Enroll Web API

GET /enroll

Performs a biometric enrollment (or training) of the user with the uploaded samples that are associated with the token provided for authorization.

The Biometric Class ID (BCID) of the user to be enrolled is specified by the BWS token and the samples to be enrolled are those that have previously uploaded (see Upload Web API) using the same token that has been used for the authorization of this call.

The samples are fetched from the BWS storage (and removed from the storage so that they cannot be used for any other purpose), sent to the live data detection procedure and finally, if the liveness detection determined that the given data is live data (or liveness detection is switched off), transferred to the enrollment procedure.

Request Information



Optional, defaults to the setting in the BWS Token. A boolean parameter to explicitly switch on live data detection.

When set to true or when the provided BWS token requires liveness detection, the operation typically fails as soon as it cannot undoubtedly determine that the given data is live data. Note that for liveness detection to work, at least two face- or periocular-samples need to be uploaded.

No live data detection will be performed if the token does not require liveness detection and this flag is set to false (the default).


This API call requires BWS Token Authentication, i.e. you have to provide an HTTP authorization header using the authorization method Bearer (for compatibility issues you can also use the JWT identifier) and a previously issued BWS token, which can be requested using the Token Web API.

Response Information

The Enroll Web API returns an EnrollResult object, that contains the flag Success, which indicates, whether the enrollment succeeded or not. In case that the enrollment failed, an Error is reported:

LiveDetectionFailedThe submitted samples do not prove that they are recorded from a live person.
ChallengeResponseFailedThe submitted samples do not prove that they are recorded from a live person as they do not fulfill the challenge-response criteria.
NotEnoughSamplesNot enough valid samples have been provided.
ExecutionOfJobTimedOutServer seems to be too busy.

Response Body Format

application/json, text/json
Successful EnrollResult Sample:
  "Success": true,

Failed EnrollResult Sample:
  "Success": false, 
  "Error": "LiveDetectionFailed"

Response HTTP Status Codes

The call returns one of the standard HTTP status codes. With the success code (200) you receive the described EnrollResult object in the body text. With erroneous codes you typically get a Message field within the body text describing the error. The most commonly returned codes are:

200 OKThe response body contains the EnrollResult object.
400 Bad RequestNo samples have been uploaded.
401 UnauthorizedNo or an invalid authentication header has been specified. This call requires JWT Bearer Token Authentication. If a BWS token has been passed, this error typically indicates that the token has expired.
403 ForbiddenThe provided token does not allow enrollment or the number of allowed enrollment attempts with this token is already exceeded.
500 Internal Server ErrorA server side exception occurred.

Sample Code

private static async Task<bool> EnrollAsync(string bwsToken)
	using (var client = new HttpClient())
		client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", bwsToken);
		using (var response = await client.GetAsync(ENDPOINT + $"enroll"))
			Console.Write("Enrollment response... ");
			if (response.StatusCode == HttpStatusCode.OK)
				string result = await response.Content.ReadAsStringAsync();
				var json = JObject.Parse(result);
				bool success = (bool)json["Success"];
				Console.Write("Success: " + success);

				if (!success)
					// read out the error
					string error = (string)json["Error"];
					Console.WriteLine(" - Error: " + error);
				return success;

			return false;

For a complete sample refer to the walkthrough.

    url: "https://bws.bioid.com/extension/enroll",
    type: "GET",
    headers: {
        "Authorization": "Bearer " + token,
}).done(function(data, textStatus, jqXHR) {
    if (data.Success) {
    	console.log('enrollment succeeded');
  	} else {
	    console.log('enrollment failed', data.Error);

See also: method performTask in bws.capture.js, which is part of the BWS unified user interface.

// using OkHttpClient from the OkHttp library
Request request = new Request.Builder()
        .addHeader("Authorization", "Bearer " + token)
OkHttpClient client = new OkHttpClient();
Response response = client.newCall(request).execute();
if (response.code() == 200) {
    // using org.json.JSONObject from JSON-java library
    JSONObject json = new JSONObject(response.body().string());
    if (json.getBoolean("Success")) {
        System.out.println("enrollment succeeded");
    } else {
        System.out.println("enrollment failed: " + json.getString("Error"));