Skip to main content
POST
/
v3
/
face-match
/
cURL
curl -X POST 'https://verification.didit.me/v3/face-match/' \
  -H 'x-api-key: YOUR_API_KEY' \
  -F 'user_image=@./selfie.jpg' \
  -F 'ref_image=@./id_portrait.jpg' \
  -F 'face_match_score_decline_threshold=50' \
  -F 'save_api_request=true' \
  -F 'vendor_data=user-123'
{
  "request_id": "f9f5a777-8002-44c6-baaf-128bcfd6e226",
  "face_match": {
    "status": "Approved",
    "score": 99.41,
    "user_image": {
      "entities": [
        {
          "bbox": [
            661,
            728,
            1688,
            2188
          ],
          "confidence": 0.732973,
          "age": 26.91,
          "gender": "male",
          "race": null
        }
      ],
      "best_angle": 0
    },
    "ref_image": {
      "entities": [
        {
          "bbox": [
            653,
            745,
            1691,
            2185
          ],
          "confidence": 0.722082,
          "age": 27,
          "gender": "male",
          "race": null
        }
      ],
      "best_angle": 0
    },
    "warnings": []
  },
  "vendor_data": "user-123",
  "metadata": {
    "flow": "login"
  },
  "created_at": "2026-06-12T01:04:42.763237+00:00"
}

Authorizations

x-api-key
string
header
required

Body

multipart/form-data
user_image
file
required

Live or candidate face image to verify (e.g. a selfie). Submit a single front-facing photo with the subject's face clearly visible and well lit. Allowed extensions: tiff, jpg, jpeg, png, webp. Maximum upload size: 5 MB (larger files are rejected with 400). Images are automatically compressed to ~0.5 MB before processing, so very high resolutions do not improve accuracy.

ref_image
file
required

Reference face image to compare against (e.g. an ID document portrait or a previously enrolled photo). Same format and size limits as user_image.

face_match_score_decline_threshold
number<float>
default:30

Similarity threshold (0–100) that drives the response status. A computed score at or below this value sets status to Declined and adds a LOW_FACE_MATCH_SIMILARITY warning; a score strictly above it returns Approved. Default 30 is permissive — raise it (e.g. 5060) for stricter verification. Values outside 0–100 return 400.

Required range: 0 <= x <= 100
Example:

50

rotate_image
boolean
default:false

When true, the service tries the input images in 90-degree increments (0, 90, 180, 270) and uses the orientation that yields the best face detection — useful for mobile captures with missing EXIF orientation. Adds latency, so only enable it if you cannot guarantee upright images.

Example:

false

save_api_request
boolean
default:true

When true (default), persists the call as an API-type session — visible in the Business Console, retrievable via GET /v3/session/{sessionId}/decision/ using the returned request_id, and announced through a status.updated webhook. When false, nothing is stored and request_id is a transient UUID for response correlation only.

Example:

true

vendor_data
string

Optional opaque string (your internal user id, email, UUID…) stored on the persisted session and echoed back in the response. Use it to correlate API calls with your own records and to filter sessions later.

Example:

"user-123"

metadata
object

Optional JSON object stored with the session (when save_api_request=true) and echoed back in the response. In multipart requests, send it as a JSON-encoded string field (e.g. metadata={"flow":"login"}) — it is parsed into an object.

Example:
{ "flow": "login", "device_id": "abc123" }

Response

Face match computed. face_match.score is a 0–100 float (two decimals); status is Approved when the score is strictly above face_match_score_decline_threshold, otherwise Declined with an explanatory warning. A low similarity or unscorable pair still returns 200 — inspect face_match.status and face_match.warnings, not just the HTTP code. When save_api_request=true, request_id is the persisted session id.

request_id
string<uuid>

Persisted session id when save_api_request=true (usable with GET /v3/session/{sessionId}/decision/); otherwise a transient correlation UUID.

face_match
object
vendor_data
string | null

Echo of the vendor_data you sent, or null.

metadata
object

Echo of the metadata object you sent, or null.

created_at
string<date-time>

ISO 8601 timestamp (UTC) of when the response was generated, e.g. 2026-06-12T01:04:42.763237+00:00.