Verification Levels: Dynamic and Express Liveness
Every OIDC Web login includes a liveness check. Two levels are available. Your application selects a level per request through the scope it sends:
| Level | Scope | What it does | acr value returned |
|---|---|---|---|
| Dynamic Liveness | faceauth_dynamic_only | iProov's flagship Genuine Presence Assurance: a short, screen-illuminated face scan that defeats photos, videos, masks, deepfakes, and injected imagery. Use it for logins where impersonation must be ruled out. | face_present:iproov:gpa |
| Express Liveness | faceauth_express_only | A faster, lighter liveness check confirming a real human face. Use it for lower-risk, higher-frequency verifications. | face_present:iproov:la |
The ID token's acr claim carries the level that was actually performed, and amr contains face. Your application can therefore verify the assurance it received, rather than trusting that a token was issued.
Both scopes take the user straight to the in-browser verification page — the pure OIDC Web experience. Your application selects the level it needs on each request; the Integration & User Guide shows the exact request syntax.