Photo enroll API

Photo enroll requires two sequential processes to enroll new users from trusted photo ID documents:

  1. Enroll an existing trusted photo or an image captured from a document.

  2. Complete a face verification using iProov's Genuine Presence Assurance® (GPA) or Liveness Assurance™ (LA).

Implementation sequence

Photo enroll requires the following implementation sequence:

  1. Generate a photo enroll token.

  2. Enroll the trusted image.

  3. Generate a verification token.

  4. Launch the client SDK with the token.

  5. Validate the token once the user journey has been completed.

Important

  • The generated user_id must be stored for validation, audit trail, and future verification.

  • iProov recommends storing tokens with user records to help investigate and troubleshoot problems.

Use cases

The following use cases are applicable:

  • A11

  • A12

  • A13

Image requirements

Photo enroll has the following image requirements:

  • Supported media types: PNG, JPEG, and JP2

  • Max image size: 2 MB

  • The image should conform to: ISO/IEC 19794 Information technology — Biometric data interchange formats — Part 5 Face image data (supporting ICAO 9303 passports and ISO 18013 Driving Licences): https://www.iso.org/standard/38749.html

  • Minimum distance between the eyes: 85 pixels

Image source options

Capture type Image source option Description
Electronic ID eid

The image is obtained from a Near-field communication (NFC) enabled document chip, for example, ICAO 9303 Machine Readable Travel Documents (MTRDs) such as passports.
Optical ID oid

The image is obtained from an Optical Character Recognition (OCR) process that captures the photo present on government issued ID documents.
Face or liveness verification selfie An existing trusted image that you have for the user.

Implement the API calls

Use this sequence of API calls to implement photo enroll:





  1. Generate and store a user_id that conforms to this regex:

    [a-zA-Z0-9'\+_@\.-]{1,256}

  2. Obtain a trusted photo of the user's cropped photo image

    from one of the following verified sources:

    • OCR procedure

    • NFC chip, for example, Data Group 2 in a passport.

    • Existing trusted photo or face/liveness verification, see image requirements.

  3. Generate a photo enroll token: POST /claim/enrol/token

  4. Enroll the trusted image: POST /claim/enrol/image

  5. Generate a verification token in response: POST /claim/verify/token

    The user_id must be the same as the one you generated in step 1.

  6. Launch the client SDK using the token from the previous step.

    The user is guided through the journey using GPA or LA.

  7. Validate the token: POST /claim/verify/validate

    You will receive one of these GPA or LA outcomes and the failure reason where appropriate: true , false

Important

You must store the outcome with your user record. You cannot make subsequent calls to this endpoint with this user_id and token combination.

Next step

Capture enrol API