Verify Web API
GET /verify
Performs a one-to-one comparison of the uploaded samples with a stored biometric template in order to verify whether the individual is the person he or she claims to be.
The samples to be verified are those that have previously uploaded (see Upload Web API) using the same token that has been used for the authorization of this call. These samples are fetched from the BWS storage (and removed from the storage, so that they cannot be used for any other purpose), sent to the live data detection procedure and finally, if the liveness detection determined that the given data is live data (or liveness detection is disabled) transferred to the verification procedure. In case that the verification succeeds and auto-enrollment is selected in the token an additional automatic enrollment is invoked using these samples.
Request Information
Parameters
livedetection | Optional, defaults to the setting in the BWS Token. A boolean parameter to explicitly switch on live data detection. When set to No live data detection will be performed if the token does not require liveness detection and this flag is set to |
---|
Authentication
This API call requires BWS Token Authentication, i.e. you have to provide an HTTP authorization header using the authorization method Bearer (for compatibility issues you can also use the JWT identifier) and a previously issued BWS token, which can be requested using the Token Web API.
Response Information
The Verify Web API returns a VerifyResult
object that contains the flag Success, which shows, whether the verification succeeded or not, i.e. whether the identity of the person has been approved or not. In case that the verification failed (i.e. Success is set to false
) an Error is reported:
null (i.e no error) | The user has not been recognized. |
---|---|
LiveDetectionFailed | The submitted samples do not prove that they are recorded from a live person. |
ChallengeResponseFailed | The submitted samples do not prove that they are recorded from a live person as they do not fulfill the challenge-response criteria. |
NoTemplateAvailable | The user has not yet been enrolled. |
NotEnoughSamples | Not enough valid samples have been provided. |
ExecutionOfJobTimedOut | Server seems to be too busy. |
Response Body Format
Successful VerifyResult Sample: { "Success": true, } Failed VerifyResult Sample: { "Success": false, "Error": "LiveDetectionFailed" }
Response HTTP Status Codes
The call returns one of the standard HTTP status codes. With the success code (200) you receive the VerifyResult
object in the body text. With erroneous codes you typically get a Message field within the body text describing the error. The most commonly returned codes are:
200 OK | The response body contains the VerifyResult object. |
---|---|
400 Bad Request | No samples have been uploaded. |
401 Unauthorized | No or an invalid authentication header has been specified. This call requires JWT Bearer Token Authentication. If a BWS token has been passed, this error typically indicates that the token has expired. |
403 Forbidden | The number of allowed verification attempts with this token has been exceeded. |
500 Internal Server Error | A server side exception occurred. |
Sample Code
private static async Task<bool> VerifyAsync(string bwsToken) { using (var client = new HttpClient()) { client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", bwsToken); using (var response = await client.GetAsync(ENDPOINT + $"verify")) { Console.Write("Verification response... "); if (response.StatusCode == HttpStatusCode.OK) { string result = await response.Content.ReadAsStringAsync(); var json = JObject.Parse(result); bool success = (bool)json["Success"]; Console.Write("Success: " + success); if (!success) { // read out the error string error = (string)json["Error"]; Console.WriteLine(" - Error: " + error); } return success; } Console.WriteLine(response.StatusCode.ToString()); return false; } } }
For a complete sample refer to the walkthrough.
jQuery.ajax({ url: "https://bws.bioid.com/extension/verify", type: "GET", headers: { "Authorization": "Bearer " + token, }, }).done(function(data, textStatus, jqXHR) { if (data.Success) { console.log("verification succeeded"); } else { console.log("verification failed", data.Error); } });
See also: method performTask in bws.capture.js, which is part of the BWS unified user interface.
// using OkHttpClient from the OkHttp library Request request = new Request.Builder() .url("https://bws.bioid.com/extension/verify") .addHeader("Authorization", "Bearer " + token) .build(); OkHttpClient client = new OkHttpClient(); Response response = client.newCall(request).execute(); if (response.code() == 200) { // using org.json.JSONObject from JSON-java library JSONObject json = new JSONObject(response.body().string()); if (json.getBoolean("Success")) { System.out.println("verification succeeded"); } else { System.out.println("verification failed: " + json.getString("Error")); } }