with the target email address
The user receives a 6-digit code (valid for 5 minutes)
Call Check Email Code with the email and code
Receive verification result plus risk signals (breach exposure, disposable provider, deliverability)

By default, standalone OTP emails use Didit branding. To use your application’s configured white-label sender and branding for a specific standalone email verification session, pass options.use_white_label_customization: true to POST /v3/email/send/. The default is false.

Risk signals

The check response includes:

Signal	Description
`is_breached`	Email found in known data breaches
`is_disposable`	Temporary/throwaway email provider
`is_undeliverable`	Address does not accept mail

For full response structure, see Email Verification Report.

KYB Registry Select Send Email Code

⌘I

​Endpoints

Send Email Code

Check Email Code

​How it works

​Risk signals

Endpoints

How it works

Risk signals