{"id":22268158,"url":"https://github.com/curityio/iproov-action","last_synced_at":"2025-08-04T15:33:27.665Z","repository":{"id":196656628,"uuid":"687709451","full_name":"curityio/iproov-action","owner":"curityio","description":"An Authentication Action implementing the iProov Web SDK for facial recoginition an liveness proofing","archived":false,"fork":false,"pushed_at":"2023-10-25T00:45:40.000Z","size":483,"stargazers_count":1,"open_issues_count":0,"forks_count":0,"subscribers_count":5,"default_branch":"main","last_synced_at":"2025-01-30T13:30:12.568Z","etag":null,"topics":["authentication-action","id-proofing","plugin"],"latest_commit_sha":null,"homepage":"","language":"Java","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/curityio.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2023-09-05T20:59:34.000Z","updated_at":"2024-03-01T07:45:49.000Z","dependencies_parsed_at":null,"dependency_job_id":"a6420b64-832a-4617-8ec9-06e391df7303","html_url":"https://github.com/curityio/iproov-action","commit_stats":null,"previous_names":["curityio/iproov-action"],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/curityio%2Fiproov-action","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/curityio%2Fiproov-action/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/curityio%2Fiproov-action/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/curityio%2Fiproov-action/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/curityio","download_url":"https://codeload.github.com/curityio/iproov-action/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":245485949,"owners_count":20623239,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["authentication-action","id-proofing","plugin"],"created_at":"2024-12-03T11:11:42.462Z","updated_at":"2025-03-25T14:45:20.780Z","avatar_url":"https://github.com/curityio.png","language":"Java","funding_links":[],"categories":[],"sub_categories":[],"readme":"# iProov Authentication Action Plugin\n\n[![Quality](https://img.shields.io/badge/quality-demo-red)](https://curity.io/resources/code-examples/status/)\n[![Availability](https://img.shields.io/badge/availability-source-blue)](https://curity.io/resources/code-examples/status/)\n\nA custom authentication action plugin for the Curity Identity Server leveraging the [iProov Biometrics Web SDK](https://github.com/iProov/web) for facial biometric scanning. The action can be added after an authenticator and will invoke the use of the camera on the user’s device to scan a person’s face for liveness check and verification.\n\n## Intro\nThis plugin leverages the iProov Biometrics Web SDK for the facial scanning. The SDK handles the frontend\nmechanism of invoking the system camera to scan a user’s face. This is then coupled with the iProov REST API\nwhere the scanning result is sent together with a token. The response will indicate if the user is either\nsuccessfully enrolled or successfully verified.\n\nBefore a scanning event takes place an iProov token needs to be obtained. The plugin handles this\nautomatically in the background. The plugin will first attempt to enroll a user and with that initially\nobtain an enrollment token. If the user is not enrolled the process of enrollment continues and the user\nis prompted to scan their face. An iProov validation token is then obtained and sent in a request to the\niProov REST API together with the facial scan. If the validation response is successful, the user is enrolled\nand the action completes.\n\n![iProov Scan Button](./docs/iproov-scan-button.jpg)\n\nIf the response from the initial request for an enrollment token indicates that the user is already enrolled\nthe plugin will automatically obtain a verification token. After that the steps are the same as for enrollment,\nthe user scans their face, and the verification token is sent to iProov together with the scan result. With a\nsuccessful verification response the plugin provides a set of subject attributes than can for example be used as\nclaim values when issuing a token.\n\n![iProov Scan](./docs/iproov-scan.jpg)\n\n\u003e **Camera Permission**\n\u003e\n\u003e The user might need to grant the browser the permission to use the system camera before scanning for the\n\u003e first time.\n\n### Attributes\n\nThe subject attributes returned with a successful verification:\n\n| Attribute          | Description                                                          |\n|--------------------|----------------------------------------------------------------------|\n| `feedback`         | A fixed feedback code for making logical decisions (see table below) |\n| `reason`           | An English description of the reason for the event                   |\n| `type`             | The type of authentication (enrol or verify)                         |\n| `passed`           | Indicates if the enrollment r verification succeeded                 |\n| `token`            | The token used to validate or verify a user                          |\n| `is_native_bridge` | Boolean value if event originates from the native bridge             |\n| `assurance_type`   | Genuine Presence Assurance or Liveness Assurance                     |\n\n#### Feedback\n\n| Feedback            | Reason                                                |\n|---------------------|-------------------------------------------------------|\n| `user_timeout`      | The user started the claim but did not stream in time |\n| `too_bright`        | Ambient light too strong or screen brightness too low |\n| `too_dark`          | Your environment appears too dark                     |\n| `too_much_movement` | Please keep still                                     |\n| `misaligned_face`   | Keep your face in the oval                            |\n| `eyes_closed`       | Keep your eyes open                                   |\n| `face_too_far`      | Move your face closer to the screen                   |\n| `face_too_close`    | Move your face farther from the screen                |\n| `sunglasses`        | Remove sunglasses                                     |\n| `obscured_face`     | Remove any face coverings                             |\n| `not_supported`     | This device is not supported                          |\n\n## Configuration\n\nAn iProov Portal account is needed in order to use the iProov Web SDK and call the iProov REST API. This will\nallow the creation of the `iProov API Key` and `iProov API Secret`.\n\nIn addition to that, access is needed to the private iProov NPM registry. The process for obtaining access\nis outlined in the [iProov Web SDK documentation](https://github.com/iProov/web#npm-package).\n\nConfiguration | Description \n--- | --- \n`iProov API Key` | The iProov API Key that can be obtained from iProov \n`iProov API Secret` | The iProov API Secret that can be obtained from iProov\n`iProov Base URL` | The iProov Base URL. The default value is `/api/v2`. \n`iProov Tenant` | The iProov Tenant to use. The default value is `us.rp.secure.iproov.me`.\n`Http Client` | An Http Client\n\n![iProov Action Configuration](./docs/configure-iproov-action.jpg)\n\n## Building the Plugin\n\nYou can build the plugin by issuing the command ``./gradlew buildPlugin``. This will create a `build/iProov` folder with:\n- the plugin JAR bundled with all the required frontend dependencies,\n- all the required dependency JARs\n\n## Installing the Plugin\n\nTo install the plugin, copy the `build/iProov` dir into `${IDSVR_HOME}/usr/share/plugins/iproov` on each node, including the admin node.\n\nIf you're deploying using Docker, make sure that the `build/iProov` is copied or mounted to `/opt/idsvr/usr/share/plugins/iproov`.\n\nFor more information about installing plugins, refer to the [curity.io/plugins](https://support.curity.io/docs/latest/developer-guide/plugins/index.html#plugin-installation).\n\n## Installation Script\n\nIf you're running a local instance of the Curity Identity Server, you can use the `install-local.sh` script to build and install the plugin. Open the script to configure the installation location of the Curity Identity Server before executing.\n\n## License\n\nThis plugin and its associated documentation is listed under the [Apache 2 license](https://github.com/curityio/microblink-scan-id/blob/main/LICENSE).\n\n## More Information\n\nPlease visit [curity.io](https://curity.io/) for more information about the Curity Identity Server.\n\nCopyright (C) 2023 Curity AB.","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcurityio%2Fiproov-action","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fcurityio%2Fiproov-action","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcurityio%2Fiproov-action/lists"}