All Products
Search

This Product

    ID Verification:CheckResult

    Document Center

    ID Verification:CheckResult

    Last Updated:Sep 22, 2025

    This topic describes how to use the CheckResult API operation to query authentication results.

    API description

    • API operation: CheckResult

    • Request method: HTTPS POST

    • Description: Call this API operation on your server after you receive a callback notification to obtain the authentication status and materials.

      Important

      ID Verification stores authentication results for 30 days by default. After this period, the system automatically deletes the results. You must query the results within 30 days after the authentication process is complete.

    • QPS limit: The API has a dedicated queries per second (QPS) limit. For more information, see QPS limits for ID Verification server-side API operations.

    • Endpoint:

      Note

      The internal network is used for communication between Alibaba Cloud products in the same region. If your server is deployed in an Alibaba Cloud region, you can use the internal endpoint to access the ID Verification service. This provides more secure and stable network communication.

      Singapore

      • Internet: cloudauth-intl.ap-southeast-1.aliyuncs.com

      • Internal: cloudauth-intl-vpc.ap-southeast-1.aliyuncs.com

      Indonesia

      • Internet: cloudauth-intl.ap-southeast-5.aliyuncs.com

      • Internal: cloudauth-intl-vpc.ap-southeast-5.aliyuncs.com

      China (Hong Kong)

      • Internet: cloudauth-intl.cn-hongkong.aliyuncs.com

      • Internal: cloudauth-intl-vpc.cn-hongkong.aliyuncs.com

    Online debugging and integration

    Note

    Before you start debugging and integration, ensure that you read the Use OpenAPI Explorer to debug and integrate server-side APIs document to understand how to call APIs in OpenAPI Explorer and obtain SDKs and their code.

    You can debug this API operation in OpenAPI Explorer and generate SDK sample code.

    Request parameters

    Name

    Type

    Required

    Description

    Example

    MerchantBizId

    String

    Yes

    A unique business identifier that you customize for troubleshooting. It can be a combination of letters and digits up to 32 characters long. Make sure this identifier is unique.

    Note

    Alibaba Cloud servers do not check the uniqueness of this value. For better tracking, we strongly recommend that you make sure the value is unique.

    e0c34a77f5ac40a5aa5e6ed20c35****

    TransactionId

    String

    Yes

    The unique identifier for the entire authentication flow. You must obtain this value by calling the Initialize API operation.

    Important

    To avoid tampering threats, you must use the TransactionId stored on your server from the Initialize API operation call. We do not recommend using the TransactionId from the client-side callback.

    hksb7ba1b28130d24e015d6********

    IsReturnImage

    String

    No

    Specifies whether to return the authentication image materials.

    • Y (Yes): Required

    • N: No (default)

    Y

    Response parameters

    Name

    Type

    Description

    Example

    HTTP Status Code

    Integer

    The HTTP status code.

    200

    HTTP Body

    RequestId

    String

    The request ID.

    130A2C10-B9EE-4D84-88E3-5384FF03****

    Code

    String

    Back to Code

    Success

    Message

    String

    The detailed description of the response code.

    success

    Result.Passed

    String

    The final authentication result. Valid values:

    • Y: Pass

    • N: The authentication is not passed.

    Y

    Result.SubCode

    String

    The description of the authentication result. For more information, see ResultObject.SubCode error codes.

    200

    Result.ExtFaceInfo

    String

    The result information for face liveness verification. For the JSON format, see the example on the right. For more information, see ExtFaceInfo.

    {
  "faceAttack": "N",
  "faceImg": "/9j/4AAQSkZJRgABAQAAAQqviV6oakp8...",
  "docVideoUrl": "https://aliyun-cloudauth.oss-aliyuncs.com/******.webm" 
}

    ExtFaceInfo

    Name

    Type

    Description

    Example

    faceImg

    String

    The captured face image in Base64 format. This field is returned if you set isReturnImage=Y in the request and the face scan is completed.

    Base64 format

    faceAttack

    String

    Indicates whether the captured face is involved in a liveness attack.

    • Y: Attack detected

    • N: Not applicable

    N

    docVideoUrl

    String

    The OSS download URL for the evidence file.

    Note

    • The URL for the evidence video is valid for 15 minutes.

    • You can query and get the URL multiple times within 30 minutes after the authentication is complete. After 30 minutes, the system automatically deletes the evidence video file. The file cannot be recovered. Download and save the file promptly.

    https://aliyun-cloudauth.oss-aliyuncs.com/******.webm

    faceAge

    String

    The reference age predicted from the face. The prediction may fail and this value may not be returned.

    30

    faceGender

    String

    The gender predicted from the face image. The prediction may fail and this value may not be returned.

    • M: Male

    • F: Female

    M

    faceAttackScore

    Double

    The probability of a spoofing attack predicted by the facial recognition algorithm. A higher score indicates a higher probability of a spoofing attack.

    Value range: 0 to 100.

    80

    guardRiskScore

    Double

    The probability of device risk predicted by the Face Guard algorithm. A higher score indicates a higher device risk.

    Value range: 0 to 100.

    90

    faceRegistrationResult

    String

    Indicates whether the face registration was successful:

    • 1: Success

    • 0: Failure

    1

    faceRegistrationID

    String

    The face registration ID.

    This is returned only if you enable automatic registration and the face registration is successful.

    f5a9219aefd6*******c84c8f0ca592a

    duplicateFace

    String

    Information about a duplicate face.

    If a duplicate face is found during a search, the corresponding Face ID and User ID from the face database are returned.

    [
  {
    "faceGroupCode": "sg7****uzt",
    "faceId": "f5a921*******9e792ec84c8f0ca592a"
  }
]

    Return Codes

    HTTP status code

    Code

    Message description

    200

    Success

    Request successful.

    400

    MissingParameter

    Parameter cannot be empty.

    InvalidParameter

    Invalid parameter.

    TransactionIdInvalid

    Invalid Transaction ID.

    403

    Forbidden.RAMUserAccessDenied

    You need to grant the RAM user the AliyunAntCloudAuthFullAccess permission. For more information, see Authorize RAM users to access the service.

    Forbidden.AccountAccessDenied

    Ensure that you have activated ID verification and your account has no overdue payment.

    Throttling.Api

    API request is blocked due to throttling.

    404

    ProcessNotCompleted

    The entire authentication process is not completed.

    500

    InternalError

    Internal system error. Provide feedback to engineers for troubleshooting.

    ResultObject.SubCode error codes

    Error code

    Is the authentication record billed?

    Description and suggestions

    200

    Yes

    The authentication is passed.

    204

    Yes

    Face comparison failed. The person may not be the same or the quality of the liveness photo is low.

    205

    Yes

    A risk is detected during liveness detection.

    206

    Yes

    Limited by business policy.

    Note

    If you enable safe mode, a security check is performed on the device and environment. If a potential risk is detected, the authentication fails. You can ask the user to uninstall any multi-instance, app-cloning, or virtual environment software or plug-ins from the device. Then, ask the user to restore the device to its original secure environment and try again.

    233

    Yes

    A similar face is detected.