Age Estimation API
Estimate a person’s age from a single face photo and run a passive liveness check in the same call — returns the model-predicted age_estimation (in years), a liveness score (0–100), and an Approved/Declined status. The age is model-predicted from the face, not verified against a document — use it for age gates and low-friction checks, not as legal proof of age.
How it works. The image is analyzed for faces (set rotate_image=true if captures may be sideways or upside down); each detected face gets an estimated age, and the largest face in the frame drives age_estimation. In parallel, a passive liveness model scores whether the photo shows a live person (no user challenge required) and detects presentation attacks (photos of photos, screens, masks). Submit one clear, front-facing, well-lit face per image for best results.
Decision logic. Any warning declines: status is Approved only when the warnings array is empty. A liveness score at or below face_liveness_score_decline_threshold (default 30) adds LOW_LIVENESS_SCORE; a detected attack adds LIVENESS_FACE_ATTACK; no face found by the liveness model adds NO_FACE_DETECTED; no estimable face age adds AGE_NOT_DETECTED (age_estimation is null); an estimated age below age_estimation_decline_threshold (default 18) adds AGE_BELOW_MINIMUM. Borderline ages near your threshold deserve a fallback to document-based verification — the model’s error grows for faces close to the limit.
Billing. Each 200 response consumes one Age Estimation API credit (standalone APIs have no free tier). When the organization’s balance cannot cover the call, the endpoint returns 403 with the not-enough-credits error before any image processing.
Session persistence (save_api_request, default true). When true, the call is persisted as an API-type session: it appears in the Business Console, the returned request_id is a real session id you can pass to GET /v3/session/{sessionId}/decision/ (the result is exposed there in liveness_checks[], with features: ["AGE_ESTIMATION"]), the face crop and reference image are stored, the face embedding is added to your application’s face index (used by face search and duplicate detection), and a status.updated webhook is emitted. When false, nothing is stored and request_id is a one-off correlation UUID that cannot be looked up later.
Sandbox. Sandbox API keys skip all processing and billing: after request validation (malformed input still returns 400), the endpoint returns a static Approved mock payload (age_estimation: 30, no warnings), no session is persisted, and no credits are consumed.
Authentication. Send your application’s API key in the x-api-key header. Missing or invalid credentials return 403 ({"detail": "You do not have permission to perform this action."}) — this API never returns 401.
Rate limit. Shared write budget of 300 requests/min per API key across all POST/PATCH/DELETE endpoints; exceeding it returns 429.
Authorizations
Body
Face photo to analyze (e.g. a selfie). Submit a single front-facing photo with the subject's face clearly visible and well lit. Allowed extensions: tiff, jpg, jpeg, png, webp (no PDF). Maximum upload size: 5 MB (larger files are rejected with 400). Images are automatically compressed to ~0.3 MB before processing, so very high resolutions do not improve accuracy.
Liveness threshold (0–100). A liveness score at or below this value adds a LOW_LIVENESS_SCORE warning and declines. Raise it for stricter anti-spoofing; values outside 0–100 return 400.
0 <= x <= 10030
Minimum acceptable estimated age in years. An estimated age below this value adds an AGE_BELOW_MINIMUM warning and declines. Set 0 to disable the age check (the call then only runs liveness + age estimation without an age-based decision).
0 <= x <= 10018
When true, the service tries the input image in 90-degree increments (0, 90, 180, 270) and uses the orientation that yields the best face detection — useful for mobile captures with missing EXIF orientation. Adds latency, so only enable it if you cannot guarantee upright images.
false
When true (default), persists the call as an API-type session — visible in the Business Console, retrievable via GET /v3/session/{sessionId}/decision/ using the returned request_id, announced through a status.updated webhook, and with the detected face added to your application's face index. When false, nothing is stored and request_id is a transient UUID for response correlation only.
true
Optional opaque string (your internal user id, email, UUID…) stored on the persisted session and echoed back in the response. Use it to correlate API calls with your own records and to filter sessions later.
"user-123"
Optional JSON object stored with the session (when save_api_request=true) and echoed back in the response. In multipart requests, send it as a JSON-encoded string field (e.g. metadata={"flow":"age-gate"}) — it is parsed into an object.
{ "flow": "age-gate" }Response
Age estimation and passive liveness completed. age_estimation.age_estimation is the model-predicted age in years of the largest detected face (null if none); age_estimation.score is the passive-liveness score (0–100); status is Approved only when warnings is empty. An underage or spoofed capture still returns 200 with status: "Declined" — inspect the body, not just the HTTP code. When save_api_request=true, request_id is the persisted session id.
Persisted session id when save_api_request=true (usable with GET /v3/session/{sessionId}/decision/); otherwise a transient correlation UUID.
Echo of the vendor_data you sent, or null.
Echo of the metadata object you sent, or null.
ISO 8601 timestamp (UTC) of when the response was generated.