Liveness Session Operations - Create Liveness With Verify Session

Create a new liveness session with verify. Client device submits VerifyImage during the /detectLivenessWithVerify/singleModal call.
A session is best for client device scenarios where developers want to authorize a client device to perform only a liveness detection without granting full access to their resource. Created sessions have a limited life span and only authorize clients to perform the desired action before access is expired.

Permissions includes...

    • Ability to call /detectLivenessWithVerify/singleModal for up to 3 retries.
    • A token lifetime of 10 minutes.

Note

    • Client access can be revoked by deleting the session using the Delete Liveness With Verify Session operation.
    • To retrieve a result, use the Get Liveness With Verify Session.
    • To audit the individual requests that a client has made to your resource, use the List Liveness With Verify Session Audit Entries.

Alternative Option: Client device submits VerifyImage during the /detectLivenessWithVerify/singleModal call.

Note

Extra measures should be taken to validate that the client is sending the expected VerifyImage.

POST {endpoint}/face/{apiVersion}/detectLivenessWithVerify/singleModal/sessions

URI Parameters

Name In Required Type Description
apiVersion
path True

string

API Version

endpoint
path True

string

uri

Supported Cognitive Services endpoints (protocol and hostname, for example: https://{resource-name}.cognitiveservices.azure.com).

Request Body

Name Required Type Description
livenessOperationMode True

LivenessOperationMode

Type of liveness mode the client should follow.

authTokenTimeToLiveInSeconds

integer

Seconds the session should last for. Range is 60 to 86400 seconds. Default value is 600.

deviceCorrelationId

string

Unique Guid per each end-user device. This is to provide rate limiting and anti-hammering. If 'deviceCorrelationIdSetInClient' is true in this request, this 'deviceCorrelationId' must be null.

deviceCorrelationIdSetInClient

boolean

Whether or not to allow client to set their own 'deviceCorrelationId' via the Vision SDK. Default is false, and 'deviceCorrelationId' must be set in this request body.

sendResultsToClient

boolean

Whether or not to allow a '200 - Success' response body to be sent to the client, which may be undesirable for security reasons. Default is false, clients will receive a '204 - NoContent' empty body response. Regardless of selection, calling Session GetResult will always contain a response body enabling business logic to be implemented.

Responses

Name Type Description
200 OK

CreateLivenessWithVerifySessionResult

A successful call create a session for a client device and provide an authorization token for use by the client application for a limited purpose and time.

Other Status Codes

FaceErrorResponse

An unexpected error response.

Headers

x-ms-error-code: string

Security

Ocp-Apim-Subscription-Key

The secret key for your Azure AI Face subscription.

Type: apiKey
In: header

AADToken

The Azure Active Directory OAuth2 Flow

Type: oauth2
Flow: accessCode
Authorization URL: https://api.example.com/oauth2/authorize
Token URL: https://api.example.com/oauth2/token

Scopes

Name Description
https://cognitiveservices.azure.com/.default

Examples

Create LivenessWithVerify Session

Sample request

POST {endpoint}/face/v1.1-preview.1/detectLivenessWithVerify/singleModal/sessions

{
  "livenessOperationMode": "Passive",
  "sendResultsToClient": true,
  "deviceCorrelationIdSetInClient": true,
  "deviceCorrelationId": "your_device_correlation_id",
  "authTokenTimeToLiveInSeconds": 60
}

Sample response

{
  "sessionId": "b12e033e-bda7-4b83-a211-e721c661f30e",
  "authToken": "eyJhbGciOiJFUzI1NiIsIm"
}

Definitions

Name Description
CreateLivenessWithVerifySessionJsonContent

Request for creating liveness with verify session.

CreateLivenessWithVerifySessionResult

Response of liveness session with verify creation with verify image provided.

FaceError

The error object. For comprehensive details on error codes and messages returned by the Face Service, please refer to the following link: https://aka.ms/face-error-codes-and-messages.

FaceErrorResponse

A response containing error details.

FaceRectangle

A rectangle within which a face can be found.

LivenessOperationMode

The liveness operation mode to drive the client's end-user experience.

LivenessWithVerifyImage

The detail of face for verification.

QualityForRecognition

Indicates quality of image for recognition.

CreateLivenessWithVerifySessionJsonContent

Request for creating liveness with verify session.

Name Type Default value Description
authTokenTimeToLiveInSeconds

integer

600

Seconds the session should last for. Range is 60 to 86400 seconds. Default value is 600.

deviceCorrelationId

string

Unique Guid per each end-user device. This is to provide rate limiting and anti-hammering. If 'deviceCorrelationIdSetInClient' is true in this request, this 'deviceCorrelationId' must be null.

deviceCorrelationIdSetInClient

boolean

Whether or not to allow client to set their own 'deviceCorrelationId' via the Vision SDK. Default is false, and 'deviceCorrelationId' must be set in this request body.

livenessOperationMode

LivenessOperationMode

Type of liveness mode the client should follow.

sendResultsToClient

boolean

Whether or not to allow a '200 - Success' response body to be sent to the client, which may be undesirable for security reasons. Default is false, clients will receive a '204 - NoContent' empty body response. Regardless of selection, calling Session GetResult will always contain a response body enabling business logic to be implemented.

CreateLivenessWithVerifySessionResult

Response of liveness session with verify creation with verify image provided.

Name Type Description
authToken

string

Bearer token to provide authentication for the Vision SDK running on a client application. This Bearer token has limited permissions to perform only the required action and expires after the TTL time. It is also auditable.

sessionId

string

The unique session ID of the created session. It will expire 48 hours after it was created or may be deleted sooner using the corresponding Session DELETE operation.

verifyImage

LivenessWithVerifyImage

The detail of face for verification.

FaceError

The error object. For comprehensive details on error codes and messages returned by the Face Service, please refer to the following link: https://aka.ms/face-error-codes-and-messages.

Name Type Description
code

string

One of a server-defined set of error codes.

message

string

A human-readable representation of the error.

FaceErrorResponse

A response containing error details.

Name Type Description
error

FaceError

The error object.

FaceRectangle

A rectangle within which a face can be found.

Name Type Description
height

integer

The height of the rectangle, in pixels.

left

integer

The distance from the left edge if the image to the left edge of the rectangle, in pixels.

top

integer

The distance from the top edge if the image to the top edge of the rectangle, in pixels.

width

integer

The width of the rectangle, in pixels.

LivenessOperationMode

The liveness operation mode to drive the client's end-user experience.

Name Type Description
Passive

string

Utilizes a passive liveness technique that requires no additional actions from the user. Requires normal indoor lighting and high screen brightness for optimal performance. And thus, this mode has a narrow operational envelope and will not be suitable for scenarios that requires the end-user's to be in bright lighting conditions. Note: this is the only supported mode for the Mobile (iOS and Android) solution.

PassiveActive

string

This mode utilizes a hybrid passive or active liveness technique that necessitates user cooperation. It is optimized to require active motion only under suboptimal lighting conditions. Unlike the passive mode, this mode has no lighting restrictions, and thus offering a broader operational envelope. This mode is preferable on Web based solutions due to the lack of automatic screen brightness control available on browsers which hinders the Passive mode's operational envelope on Web based solutions.

LivenessWithVerifyImage

The detail of face for verification.

Name Type Description
faceRectangle

FaceRectangle

The face region where the comparison image's classification was made.

qualityForRecognition

QualityForRecognition

Quality of face image for recognition.

QualityForRecognition

Indicates quality of image for recognition.

Name Type Description
high

string

High quality.

low

string

Low quality.

medium

string

Medium quality.