I am using the liveness token api, /verification/v1/liveness/token,
our app will use this token to call the liveness SDK.
I want to know if different users and devices can use the same token?
Thank you for reaching out to us!
Kindly note that the Liveness Token Request API endpoint which generates the token(s) (https://api.refinitiv.com/verification/v1/liveness/token) cannot be shared across different users and devices. The token for this end point does expire as it uses the OAUTH 2.0 GrantType: "client_credentials" technology.
Furthermore, the Liveness Token Request API endpoint token is preceded by the Get Access Token API endpoint which offers you an intitial access_token. Thereafter you make use of the Liveness Token Request API endpoint which will offer you the said token, valid for 60 minutes. In between there is the Get Access Token using Refresh Token API endpoint which can be used to request a new token (refresh token) for Liveness Token Request. Both the Get Access Token and Get Access Token using Refresh Token are located in the directory Authentication of the rdp_postman_collection.
You can explore the possibility of sharing single access credentials amongst various devices who will then receive their own tokens. However, user discretion is advised here.
Please feel free to reach out if you have any further questions.
Thanks Virgill for your reply.
But I test the condition with different cellphones in our mobile app，both cellphones use the same liveness token to call the liveness SDK, and both cellphones take liveness photo successfully. So does this means it is ok to use the same liveness token for different cellphone?
Our mobile app get the liveness token from our service, and the service maintain only one valid liveness token all the time.
PS, we just use the facecapture, no other liveness features.
Thanks for solving my doubt.