All Products
Search

This Product

    ID Verification:CheckResult

    Document Center

    ID Verification:CheckResult

    Last Updated:Jan 14, 2026

    This topic describes how to query authentication results by calling the CheckResult API operation.

    API description

    • API operation name: CheckResult

    • Request method: HTTPS POST

    • Description: After you receive a callback notification, you can call this API operation on the server-side to retrieve the authentication status and materials.

      Important

      By default, ID Verification service results are stored for 30 days and then automatically deleted. You must retrieve the verification results within 30 days.

    • This API operation has a dedicated QPS limit. For more information, see QPS limits for ID Verification server-side API operations.

    • Endpoints:

      Note

      • Benefits of internal network access: An internal network is a private communication network between Alibaba Cloud products within the same region. If your business server is deployed in the corresponding Alibaba Cloud region, you can use the internal same-region endpoint to access the ID Verification service. This provides more secure and stable communication.

      • Optimization suggestions for access from outside China: Network environments outside China can be complex. To optimize your integration solution, reduce network latency, and minimize request failures, see Server-side network latency analysis and optimization.

      China (Hong Kong)

      • Public network: cloudauth-intl.cn-hongkong.aliyuncs.com

      • Internal network: cloudauth-intl-vpc.cn-hongkong.aliyuncs.com

    Online debugging and integration

    Note

    Before you debug and integrate an API operation, see Debug and integrate server-side API operations using OpenAPI Explorer for information about how to call API operations and obtain SDKs and sample code in OpenAPI Explorer.

    You can run this API operation in OpenAPI Explorer to debug it and generate an SDK code sample.

    Request parameters

    Name

    Type

    Required

    Description

    Example

    MerchantBizId

    String

    Yes

    A unique business identifier that you customize. Use it to track and troubleshoot issues. The identifier must be a unique 32-character string of letters and digits.

    Note

    Alibaba Cloud servers do not check the uniqueness of this field. To improve tracking, make sure that this field is unique.

    e0c34a77f5ac40a5aa5e6ed20c35****

    TransactionId

    String

    Yes

    The unique identifier for the entire verification flow. Call the Initialize API operation to obtain this value.

    Important

    To prevent tampering, use the TransactionId stored on your server when you call the Initialize operation. Do not use the TransactionId returned by the client-side callback.

    hksb7ba1b28130d24e015d6********

    IsReturnImage

    String

    No

    Specifies whether to return authentication image materials:

    • Yes: Required

    • N: No (default)

    Y

    Returned data

    Name

    Type

    Description

    Example

    HTTP Status Code

    Integer

    The HTTP status code.

    200

    HTTP Body

    RequestId

    String

    The request ID.

    130A2C10-B9EE-4D84-88E3-5384FF03****

    Code

    String

    Back to Code.

    Success

    Message

    String

    The detailed description of the response code.

    success

    Result.Passed

    String

    The final authentication result. Valid values:

    • Y: Passed

    • N: Failed

    Y

    Result.SubCode

    String

    The description of the authentication result. For more information, see

    Error codes for ResultObject.SubCode.

    200

    Result.ExtFaceInfo

    String

    The result of the face liveness verification. For information about the JSON format, see the example on the right. For more information, see ExtFaceInfo.

    {
  "faceAttack": "N",
  "faceImg": "/9j/4AAQSkZJRgABAQAAAQqviV6oakp8...",
  "faceQuality": 95.45,
  "faceOcclusion": "N",
  "docVideoUrl": "https://aliyun-cloudauth.oss-aliyuncs.com/******.webm" 
}

    ExtFaceInfo

    Name

    Type

    Description

    Example

    facePassed

    String

    The final result of the face liveness verification from the face scanning stage:

    • Y: Passed

    • N: Failed

    Y

    faceImg

    String

    The captured facial image in Base64 format. This field is returned if you set the IsReturnImage parameter to Y in the API request and the facial recognition flow is completed.

    Base64 format

    faceAttack

    String

    Indicates whether a liveness attack is detected on the captured face. Y indicates an attack. N indicates no attack.

    N

    faceQuality

    Double

    The quality score of the live face. The value ranges from 0 to 100.

    99.99

    faceOcclusion

    String

    Indicates whether the face is occluded. Y indicates that the face is occluded. N indicates that the face is not occluded.

    N

    docVideoUrl

    String

    The OSS download URL for the evidence file.

    Note

    • The URL for the evidence video is valid for 15 minutes.

    • You can query for the URL multiple times within 30 minutes after the authentication is complete. After 30 minutes, the system automatically deletes the evidence video file. The file cannot be recovered. Download and save the file promptly.

    https://aliyun-cloudauth.oss-aliyuncs.com/******.webm

    faceAge

    String

    The predicted reference age based on the face. This field may not be returned if the prediction fails.

    30

    faceGender

    String

    The predicted gender based on the facial image. This field may not be returned if the prediction fails.

    • M: Male

    • F: Female

    M

    authorityComparisonScore

    Double

    The comparison score between the captured face and the face from the authoritative data source. The value ranges from 0 to 100.

    Note

    A higher score indicates a higher probability that the faces are the same. The default threshold is 75. Customize the handling based on your business sample data as needed.

    99.99

    faceAttackScore

    Double

    The probability of a fake face attack as predicted by the facial recognition algorithm. A higher score indicates a higher probability of a fake face.

    The value ranges from 0 to 100.

    80

    guardRiskScore

    Double

    The probability of device risk as predicted by the Face Guard algorithm. A higher score indicates a higher device risk.

    The value ranges from 0 to 100.

    90

    deviceToken

    String

    The DeviceToken from Device Assistant. This is returned when the Device Assistant module is fully integrated into the SDK. You can use this token to call the server-side API operations of Device Assistant to get device risk details.

    • Device Assistant is a paid service. For more information, see Product Billing.

    • This token is valid for 7 days and is not unique.

    e0c34a77f5ac40a5aa5e6ed20c35****

    Return Code

    HTTP status code

    Code

    Message description

    200

    Success

    Request successful.

    400

    MissingParameter

    Parameter cannot be empty.

    InvalidParameter

    Invalid parameter.

    TransactionIdInvalid

    Invalid Transaction ID.

    403

    Forbidden.RAMUserAccessDenied

    You need to grant the RAM user the AliyunAntCloudAuthFullAccess permission. For more information, see Authorize RAM users to access the service.

    Forbidden.AccountAccessDenied

    Ensure that you have activated ID verification and your account has no overdue payment.

    Throttling.Api

    API request is blocked due to throttling.

    404

    ProcessNotCompleted

    The entire authentication process is not completed.

    500

    InternalError

    Internal system error. Provide feedback to engineers for troubleshooting.

    503

    ServiceUnavailable

    The service is unavailable. Contact engineers for troubleshooting.

    Error codes for ResultObject.SubCode

    Error code

    Are authentication records billed?

    Description, Cause, and Recommendation

    200

    Yes

    The authentication passed.

    201

    Yes

    The name and ID card number do not match the information in the official database. The user information may be incorrect or fake. Advise the user to confirm the information and try again.

    Note

    This error code is returned only when the certificate type verified by the product is a Chinese ID card and the authoritative verification feature is enabled.

    202

    Yes

    The identity information cannot be found in the official database. Reserve an entry for manual review.

    Note

    This error code is returned only when the certificate type verified by the product is a Chinese ID card and the authoritative verification feature is enabled.

    205

    Yes

    Liveness detection involves risks.

    206

    Yes

    Limited by a business policy. After you enable safe mode, the system performs security checks on the authentication environment, such as the device. If a potential threat is detected, the authentication fails.

    You can troubleshoot the issue as follows:

    1. Advise the user to uninstall software or plug-ins such as multi-account, app-cloning, or virtual environment applications from the device. Then, restore the device to its initial secure environment and retry.

    2. Check whether you are using the package name of the test demo. If so, change it to your business package name. This prevents the request from being blocked by the security policy of the project or service.

    207

    Yes

    Facial recognition against the official database failed. The person may not be the same, or the quality of the live photo is low.

    Note

    This error code is returned only when the certificate type verified by the product is a Chinese ID card and the authoritative verification feature is enabled.