You can use the credentials of a Resource Access Management (RAM) user to access ID Verification. You can create a RAM user and grant the RAM user the permissions to call the ID Verification API or ID Verification SDK. You can authorize RAM users only to view the call status. This topic describes how to create a RAM user and grant permissions to the RAM user. This topic also describes how to generate an AccessKey pair to call the ID Verification API.

Prerequisites

  • ID Verification is activated for your Alibaba Cloud account. For more information, see Activate ID Verification.
  • You are allowed to use the Alibaba Cloud account.

Procedure

  1. Log on to the RAM console by using your Alibaba Cloud account.
  2. In the left-side navigation pane, choose Identities > Users.
  3. Optional:Click Create User to create a RAM user.
    If you have created a RAM user, skip this step. For more information, see Create a RAM user.
  4. Grant permissions on ID Verification to the RAM user.
    Note An Alibaba Cloud account has access and control permissions on all Alibaba Cloud resources within the account. If your Alibaba Cloud account is disclosed, security risks may occur. We strongly recommend that you create and grant a RAM user the permissions to use ID Verification based on the principle of least privilege.
    1. On the Users page, find the RAM user to which you want to grant permissions and click Add Permissions in the Actions column.
    2. In the Select Policy section of the Add Permissions panel, click System Policy and select the policies that you want to attach to the RAM user.

      The following table describes the system policies supported by ID Verification. You can enter the keyword of a policy name in the search box, such as CloudAuth, to find the policy and attach the policy to the RAM user based on your business requirements.

      Policy Remarks Description
      AliyunAntCloudAuthFullAccess Management permissions on ID Verification This policy allows you to perform the following operations:
      • Call the ID Verification API.
      • View the information about API calls.
    3. Click OK. Then, click Complete.
  5. Optional:If you want to call an API operation by using the RAM user, create an AccessKey pair for the RAM user for identity authentication when you call the API operation.
    For more information about how to create an AccessKey pair for a RAM user, see Create an AccessKey pair.
    Note We recommend that you create an AccessKey pair only for RAM users that you want to use to call API operations.

    After the authorization is complete, you can use the RAM user to integrate ID Verification with your app or view information about API calls.