All Products
Search

This Product

    ID Verification:Authorize a RAM user to access ID Verification

    Document Center

    ID Verification:Authorize a RAM user to access ID Verification

    Last Updated:Nov 06, 2025

    The Alibaba Cloud ID Verification service supports access through Resource Access Management (RAM) users. You can create RAM users and grant them specific permissions, enabling them to use the ID Verification service's SDK or API. For example, you can grant a RAM user read-only permissions to view usage details. This topic describes how to create and authorize a RAM user and generate an AccessKey pair required for API calls.

    Prerequisites

    • ID Verification is activated for your Alibaba Cloud account. For more information, see Activate ID Verification - KYC.

    • You have access rights to use the Alibaba Cloud account.

    Procedure

    1. Log on to the RAM console by using an Alibaba Cloud account or a RAM user who has administrative rights.

    2. In the left-side navigation pane, choose Identities > Users.

    3. Optional. Click Create User to create a RAM user.

      If you have created a RAM user, skip this step. For instructions, see Create a RAM user.

    4. Grant permissions on ID Verification to the RAM user.

      Note

      An Alibaba Cloud account has access and control permissions on all Alibaba Cloud resources within the account. If your Alibaba Cloud account is disclosed, security risks may occur. We strongly recommend that you create and grant a RAM user the permissions to use ID Verification based on the principle of least privilege.

      1. On the Users page, find the RAM user to which you want to grant permissions and click Add Permissions in the Actions column.

      2. In the Select Policy section of the Add Permissions panel, click System Policy and select the policies that you want to attach to the RAM user.

        The following table describes the System Policies supported by ID Verification. You can enter the keyword of a policy name, such as AntCloud, in the search box to find the policy and attach it to the RAM user as needed.

        Policy

        Note

        Description

        AliyunAntCloudAuthFullAccess

        Management permissions on ID Verification

        This policy lets you perform the following operations:

        • Invoke the interface.

        • View the details of the calls.

        • RAM users can purchase products.

        AliyunYundunCloudAuthFullAccess

        Access permissions on the ID Verification console

        This policy lets you perform the following operations:

        • View the number of calls and verification details in the ID Verification console.

      3. Click OK. Then, click Complete.

    5. Optional. If you want to call an API operation using the RAM user, create an AccessKey pair for the RAM user. The AccessKey pair is used for identity authentication when you call the API operation.

      For more information about how to create an AccessKey pair for a RAM user, see Create an AccessKey pair.

      Note

      We recommend that you create an AccessKey pair only for RAM users that you want to use to call API operations.

      After the authorization is complete, you can use the RAM user to integrate ID Verification with your app or view information about API calls.