didit-email-verification
Integrate Didit Email Verification standalone API to verify email addresses via OTP. Use when the user wants to verify emails, send email OTP codes, check email verification codes, detect breached or disposable emails, check if an email is undeliverable, or implement email-based identity verification using Didit. Supports fraud signals (IP, device, user agent), configurable code length, alphanumeric codes, and policy-based auto-decline for risky emails.
Why use this skill?
Securely integrate Didit email verification with OpenClaw. Detect breached accounts, prevent disposable emails, and manage OTP flows for your AI agents.
Install via CLI (Recommended)
clawhub install openclaw/skills/skills/rosasalberto/didit-email-verificationWhat This Skill Does
The didit-email-verification skill provides a robust, professional-grade interface to the Didit Email Verification API. This skill acts as an intermediary for implementing secure, two-step email identity verification. By leveraging Didit’s infrastructure, the skill enables developers and agents to send time-sensitive one-time passwords (OTP) to user email addresses and validate the codes entered by those users. Beyond simple verification, the skill provides critical security layers, including the detection of compromised (breached) email addresses, identification of temporary or disposable email providers, and analysis of risk signals based on IP addresses, device IDs, and user agents. This ensures that only legitimate, verifiable users gain access to sensitive areas of your application or platform.
Installation
To integrate this skill into your OpenClaw environment, execute the following command in your terminal or via the OpenClaw management console:
clawhub install openclaw/skills/skills/rosasalberto/didit-email-verification
Once installed, ensure you have obtained your API key from the Didit Business Console. Provide the x-api-key in your environment configuration to enable secure authentication with the Didit servers.
Use Cases
- User Onboarding: Enforce email verification for new account registrations to ensure ownership and prevent bot sign-ups.
- Risk-Based Access Control: Trigger verification for high-risk actions, such as changing account credentials or modifying billing information.
- Fraud Prevention: Screen users against known breached databases and disposable email providers to minimize platform spam.
- Password Recovery: Safely verify user identity during account recovery flows using OTP tokens.
Example Prompts
- "Verify the user email '[email protected]' by sending a 6-digit alphanumeric OTP and log the device IP for fraud analysis."
- "Can you check if the verification code '554321' provided by the user is valid for the email '[email protected]'?"
- "Check if '[email protected]' is a disposable email address and if it has been associated with any known data breaches before initiating the verification flow."
Tips & Limitations
- Code Expiration: Verification codes are only valid for 5 minutes. Always provide a clear UI message to the end-user to complete the process promptly.
- Retry Limits: You are restricted to 3 attempts per code and 2 resend requests per 24 hours. Design your application logic to handle these edge cases gracefully.
- Order of Operations: The API requires a strict flow. You must call the Send endpoint before attempting to Check a code, or the system will return an error stating the code is expired or not found.
- Security: Always protect your API key. Do not hardcode credentials in your source scripts; use environment variables instead.
Metadata
Not sure this is the right skill?
Describe what you want to build — we'll match you to the best skill from 16,000+ options.
Find the right skillPaste this into your clawhub.json to enable this plugin.
{
"plugins": {
"official-rosasalberto-didit-email-verification": {
"enabled": true,
"auto_update": true
}
}
}Tags(AI)
Flags: external-api
Related Skills
didit-proof-of-address
Integrate Didit Proof of Address standalone API to verify address documents. Use when the user wants to verify a proof of address, validate utility bills, bank statements, government documents, extract address from documents, verify residential address, implement address verification, or perform PoA checks using Didit. Supports OCR extraction, geocoding, name matching, and multi-page documents.
didit-aml-screening
Integrate Didit AML Screening standalone API to screen individuals or companies against global watchlists. Use when the user wants to perform AML checks, screen against sanctions lists, check PEP status, detect adverse media, implement KYC/AML compliance, screen against OFAC/UN/EU watchlists, calculate risk scores, or perform anti-money laundering screening using Didit. Supports 1300+ databases, fuzzy name matching, configurable scoring weights, and continuous monitoring.
didit-age-estimation
Integrate Didit Age Estimation standalone API to estimate a person's age from a facial image. Use when the user wants to estimate age, verify age, implement age gating, check if someone is over 18/21, perform age verification for compliance, or use facial analysis for age detection using Didit. Includes passive liveness check. Supports configurable thresholds, adaptive age estimation with ID verification fallback, and per-country age restrictions.
didit-passive-liveness
Integrate Didit Passive Liveness standalone API to verify a user is physically present. Use when the user wants to check liveness, detect spoofing attempts, verify real person presence, implement anti-spoofing, or perform passive liveness detection using Didit. Analyzes a single image without user interaction. Returns liveness score, face quality, and luminance metrics. Detects presentation attacks and duplicate faces.
didit-phone-verification
Integrate Didit Phone Verification standalone API to verify phone numbers via OTP. Use when the user wants to verify phones, send SMS or WhatsApp or Telegram codes, check phone verification codes, detect disposable or VoIP numbers, or implement phone-based identity verification using Didit. Supports multiple delivery channels (SMS, WhatsApp, Telegram, voice), fraud signals, and policy-based auto-decline.