AgentSkillsCN

didit-passive-liveness

集成Didit Passive Liveness独立API,用于验证用户是否真实在场。当用户希望检测活体状态、识别伪造尝试、确认真人到场、实施防伪攻击,或借助Didit开展被动式活体检测时,可选用此API。该API无需用户交互,仅需分析单张图像即可完成检测,并返回活体评分、人脸质量指标以及亮度相关数据。它能够有效识别呈现式攻击和重复人脸。

SKILL.md
--- frontmatter
name: didit-passive-liveness
description: >
  Integrate Didit Passive Liveness standalone API to verify a user is physically present.
  Use when the user wants to check liveness, detect spoofing attempts, verify real person
  presence, implement anti-spoofing, or perform passive liveness detection using Didit.
  Analyzes a single image without user interaction. Returns liveness score, face quality,
  and luminance metrics. Detects presentation attacks and duplicate faces.
version: 1.2.0
metadata:
  openclaw:
    requires:
      env:
        - DIDIT_API_KEY
    primaryEnv: DIDIT_API_KEY
    emoji: "🧑"
    homepage: https://docs.didit.me

Didit Passive Liveness API

Overview

Verifies that a user is physically present by analyzing a single captured image — no explicit movement or interaction required.

Key constraints:

  • Supported formats: JPEG, PNG, WebP, TIFF
  • Maximum file size: 5MB
  • Image must contain exactly one clearly visible face
  • Original real-time photo only (no screenshots or printed photos)

Accuracy: 99.9% liveness detection accuracy, <0.1% false acceptance rate (FAR).

Capabilities: Liveness scoring, face quality assessment, luminance analysis, age/gender estimation, spoof detection (screen captures, printed copies, masks, deepfakes), duplicate face detection across sessions, blocklist matching.

Liveness methods: This standalone endpoint uses PASSIVE method (single-frame CNN). Workflow mode also supports ACTIVE_3D (action + flash, highest security) and FLASHING (3D flash, high security).

API Reference: https://docs.didit.me/reference/passive-liveness-api


Authentication

All requests require x-api-key header. Get your key from Didit Business Console → API & Webhooks.


Endpoint

code
POST https://verification.didit.me/v3/passive-liveness/

Headers

HeaderValueRequired
x-api-keyYour API keyYes
Content-Typemultipart/form-dataYes

Request Parameters (multipart/form-data)

ParameterTypeRequiredDefaultConstraintsDescription
user_imagefileYesJPEG/PNG/WebP/TIFF, max 5MBUser's face image
face_liveness_score_decline_thresholdintegerNo0-100Scores below this = Declined
rotate_imagebooleanNoTry rotations to find upright face
save_api_requestbooleanNotrueSave in Business Console
vendor_datastringNoYour identifier for session tracking

Example

python
import requests

response = requests.post(
    "https://verification.didit.me/v3/passive-liveness/",
    headers={"x-api-key": "YOUR_API_KEY"},
    files={"user_image": ("selfie.jpg", open("selfie.jpg", "rb"), "image/jpeg")},
    data={"face_liveness_score_decline_threshold": "80"},
)
typescript
const formData = new FormData();
formData.append("user_image", selfieFile);
formData.append("face_liveness_score_decline_threshold", "80");

const response = await fetch("https://verification.didit.me/v3/passive-liveness/", {
  method: "POST",
  headers: { "x-api-key": "YOUR_API_KEY" },
  body: formData,
});

Response (200 OK)

json
{
  "request_id": "a1b2c3d4-...",
  "liveness": {
    "status": "Approved",
    "method": "PASSIVE",
    "score": 95,
    "user_image": {
      "entities": [
        {"age": 22.16, "bbox": [156, 234, 679, 898], "confidence": 0.717, "gender": "male"}
      ],
      "best_angle": 0
    },
    "warnings": [],
    "face_quality": 85.0,
    "face_luminance": 50.0
  },
  "created_at": "2025-05-01T13:11:07.977806Z"
}

Status Values & Handling

StatusMeaningAction
"Approved"User is physically presentProceed with your flow
"Declined"Liveness check failedCheck warnings. May be a spoof or poor image quality

Error Responses

CodeMeaningAction
400Invalid requestCheck file format, size, parameters
401Invalid API keyVerify x-api-key header
403Insufficient creditsTop up at business.didit.me

Response Field Reference

FieldTypeDescription
statusstring"Approved" or "Declined"
methodstringAlways "PASSIVE" for this endpoint
scoreinteger0-100 liveness confidence (higher = more likely real). null if no face
face_qualityfloat0-100 face image quality score. null if no face
face_luminancefloatFace luminance value. null if no face
entities[].agefloatEstimated age
entities[].bboxarrayFace bounding box [x1, y1, x2, y2]
entities[].confidencefloatFace detection confidence (0-1)
entities[].genderstring"male" or "female"
warningsarray{risk, log_type, short_description, long_description}

Warning Tags

Auto-Decline (always)

TagDescription
NO_FACE_DETECTEDNo face detected in image
LIVENESS_FACE_ATTACKPotential spoofing attempt (printed photo, screen, mask)
FACE_IN_BLOCKLISTFace matches a blocklisted entry
POSSIBLE_FACE_IN_BLOCKLISTPossible blocklist match detected

Configurable (Decline / Review / Approve)

TagDescriptionNotes
LOW_LIVENESS_SCOREScore below thresholdConfigurable review + decline thresholds
DUPLICATED_FACEMatches another approved session
POSSIBLE_DUPLICATED_FACEMay match another userConfigurable similarity threshold
MULTIPLE_FACES_DETECTEDMultiple faces (largest used for scoring)Passive only
LOW_FACE_QUALITYImage quality below thresholdPassive only
LOW_FACE_LUMINANCEImage too darkPassive only
HIGH_FACE_LUMINANCEImage too bright/overexposedPassive only

Common Workflows

Basic Liveness Check

code
1. Capture user selfie
2. POST /v3/passive-liveness/ → {"user_image": selfie}
3. If "Approved" → user is real, proceed
   If "Declined" → check warnings:
     - NO_FACE_DETECTED → ask user to retake with face clearly visible
     - LOW_FACE_QUALITY → ask for better lighting/positioning
     - LIVENESS_FACE_ATTACK → flag as potential fraud

Liveness + Face Match (combined)

code
1. POST /v3/passive-liveness/ → verify user is real
2. If Approved → POST /v3/face-match/ → compare selfie to ID photo
3. Both Approved → identity verified

Utility Scripts

bash
export DIDIT_API_KEY="your_api_key"

python scripts/check_liveness.py selfie.jpg
python scripts/check_liveness.py selfie.jpg --threshold 80