YooniK Face Authentication
Fast and secure second-factor authentication using facial biometrics
YooniK simplifies all consumer interactions with secure and private face authentication on any device in industries as diverse as Retail, Banking & Payments, Travel & Hospitality, Healthcare, Self-Service & Delivery. Register once and access services anywhere, anytime by just using your face. Recently becoming top 3 in Europe and Americas for accuracy, YooniK introduced unprecedented privacy levels to the market, where face images are never stored.
By leveraging YooniK with Auth0 with this easy integration, we enable a fast and convenient second-factor authentication method using facial biometrics.
YooniK never stores images from the users.
Reduced risk. Increased conversion. Scalable.
Reduced identity fraud. Improved customer experience. Our face authentication solution scales to millions of users.
Top-tier proprietary recognition algorithm certified by NIST with 99.999% accuracy (TOP 3 EU/US).
YooniK provides a face authentication service (YooniK Face) that can work as a second-factor authentication method using facial biometrics. This allows for a more convenient way of logging in the users of your application.
Leveraging this service in combination with Auth0, the user is guided through the collection of a selfie image using the YooniK SDKs implemented in a custom application you manage.
This guide will cover how to enable the YooniK Rule in Auth0 and an example application for capturing a selfie from the user and perform authentication with it.
The Auth0 Rule will trigger once a user has authenticated using their credentials, another identity provider, or single sign-on. The Auth0 Rule will evaluate the context of the login and redirect the user to your YooniK Face application. Your YooniK Face application will capture a selfie of the user and send it to YooniK along with the user id from Auth0. YooniK will respond with the face authentication results.
Your YooniK Face application will then return to Auth0 to update the user's
app_metadata and the current ID Token with the status of the face authentication. Lastly, Auth0 will pass the modified ID token to your main application.
- An Auth0 account and tenant. Sign up for free here.
- A key for the YooniK Authentication API to send user authentication requests to YooniK. Request one here.
Setup in Partner Application
To configure the integration with YooniK Authentication API, follow the steps below.
- Create a custom application that implements the YooniK Face Capture SDK. The intent of this application is to capture a selfie image of the user and check with YooniK for Face Authentication. Please check our example Flask Web app here.
- Your YooniK Face application will need to be able to capture a selfie from the user and also to verify and decode the
session_tokensent from Auth0, retrieve the
subof the user from the
session_token, and use said
suband captured selfie to send an authentication request to YooniK. It will also need to send an updated
session_tokenback to Auth0 with the added claim/property of
statusalong with a query string parameter of
Add the Auth0 Rule
Please note: Clicking any of the 3 buttons on the Edit Rule screen will save and activate the Rule. When initially installed, the Rule will be skipped until the required configuration (explained below) is added.
- Click Add Integration at the top of this page
- Click Save Changes to activate this integration
For information on testing and debugging Rules, please see our documentation.
Add the Auth0 Rule Configuration
Please note: Once the required configuration below is added, all logins for your tenant will be processed by this Rule. Please make sure all components have been configured correctly and verified on a test tenant before activating the integration in production.
- Go to Rules (or Auth Pipeline > Rules) in the Auth0 dashboard.
- Check the tenant name on the top right of your screen (see warning in the next section)
- Scroll down to the Settings section.
- Add the following keys (more about Rules configuration here):
SESSION_TOKEN_SECRET: A random long string that is used to sign the session token sent to the custom app implementing YooniK Face Capture SDK. This value will also need to be used in the custom app in order to verify and re-sign the session token back to Auth0. Examples of how to generate a suitable string.
YOONIK_APP_URL: The URL of your custom application that implements the YooniK Face Capture SDK.
The YooniK Auth0 Rule has two functions:
- Initial redirect to a custom app implementing the YooniK Face Capture SDK to capture a selfie of the user and perform face authentication.
- Collect results from the custom app and add information to the
app_metadatafor the user and to the ID Token in the current context for the downstream application.
In case any issues arise please contact our support team.