Liveness Session Operations - Create Liveness Session
Create a new detect liveness session.
A session is best for client device scenarios where developers want to authorize a client device to perform only a liveness detection without granting full access to their resource. Created sessions have a limited life span and only authorize clients to perform the desired action before access is expired.
Permissions includes...
-
- Ability to call /detectLiveness/singleModal for up to 3 retries.
- A token lifetime of 10 minutes.
Note
Client access can be revoked by deleting the session using the Delete Liveness Session operation. To retrieve a result, use the Get Liveness Session. To audit the individual requests that a client has made to your resource, use the List Liveness Session Audit Entries.
POST {endpoint}/face/{apiVersion}/detectLiveness/singleModal/sessionsURI Parameters
| Name | In | Required | Type | Description |
|---|---|---|---|---|
|
api
|
path | True |
string |
API Version |
|
endpoint
|
path | True |
string uri |
Supported Cognitive Services endpoints (protocol and hostname, for example: https://{resource-name}.cognitiveservices.azure.com). |
Request Body
| Name | Required | Type | Description |
|---|---|---|---|
| livenessOperationMode | True |
Type of liveness mode the client should follow. |
|
| authTokenTimeToLiveInSeconds |
integer |
Seconds the session should last for. Range is 60 to 86400 seconds. Default value is 600. |
|
| deviceCorrelationId |
string |
Unique Guid per each end-user device. This is to provide rate limiting and anti-hammering. If 'deviceCorrelationIdSetInClient' is true in this request, this 'deviceCorrelationId' must be null. |
|
| deviceCorrelationIdSetInClient |
boolean |
Whether or not to allow client to set their own 'deviceCorrelationId' via the Vision SDK. Default is false, and 'deviceCorrelationId' must be set in this request body. |
|
| sendResultsToClient |
boolean |
Whether or not to allow a '200 - Success' response body to be sent to the client, which may be undesirable for security reasons. Default is false, clients will receive a '204 - NoContent' empty body response. Regardless of selection, calling Session GetResult will always contain a response body enabling business logic to be implemented. |
Responses
| Name | Type | Description |
|---|---|---|
| 200 OK |
A successful call create a session for a client device and provide an authorization token for use by the client application for a limited purpose and time. |
|
| Other Status Codes |
An unexpected error response. Headers x-ms-error-code: string |
Security
Ocp-Apim-Subscription-Key
The secret key for your Azure AI Face subscription.
Type:
apiKey
In:
header
AADToken
The Azure Active Directory OAuth2 Flow
Type:
oauth2
Flow:
accessCode
Authorization URL:
https://api.example.com/oauth2/authorize
Token URL:
https://api.example.com/oauth2/token
Scopes
| Name | Description |
|---|---|
| https://cognitiveservices.azure.com/.default |
Examples
Create Liveness Session
Sample request
POST {endpoint}/face/v1.1-preview.1/detectLiveness/singleModal/sessions
{
"livenessOperationMode": "Passive",
"sendResultsToClient": true,
"deviceCorrelationIdSetInClient": true,
"deviceCorrelationId": "your_device_correlation_id",
"authTokenTimeToLiveInSeconds": 60
}
Sample response
{
"sessionId": "b12e033e-bda7-4b83-a211-e721c661f30e",
"authToken": "eyJhbGciOiJFUzI1NiIsIm"
}Definitions
| Name | Description |
|---|---|
|
Create |
Request for creating liveness session. |
|
Create |
Response of liveness session creation. |
|
Face |
The error object. For comprehensive details on error codes and messages returned by the Face Service, please refer to the following link: https://aka.ms/face-error-codes-and-messages. |
|
Face |
A response containing error details. |
|
Liveness |
The liveness operation mode to drive the client’s end-user experience. |
CreateLivenessSessionContent
Request for creating liveness session.
| Name | Type | Default value | Description |
|---|---|---|---|
| authTokenTimeToLiveInSeconds |
integer |
600 |
Seconds the session should last for. Range is 60 to 86400 seconds. Default value is 600. |
| deviceCorrelationId |
string |
Unique Guid per each end-user device. This is to provide rate limiting and anti-hammering. If 'deviceCorrelationIdSetInClient' is true in this request, this 'deviceCorrelationId' must be null. |
|
| deviceCorrelationIdSetInClient |
boolean |
Whether or not to allow client to set their own 'deviceCorrelationId' via the Vision SDK. Default is false, and 'deviceCorrelationId' must be set in this request body. |
|
| livenessOperationMode |
Type of liveness mode the client should follow. |
||
| sendResultsToClient |
boolean |
Whether or not to allow a '200 - Success' response body to be sent to the client, which may be undesirable for security reasons. Default is false, clients will receive a '204 - NoContent' empty body response. Regardless of selection, calling Session GetResult will always contain a response body enabling business logic to be implemented. |
CreateLivenessSessionResult
Response of liveness session creation.
| Name | Type | Description |
|---|---|---|
| authToken |
string |
Bearer token to provide authentication for the Vision SDK running on a client application. This Bearer token has limited permissions to perform only the required action and expires after the TTL time. It is also auditable. |
| sessionId |
string |
The unique session ID of the created session. It will expire 48 hours after it was created or may be deleted sooner using the corresponding Session DELETE operation. |
FaceError
The error object. For comprehensive details on error codes and messages returned by the Face Service, please refer to the following link: https://aka.ms/face-error-codes-and-messages.
| Name | Type | Description |
|---|---|---|
| code |
string |
One of a server-defined set of error codes. |
| message |
string |
A human-readable representation of the error. |
FaceErrorResponse
A response containing error details.
| Name | Type | Description |
|---|---|---|
| error |
The error object. |
LivenessOperationMode
The liveness operation mode to drive the client’s end-user experience.
| Name | Type | Description |
|---|---|---|
| Passive |
string |
Utilizes a passive liveness technique that requires no additional actions from the user. Requires normal indoor lighting and high screen brightness for optimal performance. And thus, this mode has a narrow operational envelope and will not be suitable for scenarios that requires the end-user’s to be in bright lighting conditions. Note: this is the only supported mode for the Mobile (iOS and Android) solution. |
| PassiveActive |
string |
This mode utilizes a hybrid passive or active liveness technique that necessitates user cooperation. It is optimized to require active motion only under suboptimal lighting conditions. Unlike the passive mode, this mode has no lighting restrictions, and thus offering a broader operational envelope. This mode is preferable on Web based solutions due to the lack of automatic screen brightness control available on browsers which hinders the Passive mode’s operational envelope on Web based solutions. |