All Products
Search

This Product

    ID Verification:eKYC_MIN

    Document Center

    ID Verification:eKYC_MIN

    Last Updated:Jan 14, 2026

    This topic describes how to integrate with ID Verification using only the server-side API.

    API description

    • API operation: EkycVerify

    • Request method: HTTPS POST

    • Description: Performs eKYC authentication using parameters such as image data.

    • This API operation has a dedicated QPS limit. For more information, see QPS limits for ID Verification server-side API operations.

    • Endpoints:

      Note

      • Benefits of internal network access: An internal network is a private communication network between Alibaba Cloud products within the same region. If your business server is deployed in the corresponding Alibaba Cloud region, you can use the internal same-region endpoint to access the ID Verification service. This provides more secure and stable communication.

      • Optimization suggestions for access from outside China: Network environments outside China can be complex. To optimize your integration solution, reduce network latency, and minimize request failures, see Server-side network latency analysis and optimization.

      China (Hong Kong)

      • Public network: cloudauth-intl.cn-hongkong.aliyuncs.com

      • Internal network: cloudauth-intl-vpc.cn-hongkong.aliyuncs.com

    Online testing and integration

    Note

    Before you debug and integrate an API operation, see Debug and integrate server-side API operations using OpenAPI Explorer for information about how to call API operations and obtain SDKs and sample code in OpenAPI Explorer.

    You can run this API operation in OpenAPI Explorer to perform tests and generate sample SDK code for this operation.

    Input image format requirements

    • Image format: JPG, JPEG, or PNG.

    • Image size: 50 KB to 100 KB is recommended. The maximum size is 1 MB.

    • Image resolution: The resolution must be between 640 × 480 pixels (height × width) and 1920 × 1080 pixels. We recommend scaling the shorter side to 720 pixels with a compression ratio greater than 0.9. The image height should be greater than the width. If the width is greater than the height, detection accuracy may be reduced.

      Note

      Converting an image to Base64 format increases its data size. To pass parameters in Base64 format, ensure that the original image size does not exceed 0.6 MB to avoid exceeding the 1 MB data transfer limit.

    • Image quality recommendations:

      • The face in the image must be complete, clear, and unobstructed. The subject should be facing the camera directly. We recommend using facial images captured by a front-facing camera.

      • The face should occupy more than 60% of the image area. A smaller face may reduce detection accuracy.

      • If there are multiple faces in the image, the algorithm crops the largest face by default. We recommend avoiding images with multiple faces.

    Request parameters

    Name

    Type

    Required

    Description

    Example

    ProductCode

    String

    Yes

    The product solution to integrate. Set the value to eKYC_MIN.

    eKYC_MIN

    SceneCode

    String

    No

    A custom authentication scenario ID. You can use this ID to query related records in the console. The ID can be up to 10 characters in length and can contain letters, digits, and underscores (_).

    1234567890

    MerchantBizId

    String

    Yes

    A unique business identifier that you customize. It is used to locate and troubleshoot issues. The identifier can be up to 32 characters in length and can contain letters and digits. Make sure that the identifier is unique.

    e0c34a77f5ac40a5aa5e6ed20c35****

    MerchantUserId

    String

    Yes

    A custom user ID or another identifier that can identify a specific user, such as a mobile phone number or an email address. We strongly recommend that you desensitize the value of this field in advance, for example, by hashing the value.

    Y

    DocType

    String

    Yes

    The certificate type, which is uniquely identified by an 8-digit number. For more information, see Certificate types.

    01000000

    DocName

    String

    No

    The user's real name.

    Note

    If Authorize=T and the certificate type is a Chinese mainland resident ID card, you must provide at least one of the following two parameter groups:

    • DocName and DocNo

    • IdOcrPictureBase64 or IdOcrPictureUrl

    If these conditions are met and you provide only DocName and DocNo without a certificate image, the system verifies only the identity information consistency and does not check the authenticity of the face image. If you provide a certificate image, the algorithm detects basic presentation attacks, such as screen recapture, on the certificate and face images. This is suitable for low-risk business scenarios.

    Zhang San

    DocNo

    String

    No

    The user's certificate number.

    Note

    If Authorize=T and the certificate type is a Chinese mainland resident ID card, you must provide at least one of the following two parameter groups:

    • DocName and DocNo

    • IdOcrPictureBase64 or IdOcrPictureUrl

    If these conditions are met and you provide only DocName and DocNo without a certificate image, the system verifies only the identity information consistency and does not check the authenticity of the face image. If you provide a certificate image, the algorithm detects basic presentation attacks, such as screen recapture, on the certificate and face images. This is suitable for low-risk business scenarios.

    411xxxxxxxxxxx0001

    IdOcrPictureBase64

    String

    No

    Note

    You must specify either IdOcrPictureBase64 or IdOcrPictureUrl.

    The Base64 encoding of the certificate image.

    Note

    If you use this method to pass the certificate image, check the image size. Do not pass an oversized image.

    Base64 encoding

    IdOcrPictureUrl

    String

    No

    The URL of the certificate image. The URL must be an HTTP or HTTPS link accessible over the public network.

    https://***

    FacePictureBase64

    String

    No

    Note

    You must specify either FacePictureBase64 or FacePictureUrl.

    The Base64 encoding of the portrait image.

    Note

    If you use this method to pass the certificate image, check the image size. Do not pass an oversized image.

    Base64 encoding

    FacePictureUrl

    String

    No

    The URL of the portrait image. The URL must be an HTTP or HTTPS link accessible over the public network.

    https://***

    Crop

    String

    No

    Specifies whether to crop the face image:

    • T: Allows cropping.

    • F: Disallows cropping. (Default)

    F

    Authorize

    String

    No

    Specifies whether to enable identity verification against the official database:

    • T: Enable.

    • F: Disable. (Default)

    Note

    This feature is currently available only for second-generation resident ID cards of the Chinese mainland.

    F

    IdThreshold

    String

    No

    The custom OCR quality detection threshold mode:

    • 0: Standard mode

    • 1: Strict mode

    • 2: Loose mode

    • 3: Disable quality detection (default)

    0

    Certificate types

    DocType

    Corresponding certificate

    01000000

    Global passport

    00000006

    Hong Kong Identity Card (2003 version)

    00000008

    Hong Kong Identity Card (2018 version)

    00000007

    Exit-Entry Permit for Travelling to and from Hong Kong and Macao

    00000009

    Mainland Travel Permits for Hong Kong and Macao Residents

    000000011

    Macao Identity Card

    000000012

    Mainland Travel Permit for Taiwan Residents

    00000001

    Second-generation resident ID card of the Chinese mainland

    Returned data

    Name

    Type

    Description

    Example

    HTTP Status Code

    Integer

    The HTTP status code.

    200

    HTTP Body

    RequestId

    String

    The request ID.

    130A2C10-B9EE-4D84-88E3-5384FF0****

    Code

    String

    Back to Code.

    Success

    Message

    String

    A detailed description of the response code.

    success

    Result.Passed

    String

    The final authentication result. Valid values:

    • Y: Passed

    • N: Failed

    Y

    Result.SubCode

    String

    A description of the authentication result. For more information, see Error codes for ResultObject.SubCode.

    200

    Result.ExtFaceInfo

    String

    Information about the face liveness verification result. For the JSON format, see the example on the right. For more information, see ExtFaceInfo.

    {
  "faceAttack": "N",
  "faceComparisonScore": 52.57,
  "facePassed": "N",
  "authorityComparisonScore": 80.39
}

    Result.ExtIdInfo

    String

    Information about the certificate detection result.

    For the JSON format, see the example on the right. For more information, see ExtIdInfo.

    {
  "ocrIdInfo": {
    "expiryDate": "",
    "originOfIssue": "Exit and Entry Administration of the Ministry of Public Security",
    "englishName": "LI SI",
    "sex": "Male",
    "name": "Li Si",
    "idNumber": "H11111112",
    "issueDate": "2013-01-02",
    "birthDate": "1990-02-21"
  },
  "ocrIdPassed": "N",
  "spoofInfo": {
    "spoofResult": "Y",
    "spoofType": [
      "SCREEN_REMARK"
    ]
  }
}

    Return Code

    HTTP status code

    Code

    Message Description

    200

    Success

    Request successful.

    400

    MissingParameter

    Parameter cannot be empty.

    InvalidParameter

    Invalid parameter.

    401

    UnqualifiedPhoto

    The uploaded image is unreadable or the image resolution does not meet requirements. We recommend changing the image.

    Ensure the photo is clear, has normal exposure, is complete without occlusion, and has no significant angle deviation.

    DataDuplication

    Both Base64-encoded image and URL image address are provided. Choose only one of these parameters.

    ToolargeImage

    The image size is too large. We recommend compressing the image or changing the upload method.

    DownloadTimeout

    URL image download timeout.

    NoFaceDetected

    No face detected in the uploaded image.

    403

    Forbidden.RAMUserAccessDenied

    You need to grant the RAM user the AliyunAntCloudAuthFullAccess permission. For more information, see Authorize RAM users to access the service.

    Forbidden.AccountAccessDenied

    Ensure that you have activated ID verification and your account has no overdue payment.

    Throttling.Api

    API request is blocked due to throttling.

    500

    InternalError

    Internal system error. Provide feedback to engineers for troubleshooting.

    503

    ServiceUnavailable

    The service is unavailable. Contact engineers for troubleshooting.

    Error codes for ResultObject.SubCode

    Error code

    Billing

    Description, cause, and suggestion

    200

    Yes

    The authentication is passed.

    201

    Yes

    The name and ID card number do not match the information in the official database. The user's information may be incorrect or fake. Ask the user to confirm the information and try again.

    Note

    This error code is returned only when the certificate type verified by the product is a Chinese ID card and the authoritative verification feature is enabled.

    202

    Yes

    The identity information cannot be found in the official database. Provide an option for manual review.

    Note

    This error code is returned only when the certificate type verified by the product is a Chinese ID card and the authoritative verification feature is enabled.

    203

    Yes

    The photo cannot be found or is unavailable. Possible cause: The authoritative comparison source does not have a base photo on file. Provide an option for manual review.

    204

    Yes

    The face comparison failed. The person in the image may not be the same person, or the quality of the liveness photo is low.

    205

    Yes

    A risk is detected during liveness detection.

    207

    Yes

    The uploaded face does not match the face in the official database. The person in the image may not be the same person, or the quality of the face photo is low.

    Note

    This error code is returned only when the certificate type verified by the product is a Chinese ID card and the authoritative verification feature is enabled.

    209

    Yes

    The authoritative comparison source is abnormal.

    Note

    This error code is returned only when the certificate type verified by the product is a Chinese ID card and the authoritative verification feature is enabled.

    212

    Yes

    A risk is detected during anti-spoofing detection for the certificate. High-risk operations such as screen recapturing, tampering, or photocopying may have occurred.

    ExtFaceInfo

    Name

    Type

    Description

    Example

    facePassed

    String

    The final result of the face liveness verification during the face scan phase:

    • Y: Passed

    • N: Failed

    Y

    faceComparisonScore

    Double

    The comparison score between the captured face and the portrait on the certificate. The score ranges from 0 to 100.

    99.99

    faceAttack

    String

    Indicates whether a liveness attack was detected on the captured face:

    • Y: An attack is involved.

    • N: Not applicable

    N

    authorityComparisonScore

    Double

    The comparison score between the captured face and the data from the official authoritative source. The score ranges from 0 to 100.

    99.99

    ExtIdInfo

    Name

    Type

    Description

    Example

    idPassed

    String

    The final result of the certificate OCR phase:

    • Y: Passed

    • N: Failed

    N

    ocrIdInfo

    String

    The field information from the certificate OCR.

    Note

    If the certificate OCR process fails, this field is empty.

    {
  "expiryDate": "",
  "originOfIssue": "Exit and Entry Administration of the Ministry of Public Security",
  "englishName": "LI SI",
  "sex": "Male",
  "name": "Li Si",
  "idNumber": "H11111112",
  "issueDate": "2013-01-02",
  "birthDate": "1990-02-21"
}

    spoofInfo

    String

    The result of the anti-spoofing detection for the certificate, including the risk assessment result and risk type:

    • spoofResult:

      • Y: A risk exists.

      • N: Normal

    • spoofType:

      • SCREEN_REMARK: Screen recapture

      • PHOTO_COPY: Photocopy

      • TAMPER: Tampered with using image editing software

    {
 "spoofResult": "Y",
 "spoofType": ["SCREEN_REMARK"]
}