---
icon: gear
label: Verification configurations
order: 700
expanded: false
---
This section describes the possible Verification configurations.
## Verifier configurations
### What is a Verifier?
A **Verifier** is a configurable, optional verification module that analyzes the camera subject and returns either:
- a pass/fail decision, and/or
- derived attributes (e.g.: estimated age, estimated gender)
Each verifier can be **independently enabled or disabled**.
### Generic Verifier Settings
These settings are applied for all enabled verifiers.
| Setting | What it does |
|---|---|
| **FailOnMultipleFacesDetected** | If `true` then the verification will fail if multiple faces are detected on the captured image.
If `false` then in case of multiple faces are detected the system always chooses the dominant face.
The default value is `false`|
### Supported Verifiers
| Verifier | What it does | Configuration | Output |
|---|---|---|---|
| **Liveness** | Confirms the subject in front of the camera is a live human (not a spoof). | **Type**: `Disabled` or `Verification`
**Challenge type**: `Balanced`, or `Advanced` (High Security). | **reLivenessResult**: `passed` or `failed` or `not_executed` |
| **Face Recognition** | Extracts a face embedding from the captured face image and depending on the configuration stores or compares it with the stored embeddings. | **Type**: `Disabled` or- `CalculationOnly`: Stores the embedding and returns the faceId.
- `DuplicateVerification`: Checks whether the embedding is already stored. If it isn’t, it stores it and returns the associated faceId. Fails only if the embedding is already stored.
- `UniqueMatchVerification`: Ensures the subject is uniquely represented by the provided external identifier (**reExternalId** is required). If the identifier is not present, the embedding is stored under that identifier.
- Fails if the embedding for the subject is different than the one already stored with the **reExternalId**.
- Fails if the embeddig for the subject is already stored under a different external identifier **reExternalId**
- `MatchVerification`: Verifies that the subject exists in the collection and that the matched identity corresponds to the provided external identifier (**reExternalId** is required). If the external identifier is not present, the embedding is stored under that identifier.
- Fails if the embedding for the subject is different than the one already stored with the **reExternalId**.
| **reFaceRecognitionResult**: `passed` or `failed` or `not_executed`
**reFaceId**: the unique identifier for the stored face embedding |
| **Age** | Estimates the subject’s age and (optionally) enforces an eligibility rule. | **Type**: `Disabled` or `CalculationOnly` or `ThresholdVerification` or `RangeVerification`
**AgeThresholdConfig**: must be set if the **Type** is `ThresholdVerification`:
**Threshold** (int), **Direction**: `Above` or `Below`
(Note: the comparison is inclusive)
**AgeRangeConfig**: must be set if the **Type** is `ThresholdVerification`:
**Minimum** (int), **Maximum** (int)
(Note: the comparison is inclusive)
Note: Age verification is designed for one face, if the image contains multiple faces it fails | **reAgeVerificationResult**: `passed` or `failed` or `not_executed`
**reAge**: the estimated age (int) |
| **Gender** | Estimates the subject’s gender. | **Type**: `Disabled` or `CalculationOnly` | **reGenderVerificationResult**: `passed` or `failed` or `not_executed`
**reGender**: the estimated gender (`male` or `female`). |
[!ref text="For more details about the settings, check out VerifEye Service API"](/rest-api/verifeye-service-api/)
[!ref text="For more details about the parameters, check out the Parameters page"](/redirect/parameters/)
!!!info
**Combining `UniqueMatchVerification` or `MatchVerification` with a returning-user flow?**
The first verification call automatically enrolls the face under the supplied `reExternalId`; subsequent calls with the same identifier perform a 1:1 match. See the [User lifecycle](/redirect/user-lifecycle/) guide for the recommended single-project pattern.
!!!
## Webhook configuration
This section configures server-side event notifications for completed verification sessions.
| Setting | What it does |
|---|---|
| **EventCallbackUrl** | URL on your server that receives an HTTP POST when a verification session completes. Leave empty to disable webhook delivery. |
When a session finishes, the service sends a `VerificationCompleted` event to the configured URL. Your server can then call the [Get Session Result](/rest-api/verifeye-service-api/#get-session-result) endpoint with the session ID from the event payload to retrieve the full results.
[!ref text="For more details about the webhook feature, check out the Webhook page"](/redirect/webhook/)
## Redirect configurations
This section controls where the user is navigated after the verification flow finishes.
- **PassedUrl**: The URL to navigate to when the verification **passes**.
- **FailedUrl**: The URL to navigate to when the verification **fails**.
## Result parameter configurations
This section specifies the set of result fields to include in the redirect by appending them to the final URL as query string parameters. Only the configured variables are added.
### Configurable parameters
| Parameter | Result parameter | Type | Description |
|---|---|---|---|
| `IncludeCustomInputParameters` | Every non-reserved parameters | `bool` | Appends custom (non-reserved) input parameters to the final redirect URL. |
| `IncludeSignature` | `reSignature` | `bool` | Appends the signature variable to the final redirect URL. **Defaults to `true`** so customers can verify the redirect URL hasn't been tampered with. |
| `IncludeSessionId` | `reVerificationSessionId` | `bool` | Appends the verification session ID to the final redirect URL. |
| `IncludeFaceId` | `reFaceId` | `bool` | Appends the face ID to the final redirect URL. |
| `IncludeAge` | `reAge` | `bool` | Appends the estimated age to the final redirect URL. |
| `IncludeGender` | `reGender` | `bool` | Appends the estimated gender to the final redirect URL. |
| `IncludeVerificationResult` | `reVerificationResult` | `bool` | Appends the overall verification result (passed/failed) to the final redirect URL. |
| `IncludeLivenessCheckResult` | `reLivenessResult` | `bool` | Appends the liveness check result to the final redirect URL. |
| `IncludeFaceRecognitionResult` | `reFaceRecognitionResult` | `bool` | Appends the face recognition result (passed/failed/not_executed) to the final redirect URL. |
| `IncludeAgeVerificationResult` | `reAgeVerificationResult` | `bool` | Appends the age verification result (passed/failed/not_executed) to the final redirect URL. |
| `IncludeGenderVerificationResult` | `reGenderVerificationResult` | `bool` | Appends the gender verification result (passed/failed/not_executed) to the final redirect URL. |
| `IncludeCorrelationId` | `reCorrelationId` | `bool` | Appends the correlation ID to the final redirect URL. |
| `IncludeTotalFaceCount` | `reTotalFaceCount` | `bool` | Appends the total number of detected faces to the final redirect URL. |
| `IncludeFailedReason` | `reFailedReason` | `bool` | Appends the failed reason to the final redirect URL. |
## Security configurations
This section groups security-related settings for the verification flow.
### Configurable security settings
| Parameter | Type | Description |
|---|---|---|
| `ForceSignedInput` | `bool` | When enabled, all input parameters must be signed. Requests with missing or invalid signatures are rejected. **Default: `true`.** |
!!!warning Strongly recommended
`ForceSignedInput` is **enabled by default** and should remain enabled in all production environments.
Without it, there is no guarantee that the verification URL has not been tampered with before the session starts.
Disabling it is acceptable for local development or testing, but do not deploy to production with it turned off.
For more details, see [Incoming signed verification URL](/redirect/security/#incoming-signed-verification-url-request-integrity).
!!!
## Session Override configurations
This section controls whether session-level (runtime) requests are allowed to override the selected verification level configuration blocks.
If a specific override is not allowed, any provided session value is ignored and the project-level configuration remains in effect.
| Parameter | Type | Description |
|---|---|---|
| `AllowVerifierOverrides` | `bool` | Allows overriding verifier settings at session/runtime level. |
| `AllowResultParameterOverrides` | `bool` | Allows overriding which result parameters are appended to the final redirect URL at session/runtime level. |
| `AllowRedirectOverrides` | `bool` | Allows overriding the redirect settings (`PassedUrl` / `FailedUrl`) at session/runtime level. |
### Verifier Overrides
If `AllowVerifierOverrides` is `true` then adding one or more of the following query string parameters to the input URL will override the verification level settings for the current session.
A common use of verifier overrides is the **return-visit authentication flow**, where Liveness / Age / Gender are disabled on subsequent sessions while Face Recognition continues to authenticate the user. See the [User lifecycle](/redirect/user-lifecycle/) guide for the full pattern.
| Key | Description |
|---|---|
| `reDisableLivenessVerifier` | If it sets to `true` then it disables the liveness verifier for the session. |
| `reDisableFaceRecognitionVerifier` | If it sets to `true` then it disables the face recognition verifier for the session. |
| `reDisableAgeVerifier` | If it sets to `true` then it disables the age verifier for the session. |
| `reDisableGenderVerifier` | If it sets to `true` then it disables the gender verifier for the session. |
### Result Parameter Overrides
If `AllowResultParameterOverrides` is `true` then adding one or more of the following query string parameters to the input URL will override the verification level settings for the current session.
| Key | Description |
|---|---|
| `reIncludeCustomInputParameters` | Includes all non-reserved (custom) input parameters in the final redirect URL for the session. |
| `reIncludeSignature` | Includes the signature result parameter in the final redirect URL for the session. |
| `reIncludeSessionId` | Includes the session ID result parameter in the final redirect URL for the session. |
| `reIncludeFaceId` | Includes the face ID result parameter in the final redirect URL for the session. |
| `reIncludeAge` | Includes the estimated age result parameter in the final redirect URL for the session. |
| `reIncludeGender` | Includes the estimated gender result parameter in the final redirect URL for the session. |
| `reIncludeVerificationResult` | Includes the overall verification result parameter in the final redirect URL for the session. |
| `reIncludeLivenessResult` | Includes the liveness check result parameter in the final redirect URL for the session. |
| `reIncludeFaceRecognitionResult` | Includes the face recognition result parameter in the final redirect URL for the session. |
| `reIncludeAgeVerificationResult` | Includes the age verification result parameter in the final redirect URL for the session. |
| `reIncludeGenderVerificationResult` | Includes the gender verification result parameter in the final redirect URL for the session. |
| `reIncludeCorrelationId` | Includes the correlation ID result parameter in the final redirect URL for the session. |
| `reIncludeTotalFaceCount` | Includes the total detected face count result parameter in the final redirect URL for the session. |
| `reIncludeFailedReason` | Includes the failed reason result parameter in the final redirect URL for the session. |
### Redirect Overrides
If `AllowRedirectOverrides` is `true` then adding one or more of the following query string parameters to the input URL will override the verification level settings for the current session.
| Key | Description |
|---|---|
| `rePassedUrl` | Overrides the redirect target URL used when verification passes for the session. |
| `reFailedUrl` | Overrides the redirect target URL used when verification fails for the session. |
---
*Last updated: 2026-03-31*