2️⃣ Enrollment
Enrollment is the process of registering a new user by connecting their facial biometrics to a Keyless account. During this process, a full and unobstructed view of the user's face is required.
val configuration = BiomEnrollConfig()
Keyless.enroll(
configuration = configuration,
onCompletion = { result ->
when (result) {
is Keyless.KeylessResult.Success -> Log.d("KeylessSDK ", "Enroll success - userId ${result.value.keylessId}")
is Keyless.KeylessResult.Failure -> Log.d("KeylessSDK ", "Enroll failure - error code ${result.error.code}")
}
}
)
Enrollment configuration
You can configure the enrollment process with optional parameters in your BiomEnrollConfig()
instance or using the builder pattern methods from the EnrollmentConfiguration
builder.
public data class BiomEnrollConfig(
public val cameraDelaySeconds: Int = 2,
public val customSecret: String?,
public val iamToken: String?
public val jwtSigningInfo: JwtSigningInfo?,
public val livenessConfiguration: LivenessSettings.LivenessConfiguration = PASSIVE_STANDALONE_HIGH,
public val livenessTimeout: Int = 60,
public val operationInfo: OperationInfo?,
public val shouldRetrieveTemporaryState: Boolean = false,
public val shouldRetrieveEnrollmentSelfie: Boolean = false,
public val temporaryState: String?,
public val showSuccessFeedback: Boolean = true,
public val showInstructionsScreen: Boolean = true,
public val showFailureFeedback: Boolean = true
)
Enrollment success result
Depending on the builder methods you enable, Keyless will populate the corresponding fields in the EnrollmentSuccess
result reported below.
data class EnrollmentSuccess(
val keylessId: String,
val customSecret: String = "",
val signedJwt: String? = null,
val temporaryState: String? = null
) : KeylessSdkSuccess()
Backup data
Backup data is no longer recommended to perform account recovery and the feature has been removed from Android and iOS SDKs. Use the temporary state instead. Follow the guide on account recovery.
Keyless can generate backup data that you can use to recover an account.
To create the backup data use the shouldRetrieveBackup
method. Once the enrollment succeeds, copy the backup data from the EnrollmentSuccess
result, and store it securely.
To recover an account, use the backup
parameter more in backup.
Camera Delay
Use cameraDelaySeconds
to specify the delay (in seconds) between when the camera preview appears, and when the liveness processing starts.
Custom secret
During enrollment you can specify a custom secret to be saved and encrypted along with the user's biometric data using savingSecret
paramter. The custom secret can be anything you can save as an ASCII string, such as a secret that you have provided to the app from the backend, the seed of an OTP protocol, or anything else.
IAM Token
Specifying an iamToken
you can authenticate with your IAM System, follow the guide authenticating in auth0 with Keyless
JWT Signing info
You can specify a payload to be added to a JWT signed by Keyless with the jwtSigningInfo
parameter, more in JWT signing.
Liveness Settings
Using livenessConfiguration
you can configure the liveness security level during enrollment. The possible liveness configuration are under LivenessSettings.LivenessConfiguration
:
PASSIVE_STANDALONE_MEDIUM
PASSIVE_STANDALONE_HIGH //recommended configuration
PASSIVE_STANDALONE_HIGHEST
You can also specify a livenessTimeout
(in seconds) to cancel the enrollment if the liveness takes longer than the timeout.
More details on liveness in the dedicated liveness settings section.
Operation info
The parameter operationInfo
specifies a customizable unique operation identifier and associated payload stored on the Keyless backend if the enrollment succeeds. Use this to add an extra level of confirmation in your operations.
Details on how to query our backend for stored operations are available on Operations API.
Temporary State
Keyless users can be enrolled via IDV-Bridge, Identity Verification Bridge. As a result of IDV-Bridge enrollment you receive a temporary state useful to register users in your app without undergoing the full enrollment flow.
Use the temporaryState
parameter to register users from a temporary state obtained through IDV-Bridge or follow the account recovery guide.
Last updated
Was this helpful?