For a user to go through Face Match, you must first fetch a valid session token. This token establishes the authenticity throughout the verification process.

Each session token is short-lived and should be generated immediately before starting the verification process.

Get Session ID

To get a session ID, your application’s server must make an API request to the GET /liveness/session endpoint.

try {
    // Create a session token via Verisoul's API
    let response = await fetch('https://api.sandbox.verisoul.ai/liveness/session', {
        method: 'GET',
        headers: {
            'x-api-key': '{VERISOUL_API_KEY}'
        }
    });

    let {session_id} = await response.json();
    
    // Return the session_id to your client application
    // ...
} catch (err) {
    console.error(err);
}

For security, best practice is to fetch the session token from a protected server, never on the client.

Referring Session ID

When using Face Match alongside Verisoul’s platform, you can optionally pass a referring_session_id parameter in your session request.

This parameter should be the session ID from the user’s current interaction with Verisoul’s platform, before they begin the Face Match verification. By providing this context, Verisoul can make more informed risk assessments during the verification process.

Passing a referring session ID provides several benefits:

  • Enhanced risk assessment capabilities for Face Match
  • Access to referring session signals during verification
  • Better detection of impersonation attempts and verification link sharing

For more details on the API parameters, see the session endpoint. To learn about the additional risk signals available when using a referring session ID, refer to the referring session signals.

Next Steps

Once you have obtained a session token, you can proceed to navigate the user to Face Match to complete the verification process.