Skip to content

Face Authentication

Manage the face authentication sessions that are used to securely verify the identity of your customers by biometrically matching a selfie to a known image of the user.

Download OpenAPI description
face-auth.openapi.json
face-auth.openapi.yaml
Overview
Languages
Servers
Sandbox environment
https://api.sbx.transmitsecurity.io/verify
Production environment (US)
https://api.transmitsecurity.io/verify
Production environment (EU)
https://api.eu.transmitsecurity.io/verify
Production environment (CA)
https://api.ca.transmitsecurity.io/verify
Production environment (AU)
https://api.au.transmitsecurity.io/verify

Create session

Request

Creates a new face authentication session that will provide a secure context to the process. It returns a device session ID that will be used when initiating the authentication process from the client side. This should be called from the backend.

Security
verify_access_token
Bodyapplication/jsonrequired
referenceobjectrequired
One of:

Contains the reference image itself

reference.​typestringrequired
Value"raw"
reference.​contentstringrequired

The content of the image, as a base64 string. To get optimal results, the image resolution should be HD to FHD ( ~1900 X 1000).

reference.​formatstringrequired

The data format of the image. Currently, only jpg is supported

use_casestring

Use case for the face authentication flow. Will be used in the future for per use case configurations.

Default "login"
Enum"login""credentials-recovery""step-up"
curl -i -X POST \
  https://api.sbx.transmitsecurity.io/verify/api/v1/face-auth \
  -H 'Authorization: Bearer <YOUR_jwt_HERE>' \
  -H 'Content-Type: application/json' \
  -d '{
    "reference": {
      "type": "raw",
      "content": "string",
      "format": "string"
    },
    "use_case": "login"
  }'

Responses

Bodyapplication/json
session_idstringrequired

Identifier for the created session

device_session_idstringrequired

Identifier for the created device session (also referred to as DSID). This must be used by the client when initiating the face authentication session in order to bind the device to the session.

Response
application/json
{
  "session_id": "string",
  "device_session_id": "string"
}

Get result

Request

Retrieves the result of the face authentication session, which indicates if the user-provided selfie matches the reference image. This should be called from the backend.

Security
verify_access_token
Path
dsidanyrequired
curl -i -X GET \
  'https://api.sbx.transmitsecurity.io/verify/api/v1/face-auth/{sid}/result' \
  -H 'Authorization: Bearer <YOUR_jwt_HERE>'

Responses

Bodyapplication/json
statusstringrequired

The status of the session

Enum"pending""capturing""processing""complete"
recommendationstring

The recommendation for the session. This is based on our level of confidence that the user-provided image matches the reference image

Enum"ALLOW""CHALLENGE""DENY"
Response
application/json
{
  "status": "pending",
  "recommendation": "ALLOW"
}