• 1. Description

    1.1 FaceCloud Overview

    FaceSec's Facial Recognition Cloud Management Platform (titled "FaceCloud") is an open platform, allowing third parties/ISV to develop software and applications that can interact with it. Utilizing CMP's development API, third-party applications can easily utilize CMP's modules to accomplish tasks (such as editing personnel profiles, setting of new rules and data retrieval) and allow FaceSec's facial recognition devices and user applications to communicate with each other and better fulfill users' needs.

    1.2 API Functionality Overview

    The API enables developers to tap into the CMP's functionality to create new applications or integrate withi existing systems. For example, these functions can be developed through the API:

     

    2. API Revision History

    New versions of interfaces are backwards compatible. If changes are made, please refer to the following revision log.

    Update 2.6
    Updated InterfaceUpdate TypeUpdate Description
    5.1.1. Retrieve tenant detailsEditChanged request URL to: /bbox-service/api/admin/tenant
    5.2.1. Retrieve personnel listAdditionAdded fingerprint parameters
    5.2.3. Add new personnelEditPersonDTO hiredate type is changed from Date to Long and features are added (use this attribute when avatars is empty). When adding personnel without including an organization ID, ordinary users will be randomly assigned an organization and special users will be placed under the root organization. When adding personnel, the person's photo features will not be extracted when the feature field contains a value.
    5.2.4. Update personnelEditWhen updating personnel, the type of organization before and after the update must be the same. When updating personnel, if the parameter is null, it will not update. When the parameter is "", it will update as empty. When updating personnel, image features will not be extracted when the feature has value.
    5.3.2. Add organizationEditAdded new organization type attribute. This attribute is not required when updating the organization.
    6.2. Message formatEditUpdated type parameter
    Update 2.5
    Updated InterfaceUpdate TypeUpdate Description
    3.1. Accessing public cloud deploymentEditModified the deployment process for accessing the public cloud
    5.2.2. Add ruleEditAdded passMode type parameter
    5.10.1 Retrieve individual device's administratorAdditionAdded an interface to get an individual device's administrator
    5.10.2 Update device administratorAdditionAdded an interface to Update device administrator
    5.10.3. Retrieve device administrator listAdditionAdded an interface to get a list of device administrators
    5.10.4. Save device administratorAdditionAdded an interface to save device administrator
    5.10.5 Delete device administratorAdditionAdded an interface to delete device administrator
    5.10.6. Bind device administratorAdditionAdded an interface for binding device administrators
    5.10.6. Unbind device administratorAdditionAdded an interface for unbinding device administrators
    6.2. Message formatEditNew type parameter
    Update 2.3
    Updated InterfaceUpdate TypeUpdate Description
    5.2.5. Add personnel pictures and informationAdditionAdded new interface for adding personnel pictures and information
    5.3.4. Retrieve organization detailsAdditionAdded an interface for obtaining organization details
    5.3.5. Query list of sub-organizations based on the parent organization id, with paginationAdditionAdded an interface to query the list of sub-organizations based on the parent organization ID, with pagination
    5.2.2. Get personnel information based on IDEditAdded response body vftPwdFlag field
    5.2.3. Add new personnelEditAdded imageSourceType field
    5.2.4. Update personnelEditAdded imageSourceType field
    5.7.2. Batch image uploadEditModified and added new request parameters
    6.2. Message formatEditModify and add new type parameter
    Update 2.2.1
    Updated InterfaceUpdate TypeUpdate Description
    5.2.1. Retrieve personnel listEditThe ruleId field in PersonVo response body is deprecated
    5.2.2. Get personnel information based on idEditThe ruleId field in PersonVo response body is deprecated
    5.5.14. Add device to ruleEditSupport binding organization group's rules to the add devices interface
    5.5.15. Remove device from ruleEditSupport binding organization rules to delete devices
    Update 2.2
    Updated InterfaceUpdate TypeUpdate Description
    5.5.10. Add rules and bind personnelAdditionAdded an interface for adding of rules and binding of personnel
    5.5.11. Update rule and bind personnelAdditionAdded an interface to modify rules and bind personnel
    5.5.12. Add personnel to rulesAdditionAdded an interface to add personnel to rules
    5.5.13. Delete personnel from rulesAdditionAdded an interface for deleting personnel from rules
    5.5.14. Add device to ruleAdditionAdded an interface to bind device to rule
    5.5.15. Remove device from ruleAdditionAdded an interface to unbind device from rule
    5.8. Facial Recognition Management InterfaceEditModified the paths and return values of all facial recognition interfaces
    5.9. Device Group Management InterfaceAdditionAdded an interface for device group management
    Update 2.1
    Updated InterfaceUpdate TypeUpdate Description
    5.3 Organization Management InterfaceAdditionAdded an interface for organization management
    5.4. Device Management Interface>AdditionAdded an interface for device management
    5.5.1. Retrieve rule listUpdateAdded parameters deviceSns, deviceVisible, saasVisible, deviceUpdateTime
    5.5.2. Add ruleUpdateAdd deviceSns, deviceVisible, saasVisible fields to Rule
    5.7.1. Single image upload (deprecated)Remove2.1 Deprecated the single photo upload interface
    5.7.2. Batch image uploadAdditionAdded an interface to upload frontal photos, to replace the single photo upload inteface
    5.8. Facial Recognition Management InterfaceAdditionAdded an interface for facial recognition

    3. API Access Procedure

    The developer should first confirm whether the connected CMP is the FaceSec public cloud platform or on another private deployment platform. If it is connected to the FaceSec public cloud platform, refer to 3.1. Accessing public cloud deployment. For private cloud deployment, refer to 3.2 Accessing private cloud deployment. After deployment, developers will be asked to choose a docking method. FaceSec provides two docking methods: client credential license, which can directly call the REST interface, and authorization code license that can integrate applications into the platform.

    3.1. Accessing public cloud deployment

    Access to the public cloud for CMP deployment requires a tenant account. Please contact sales and apply for an account, using the following template:

    After the application is completed, use the tenant account to log in to https://cloud.facesec.com (FaceSec public CMP). To create an application authorization call interface, please refer to 3.2 Accessing private cloud deployment

    3.2 Accessing private cloud deployment

    To access the private cloud for CMP deployment, you will need to apply for an application ID (subsequently referred to as app_id). Please use the super-administrator account to log in to the CMP and click "Create Application ID" under (Application Management > Application Authorization), as shown:

    FieldDescription
    App IDApply for application authorization to obtain this token
    Application nameApplication name
    Place on desktop"Yes" means it will be displayed on the desktop page of the CMP, "No" means it will not be displayed on the desktop page of the CMP
    3rd party application addressHome page address of third-party platform application
    Secure_keyUsed to encrypt with app_id to obtain token
    Push_keyUsed to verify the authenticity of push messages. If you need to receive the identification records, you will need to fill in the push address and push event type after generation, otherwise it will not be generated. Note: Public cloud test accounts should avoid generating, to avoid errors where the push address is unavailable.
    Push addressAddresses for receiving identification record messages
    Push event typeMessage type

     

    Push event types
    TypeDescription
    ACCESS_RECORD_ADDAdded identification records
    PERSON_ADDPersonnel added
    PERSON_UPDATEPersonnel updated
    PERSON_DELETEPersonnel deleted
    RULE_ADDRule added
    RULE_UPDATERule updated
    RULE_DELETERule deleted
    DEVICE_ACTIVEDevice reconnected
    DEVICE_INACTIVEDevice disconnected
    DEVICE_RECOVERYDevice restored to factory settings
    DEVICE_INFO_UPDATEDevice information update
    ORGANIZATION_ADDOrganization added
    ORGANIZATION_UPDATEOrganization updated
    ORGANIZATION_DELETEOrganization deleted

    image-20230615143416678

    The platform can generate randomized application ID, Secure_key and Push_key codes. Applications created in this way support both authorization code authorization and client credential authorization.

    3.3 Authorization Code License

    After authorization code license application is complete, it will be displayed on the CMP desktop. Entering the application will start the authorization process. The authorization process is as follows:

    img

    3.4 Client Credential Token

    A client credential token allows third-party applications to call the CMP interface through its REST interface. The call process flow is detailed below:

    (1)app_id and secure_key are used as credentials for each token acquisition.

    (2)A third-party application uses app_id and secure_key to request an access token from the CMP. The token has a validity period and will be checked for validity to ensure security. If expired, the token will need to be refreshed.

    (3) The CMP API can be accessed after the third-party application obtains the token.

    img

    Since the CMP hosts multiple tenants, the tenant ID will need to be included in interface calls. This type of authorization provides the greatest degree of freedom for third-party applications, and will require an authentication protocol.

    4. API Access Protocol Description

    The CMP uses the OAuth2 protocol standard for interface calls. The following is an example of the OAuth protocol call:

    4.1 Handshake Protocol Procedure

    To learn more about OAuth2.0, please visit https://oauth.net/2/.

    4.2 Obtain authorization token for interface access

    All methods using the authorization token must call this process to be authenticated.

    Interface nameRequest authorization interface
    Address template/oauth2/authorize
    Request methodGET
    Brief descriptionLocated in process A and B of Section 3.1. When an application needs to access user information, or needs to access the system API as a user, it needs to obtain user authorization through this interface
    Request examplehttps://api.kaioh.com/oauth2/authorize?app_id=test&response_type=code&redirect_uri=https%3A%2F%2Fwww.test.com%2Fcheck&state=abc

    Request parameter

    Parameter nameTypeRequiredMaximum lengthDescription
    app_idstringYes10The application ID assigned by the authorization server to the third party.
    response_typestringYesN/AOptional values are: token (return access token directly) and code (return authorization code), currently only code is supported.
    redirect_uristringNoN/Aurlencode is required. This parameter is optional only when the client has registered a redirect address in the authorization server in advance. When the address is not registered or multiple addresses are registered, this parameter must be passed.
    scopestringNoN/AFor application access, this parameter does not need to be passed in since access scope permissions will be assigned by the system.
    statestringNoN/AClient-defined parameters, the authorization server will pass to the redirection address of the client as-is

    Response

    StatusCause
    Success ResponseWhen the authorization process is successful (normally through interacting with the user center, requiring users to log in and clicking the Authorize button, etc.), the authorization server will redirect to the client's redirect_uri and acquire the token or code (license key). Currently, the system does not support token (implicit license) type, due to potential security issues (Needing to splice in the url, which is not secure. Only consider this method if and only if the code (license authorization code) is not available), will redirect users to https://www.test.com/check?code=afgewfsdfgwefdfg&state=abc
    Error responseWill redirect the user to https://www.test.com/check?error={errorCode}&error_description=app_id&state=abcThe value of errorCode may be:
    invalid_request:Required request parameter is missing, or it contains an invalid parameter value, a repeated parameter, or a bad format.
    unauthorized_client:Required request parameter is missing, or it contains an invalid parameter value, a repeated parameter, or a bad format.
    acess_denied:The resource owner or authorization server rejected the request.
    unsupported_response_type:The authorization server does not support using this method to obtain an authorization code.
    invalid_scope:The scope is invalid, unknown or incorrectly formatted.
    server_error:The authorization server encountered an unexpected exception that prevented it from performing the request. (This error code is necessary because the 500 internal server error HTTP status code cannot be returned to the client by HTTP redirection)
    temporarily_unavailable: The authorization server is currently unable to process the request due to temporary overload or server maintenance. (This error code is necessary because the 503 service unavailable HTTP status code cannot be returned to the client by HTTP redirection).

    4.3 Obtain token for interface access

    Interface nameObtain token for interface access
    Address template/oauth2/token
    Request methodPOST
    Brief descriptionThe handshake procedure between the endpoint and the client. The endpoint needs to verify the identity of the client, which the client needs to provide credentials for. Currently HTTP Basic authentication is used (reliant on HTTPS to provide transfer security, and the OAuth2 protocol required Basic authentication to be supported). When making requests using client credentials, headers should include the Basic authentication header. For example: Authorization Basic base64 (app_id: secure_key) (code style request headers only need to transfer this), Content-Type: application/x-www-form-urlencoded Additional parameters, such as grant_type, app_id and tenant_id, should be written in the Body, formatted as x-www-form-urlencoded
    Request parameterParameter nameTypeRequiredMaximum lengthDescriptiongrant_typestringYesN/ACan be set as authorization_code (Authorization code), client_credentials (Client credentials), password (User password), refresh_token (Refresh token). Currently supported methods are authorization_code, client_credentials, refresh_token.app_idstringYesN/AWhen grant_type is authorization_code, client_credentials, refresh_token, this parameter must be passed.codestringNo32When grant_type is authorization_code, this parameter must be passed.redirect_uristringNoN/AThe redirect address. When grant_type is authorization_code, this parameter must be passed. The same parameters must be used to request the authorization initiation.scopestringNoN/AFor the accessing applications, the access scope permissions will be assigned by the system, and this parameter does not need to be passed inusernamestringNo50When grant_type is password, this parameter must be passedpasswordstringNo32When grant_type is password, this parameter must be passedrefresh_tokenstringNoN/AWhen grant_type is refresh_token, this parameter must be passedtenant_idstringNoN/AWhen grant_type is client_credentials, this parameter must be passed
    Request examplePOST https://api.kaioh.com/oauth2/token?grant_type=authorization_code&code=xxx-xxx-xxx&app_id=10001&redirect_uri=https://www.test.com/check
    ResponseCauseSuccess ResponseParameter nameTypeDescriptionaccess_tokenstringAccess tokentoken_typestringToken type. Currently only bearer type is supportedrefresh_tokenstringWhen the refresh token permission is granted, the refresh token will be issued together with the access_token.expires_innumberThe token validity period, in seconds. It will expire after expires_in, defined in seconds.Example:{ "access_token":"eyJ0b2tlblR5cGUiOiJiZWFyZXIi....", "token_type":"bearer", "refresh_token": "e57b6316-d0af-4f10-928b-32b41bb79fc0", "expires_in":1799 }Error responseError codeError descriptioninvalid_requestMissing required parameters or contains unsupported parameter values (except for the license type), or duplicate parameters, or contains multiple credentials, or uses more than one client authentication mechanism, or invalid format.invalid_clientClient authentication failed (e.g. unknown client, client authentication is not included, or an authentication method that is not supported). The authorization server can return an HTTP 401 (Unauthorized) status code to indicate the supported HTTP authentication scheme. If the client tries to use "Authorization" request header or attempts to start authentication, the authorization server must respond with HTTP 401 (Unauthorized) status code. The reply will also containing the authentication scheme used by the client matches the WWW-Authenticate response header field.invalid_grantThe credentials (such as authorization code, resource owner credentials) or refresh token provided is invalid, expired, revoked, does not match the redirect URI used in the authorization request, or is issued to another client.unauthorized_clientThe client attempting authentication is not authorized to use this authentication method.unsupported_grant_typeThe credential type is not supported by the authentication server.invalid_scopeThe request scope is invalid or unknown or incorrectly formatted, or outside the scope permitted by the resource owner.Example:HTTP1.1 /token 400 { "error":"invalid_client", "error_description":"authorization fail" }

    Request parameter

    Parameter nameTypeRequiredMaximum lengthDescription
    grant_typestringYesN/ACan be set as authorization_code (Authorization code), client_credentials (Client credentials), password (User password), refresh_token (Refresh token). Currently supported methods are authorization_code, client_credentials, refresh_token.
    app_idstringYesN/AWhen grant_type is authorization_code, client_credentials, refresh_token, this parameter must be passed.
    codestringNo32When grant_type is authorization_code, this parameter must be passed.
    redirect_uristringNoN/AThe redirect address. When grant_type is authorization_code, this parameter must be passed. The same parameters must be used to request the authorization initiation.
    scopestringNoN/AFor the accessing applications, the access scope permissions will be assigned by the system, and this parameter does not need to be passed in
    usernamestringNo50When grant_type is password, this parameter must be passed
    passwordstringNo32When grant_type is password, this parameter must be passed
    refresh_tokenstringNoN/AWhen grant_type is refresh_token, this parameter must be passed
    tenant_idstringNoN/AWhen grant_type is client_credentials, this parameter must be passed

    Response

    Success Response

    Parameter nameTypeDescription
    access_tokenstringAccess token
    token_typestringToken type. Currently only bearer type is supported
    refresh_tokenstringWhen the refresh token permission is granted, the refresh token will be issued together with the access_token.
    expires_innumberThe token validity period, in seconds. It will expire after expires_in, defined in seconds.

    Example:

    Error response

    Error codeError description
    invalid_requestMissing required parameters or contains unsupported parameter values (except for the license type), or duplicate parameters, or contains multiple credentials, or uses more than one client authentication mechanism, or invalid format.
    invalid_clientClient authentication failed (e.g. unknown client, client authentication is not included, or an authentication method that is not supported). The authorization server can return an HTTP 401 (Unauthorized) status code to indicate the supported HTTP authentication scheme. If the client tries to use "Authorization" request header or attempts to start authentication, the authorization server must respond with HTTP 401 (Unauthorized) status code. The reply will also containing the authentication scheme used by the client matches the WWW-Authenticate response header field.
    invalid_grantThe credentials (such as authorization code, resource owner credentials) or refresh token provided is invalid, expired, revoked, does not match the redirect URI used in the authorization request, or is issued to another client.
    unauthorized_clientThe client attempting authentication is not authorized to use this authentication method.
    unsupported_grant_typeThe credential type is not supported by the authentication server.
    invalid_scopeThe request scope is invalid or unknown or incorrectly formatted, or outside the scope permitted by the resource owner.

    Example:

    4.4 Access API interface description

    The application needs to add the following parameters in the header:

    HTTP header nameHTTP header valueDescription
    AuthorizationBearer {access_token}Retrieved through 4.3 Obtain token for interface access
    TenantId0001Tenant ID (Required when using typed authorization)

    When accesstoken verification fails, the server responds with a HTTP 401 (Unauthorized) status code. TenantId represents the ID of the tenant. The TenantId can be retrieved from the User Information tab on the upper right corner of the desktop, after logging into the CMP.

    5. API Interface Description

    5.1. Tenant interface

    Used to retrieve some tenant details

    5.1.1. Retrieve tenant details

    Retrieve tenant details

    Summary
    Request Example
    Request parameters
    FieldParameter positionTypeDefault valueRequiredStructureDescription
    Response
    NameTypeStructureDescription
    200ref<CommonResponse«Tenant»>OK
    Response body: CommonResponse«Tenant»

    Generic response object

    FieldTypeRequiredStructureDescription
    codeintYes Request response code
    entityrefNo<Tenant>Included objects
    messagestringYes Response message
    pathstringNo Request path
    statusintYes Status code
    timestamplongYes Request timestamp
    Response body: Tenant

    Tenant object

    FieldTypeRequiredStructureDescription
    businessTypeintNo Business type
    contactstringNo Tenant contact
    contactPhonestringNo Tenant contact no.
    countryCodeintNo Area code
    emailstringNo Tenant contact email
    idlongNo Tenant ID
    loginNamestringNo Superuser login account
    namestringNo Tenant name
    Example response

    5.2. Personnel Management Interface

    Management of personnel details, which can be sent to devices

    5.2.1. Retrieve personnel list

    Retrieve personnel list

    Summary
    Request Example
    Request parameters
    FieldParameter positionTypeDefault valueRequiredStructureDescription
    namequerystring false Personnel name
    noquerystring false Personnel no.
    organizationIdqueryinteger false Organization ID
    pagequeryinteger false Page number. If blank, defaults to retrieving data from the first page
    sizequeryinteger false Page items. If blank, defaults to listing 10 items per page
    sortquerystring false Sorting rules (e.g. ?sort=version,updateTime,asc&sort=name,desc)
    Response
    NameTypeStructureDescription
    200ref<CommonResponse«Page«PersonVo»»>OK
    Response body: CommonResponse«Page«PersonVo»»

    Generic response object

    FieldTypeRequiredStructureDescription
    codeintYes Request response code
    entityrefNo<Page«PersonVo»>Included objects
    messagestringYes Response message
    pathstringNo Request path
    statusintYes Status code
    timestamplongYes Request timestamp
    Response body: Page«PersonVo»
    FieldTypeRequiredStructureDescription
    contentarrayNo<PersonVo>Content
    firstbooleanYes Is first page
    lastbooleanYes Is last page
    numberintYes Current page
    numberOfElementsintYes  
    sizeintYes Number of items on each page
    sortundefinedNo Sort
    totalElementslongYes Total items
    totalPagesintYes Total pages
    Response body: PersonVo

    PersonnelVo entity

    FieldTypeRequiredStructureDescription
    appIdstringNo Application ID
    avatarsobjectNo Image
    createTimeintNo Creation time
    groupIdstringNo Parameter ID
    hiredatestringNo Hire date
    icNumberstringNo IC card no.
    idstringNo id
    idCardstringNo Identity card no.
    mailstringNo Email
    namestringNo Name
    nostringNo No.
    operatorIdlongNo Administrator ID
    operatorNamestringNo Administrator
    organizationstringNo Organization name
    organizationIdintNo Organization ID
    fingerprintbooleanNo Are fingerprints stored
    phonestringNo Mobile
    positionstringNo Position
    remarkstringNo Remarks
    sexstringNo Gender: MALE, FEMALE
    syncStatusstringNo Synchronization status DATA_DEFAULT Default. No synchronization needed DATA_NOT_SYNC Not synchronized DATA_ALREADY_SYNC Already synchronized
    syncVersionlongNo Synchronization version
    tenantIdlongNo Tenant ID
    typestringNo Type
    updateTimeintNo Update time
    variableobjectNo Optional field
    wgNumberstringNo Wiegand No.
    Example response

    5.2.2. Retrieve personnel details via ID

    Retrieve personnel via ID

    Summary
    Request Example
    Request parameters
    FieldParameter positionTypeDefault valueRequiredStructureDescription
    idpathstring true id
    Response
    NameTypeStructureDescription
    200ref<CommonResponse«Person»>OK
    Response body: CommonResponse«Person»

    Generic response object

    FieldTypeRequiredStructureDescription
    codeintYes Request response code
    entityrefNo<Person>Included objects
    messagestringYes Response message
    pathstringNo Request path
    statusintYes Status code
    timestamplongYes Request timestamp
    Response body: Person

    Personnel entity

    FieldTypeRequiredStructureDescription
    appIdstringNo Application ID
    avatarsobjectNo Image
    createTimeintNo Creation time
    groupIdstringNo Feature library
    hiredatestringNo Hire date
    icNumberstringNo IC card no.
    idstringNo id
    idCardstringNo Identity card no.
    mailstringNo Email
    namestringYes Name
    nostringYes No.
    vftPwdFlagbooleanYes Is verification password present (true if present, false if absent)
    openIdstringNo Open ID
    operatorIdlongNo Operator ID
    operatorNamestringNo Operator
    organizationIdintNo Organization ID
    passwordstringNo Password
    verificationPasswordstringNo Verification password
    phonestringNo Mobile
    positionstringNo Position
    remarkstringNo Remarks
    sexstringNo Gender: MALE, FEMALE
    syncStatusstringNo Synchronization status DATA_DEFAULT Default. No synchronization needed DATA_NOT_SYNC Not synchronized DATA_ALREADY_SYNC Already synchronized
    syncVersionlongNo Synchronization version
    tenantIdlongNo Tenant ID
    typestringNo Personnel type
    updateTimeintNo Update time
    variableobjectNo Addition field
    wgNumberstringNo Wiegand No.
    Example response

    5.2.3. Add new personnel

    Add new personnel

    Summary
    Request Example
    Request parameters
    FieldParameter positionTypeDefault valueRequiredStructureDescription
    PersonDTObodyref true<PersonDTO>PersonDTO
    Request body: PersonDTO

    Personnel request body

    FieldTypeRequiredStructureDescription
    avatarsobjectNo Image
    namestringYes Name (Length between 1-64 characters, special characters not allowed.)
    nostringYes No. (Length between 1-20 characters. Limited to numbers, letters, underscores and dashes. Must be unique.)
    featurerefNo<Feature>Map<String,List>,Key value range:VISIBLE_LIGHT, NEAR_INFRARED
    groupIdstringNo Feature library
    hiredatelongNo Hire date, formatted as YYYY-MM-DD. Response body is timestamp, or request body with timestamp.
    icNumberstringNo IC card no. (Length between 0-32 characters, special characters not allowed.)
    idCardstringNo Identity card no. (Length between 0-32 characters, special characters not allowed.)
    imageSourceTypeDEFAULTNo Image source DEFAULT (Default) THIRD_PARTY (Third-party address)
    mailstringNo Email (Length between 4-64 characters, special characters not allowed.)
    organizationIdintNo Organization ID
    passwordstringNo Password (Length between 6-20 characters, special characters not allowed.)
    fingerprintbooleanNo Are fingerprints stored
    verificationPasswordstringNo Verification password (Length between 6-20 characters, special characters not allowed.)
    phonestringNo Phone (Length between 4-64 characters, special characters not allowed.)
    positionstringNo Position (Length between 0-64 characters, special characters not allowed.)
    remarkstringNo Remarks (Length between 0-256 characters)
    sexstringNo Gender: MALE, FEMALE
    variableobjectNo Additional field (Length between 0-32 characters, up to 10 can be created.)
    wgNumberstringNo Wiegand No. (Length between 0-32 characters, special characters not allowed.)
    Request body: Feature

    undefined

    FieldTypeRequiredStructureDescription
    imageURLstringNo Image address
    versionstringYes Algorithm version
    base64VectorsstringYes Feature value (base64 format)
    Response
    NameTypeStructureDescription
    200ref<CommonResponse«Person»>OK
    Example response

    5.2.4. Update personnel

    Update personnel via ID

    Summary
    Request Example
    Request parameters
    FieldParameter positionTypeDefault valueRequiredStructureDescription
    idpathstring true Personnel ID
    PersonDTObodyref true<PersonDTO>PersonDTO
    Response
    NameTypeStructureDescription
    200string OK

    5.2.5. Add personnel image and details

    Add personnel image and details

    Summary
    Request Example
    Request parameters
    FieldParameter positionTypeDefault valueRequiredStructureDescription
    clearLevelquerynumber false Assessed clarity level (0-100). Above 70 is considered blurred, otherwise, considered clear.
    fileformDatanumber true Image
    groupIdquerystring false Feature library
    hiredatequerystring false Hire date
    icNumberquerystring false IC card no.
    idCardquerystring false Identity card no.
    imagePixelquerystring false Image resolution THREE_TWO (3232 px, cannot be lower than 32px) ONE_TWO_EIGHT (128128 px, cannot be lower than 128px) THREE_TWO_ZERO (320*320 px, cannot be lower than 320px)
    mailquerystring false Email
    namequerystring true Name
    noquerystring true No.
    organizationIdqueryinteger false Organization ID
    passwordquerystring false Password
    verificationPasswordquerystring false Verification password
    phonequerystring false Mobile
    positionquerystring false Position
    qualityAnglequeryboolean false Whether to turn on the angle symbol
    qualityDetectqueryboolean false Whether to turn on image evaluation. If activated, the four variables (qualityAngle, clearLevel, visLevel, imagePixel) must be filled in.
    remarkquerystring false Remarks
    sexquerystring false Gender
    visLevelquerynumber false Occlusion (0-100). Values above 80 indicate subject is blocked. Otherwise, considered visible.
    wgNumberquerystring false Wiegand No.
    Response
    NameTypeStructureDescription
    200ref<CommonResponse«Person»>OK
    Example response

    5.2.6. Delete personnel

    Batch delete personnel via ID

    Summary
    Request Example
    Request parameters
    FieldParameter positionTypeDefault valueRequiredStructureDescription
    idsbodyarray true[String]Personnel ID set
    Response
    NameTypeStructureDescription
    200string OK

    5.3.Organization Management Interface

    Organizations are used as a collection of personnel, to help simplify bulk operations

    5.3.1. Organization Structure

    Retrieve organization structure (in tree structure)

    Summary
    Request Example
    Request parameters
    FieldParameter positionTypeDefault valueRequiredStructureDescription
    Response
    NameTypeStructureDescription
    200ref<ResponseEntity«OrgVo»>OK
    Response body: ResponseEntity«OrgVo»
    FieldTypeRequiredStructureDescription
    statusstringYes Status code
    codeintYes Request response code
    entityarrayNo<OrgVo>Response entity details
    timestamplongYes Timestamp
    Response body: OrgVo

    Organization

    FieldTypeRequiredStructureDescription
    idintNo id
    namestringYes Organization name
    parentIdintYes Parent organization ID
    remarkstringNo Remarks
    orgTypestringNo Organization type
    disabledbooleanNo Active
    createTimeintNo Creation time
    updateTimeintNo Update time
    childNodesarrayNo<OrgVo>Suborganizations
    Example response

    5.3.2. Add organization

    Add organization

    Summary
    Request Example
    Request parameters
    FieldParameter positionTypeDefault valueRequiredStructureDescription
    orgDTObodyref true<OrgDTO>orgVo
    Request body: OrgDTO

    Organization

    FieldTypeRequiredStructureDescription
    namestringYes Organization name. (Length between 1-20 characters, special characters not allowed, must be unique.)
    parentIdintYes Parent organization ID
    Response
    NameTypeStructureDescription
    200ref<CommonResponse«Organization»>OK
    Response body: CommonResponse«Organization»

    Generic response body

    FieldTypeRequiredStructureDescription
    codeintYes Response status code (Defined internally)
    entityrefNo<Organization>Response entity details
    messagestringNo Error message
    pathstringNo Request path
    statusintYes Response status code
    timestamplongYes Timestamp
    Response body: Organization

    Organization

    FieldTypeRequiredStructureDescription
    createTimeintNo Creation time
    idintNo id
    namestringYes Organization name
    operatorIdlongNo Operator ID
    orgTypestringNo Organization type SAAS SaaS organization OTHER Other organizations Default is SaaS organization
    parentIdintYes Parent organization ID
    tenantIdlongNo Tenant ID
    updateTimeintNo Update time
    Example response

    5.3.3. Update Organization

    Update organization via ID

    Summary
    Request Example
    Request parameters
    FieldParameter positionTypeDefault valueRequiredStructureDescription
    orgIdpathstring true Organization ID to be updated
    orgDTObodyref true<OrgDTO>orgDTO
    Response
    NameTypeStructureDescription
    200string OK

    5.3.4. Retrieve organization details

    Retrieve organization details

    Summary
    Request Example
    Request parameters
    FieldParameter positionTypeDefault valueRequiredStructureDescription
    orgIdpathinteger true orgId
    Response
    NameTypeStructureDescription
    200ref<CommonResponse«Organization»>OK
    Example response

    5.3.5. Search suborganizations via parent organization ID with pagination

    Search suborganizations via parent organization ID with pagination

    Summary
    Request Example
    Request parameters
    FieldParameter positionTypeDefault valueRequiredStructureDescription
    orgIdqueryinteger true Organization ID
    pagequeryinteger false Pagination, First page defaults to 0
    sizequeryinteger false Number of pages
    sortqueryinteger false Sorting rule
    Response
    NameTypeStructureDescription
    200ref<CommonResponse«Organization»>OK
    Example response

    5.3.6. Delete organization

    Delete organization via ID and transfer its contents to a new group

    Summary
    Request Example
    Request parameters
    FieldParameter positionTypeDefault valueRequiredStructureDescription
    orgIdpathinteger true orgId
    targetOrgIdqueryinteger false targetOrgId, required when type is DEL_MOVE, refers to the organization the current organization's contents will be transferred to upon deletion
    typequerystring true type: DEL_DIRECT: immediate deletion; DEL_MOVE: delete and move its contents to organization referenced by targetOrgId
    Response
    NameTypeStructureDescription
    200string OK

    5.4.Device Management Interface

    Management of endpoint devices with access control, identification & other functionality

    5.4.1. Retrieve device list

    Retrieve device list

    Summary
    Request Example
    Request parameters
    FieldParameter positionTypeDefault valueRequiredStructureDescription
    deviceAdminNamequerystring false Device administrator name
    groupIdqueryinteger false Device group ID
    namequerystring false Device name
    pagequeryinteger false Page number. If blank, defaults to retrieving data from the first page
    sizequeryinteger false Page items. If blank, defaults to listing 10 items per page
    snquerystring false Device serial no.
    sortquerystring false Sorting order (e.g. ?sort=updateTime,desc)
    statusquerystring false Device status (String type) Device disconnected DEVICE_OFF_LINE Device normal DEVICE_RECOVERY
    typequerystring false Device type: Standing terminal DEVICE_ONE_SINGLE_SCREEN Wall-mounted terminal DEVICE_ONE_ACCESS_CONTROL Turnstile DEVICE_ONE_GATE_MACHINE Desktop terminal DEVICE_ONE_DESKTOP_MACHINE Standing terminal DEVICE_TYPE_SINGLE_SCREEN Wall-mounted terminal DEVICE_TYPE_ACCESS_CONTROL Turnstile DEVICE_TYPE_GATE_MACHINE Desktop terminal DEVICE_TYPE_DESKTOP_MACHINE Camera TYPE_DYNAMIC_CAMERA Kiosk TYPE_SELF_SERVICE_TERMINAL Digital signage TYPE_DIGITAL_SIGNAGE
    Response
    NameTypeStructureDescription
    200ref<CommonResponse«Page«DeviceVo»»>OK
    Response body: CommonResponse«Page«DeviceVo»»

    Generic response body

    FieldTypeRequiredStructureDescription
    codeintYes Response status code (Defined internally)
    entityrefNo<Page«DeviceVo»>Response entity details
    messagestringNo Error message
    pathstringNo Request path
    statusintYes Response status code
    timestamplongYes Timestamp
    Response body: Page«DeviceVo»
    FieldTypeRequiredStructureDescription
    contentarrayNo<DeviceVo>Content
    firstbooleanYes Is first page
    lastbooleanYes Is last page
    numberintYes Current page
    numberOfElementsintYes Current page
    sizeintYes Number of items on each page
    sortundefinedNo Sort
    totalElementslongYes Total items
    totalPagesintYes Total pages
    Response body: DeviceVo

    DeviceDTO

    FieldTypeRequiredStructureDescription
    adminIdintNo  
    adminNamestringNo Device administrator
    groupIdintNo  
    groupNamestringNo Device group
    idintNo  
    namestringNo Device name
    snstringNo Device serial no.
    statusstringNo Device status (String type) Device disconnected DEVICE_OFF_LINE Device normal DEVICE_RECOVERY
    typestringNo Device type: Standing terminal DEVICE_ONE_SINGLE_SCREEN Wall-mounted terminal DEVICE_ONE_ACCESS_CONTROL Turnstile DEVICE_ONE_GATE_MACHINE Desktop terminal DEVICE_ONE_DESKTOP_MACHINE Standing terminal DEVICE_TYPE_SINGLE_SCREEN Wall-mounted terminal DEVICE_TYPE_ACCESS_CONTROL Turnstile DEVICE_TYPE_GATE_MACHINE Desktop terminal DEVICE_TYPE_DESKTOP_MACHINE Camera TYPE_DYNAMIC_CAMERA Kiosk TYPE_SELF_SERVICE_TERMINAL Digital signage TYPE_DIGITAL_SIGNAGE
    updateTimeintNo Update time
    versionstringNo Device software version no.
    Example response

    5.4.2. Retrieve device details

    Retrieve device details via ID

    Summary
    Request Example
    Request parameters
    FieldParameter positionTypeDefault valueRequiredStructureDescription
    idpathinteger true id
    Response
    NameTypeStructureDescription
    200ref<CommonResponse«DeviceVo»>OK
    Response body: CommonResponse«DeviceVo»

    Generic response body

    FieldTypeRequiredStructureDescription
    codeintYes Response status code (Defined internally)
    entityrefNo<DeviceVo>Response entity details
    messagestringNo Error message
    pathstringNo Request path
    statusintYes Response status code
    timestamplongYes Timestamp
    Example response

    5.4.3. Door unlock request

    Request the device to perform a temporary unlock of its associated door

    Summary
    Request Example
    Request parameters
    FieldParameter positionTypeDefault valueRequiredStructureDescription
    snpathstring true sn
    Response
    NameTypeStructureDescription
    200ref<CommonResponse>OK

    5.4.4. Device reboot

    Device reboot

    Summary
    Request Example
    Request parameters
    FieldParameter positionTypeDefault valueRequiredStructureDescription
    snSetbodyarray true snSet
    Response
    NameTypeStructureDescription
    200ref<CommonResponse>OK

    5.5.Rule Management Inteface

    Rules refer to conditions which control which specified personnel will have access rights (or will be refused access) at a specified device within a specified timeframe

    5.5.1. Retrieve rule list

    Retrieve rule list, adding deviceSns, deviceVisible, saasVisible and deviceUpdateTime fields to the rules

    Summary
    Request Example
    Request parameters
    FieldParameter positionTypeDefault valueRequiredStructureDescription
    deviceVisiblequeryinteger false Device visibility 0: hidden; 1: visible
    saasVisiblequeryinteger false SaaS visibility 0: hidden; 1: visible
    namequerystring false Name
    typequeryinteger false Rule type 0: Personnel rule; 1: Organization rule
    pagequeryinteger false Page number. If blank, defaults to retrieving data from the first page
    sizequeryinteger false Page items. If blank, defaults to listing 10 items per page
    sortquerystring false Sorting rule. name, desc will return results in reverse alphabetical order, not in reverse chronological order using updateTime
    Response
    NameTypeStructureDescription
    200ref<CommonResponse«Page«Rule»»>OK
    Response body: CommonResponse«Page«Rule»»

    Generic response object

    FieldTypeRequiredStructureDescription
    codeintYes Request response code
    entityrefNo<Page«Rule»>Included objects
    messagestringNo Response message
    pathstringNo Request path
    statusintYes Status code
    timestamplongYes Request timestamp
    Response body: Page«Rule»

    Rule object

    FieldTypeRequiredStructureDescription
    contentarrayNo<Rule>Content
    firstbooleanYes Is first page
    lastbooleanYes Is last page
    numberintYes Current page
    numberOfElementsintYes Current page
    sizeintYes Number of items on each page
    sortundefinedNo Sort
    totalElementslongYes Total items
    totalPagesintYes Total pages
    Response body: Rule

    Rule object

    FieldTypeRequiredStructureDescription
    createBystringNo Creator
    createTimeintNo Creation time
    descriptionstringNo Description (Length between 0-64 characters, special characters not allowed.)Special characters
    deviceCountintNo Number of synchronized devices
    namestringYes Name (Length between 1-64 characters, special characters not allowed, must be unique
    organizationIdsarrayNointOrganization ID set When type is set as 0, select between personIds and organizationIds When type is set as 1, this field is required
    passModestringYes Access method FACE Facial scan FACE_AND_ID Facial scan + Identity card FACE_AND_PASSPORT Facial scan + Passport FACE_AND_GUARD Facial scan + Access card FACE_AND_IC Facial scan + IC card QCODE QR Code SCANNING_GUN Scanning device FACE_AND_PASSWORD Facial scan + Password
    personCountintNo App user count
    personIdsarrayNointPersonnel ID set Required when type is set as 0
    statusstringNo Rule status: Normal: NORMAL Completed: FINISH
    tenantIdlongNo Tenant ID
    timeRulearrayYes<TimeRule>Rule timeframe timeRule[0].action ALLOW (allow access), DENY (deny access) timeRule[0].type CYCLE (long-term), TIMING (custom) timeRule[0].dayType EVERYDAY (daily), CUSTOM (custom) timeRule[0].customDays When dayType is set to CUSTOM, parameters are days from Monday to Sunday. Example parameter: Calendar.SUNDAY timeRule[0].dayRange Date range (in years, months, days). When type is set as TIMING, this value is the date time period timeRule[0].timeRange Time range (in hours, minutes, seconds)
    typebyteYes Type 0: Personnel rule (default) 1: Organization rule
    updateTimeintNo Update time
    validTillstringNo Valid until
    Response body: TimeRule

    Rule timeframe object

    FieldTypeRequiredStructureDescription
    actionstringYes Access method: ALLOW (allow access) DENY (deny access)
    customDaysarrayYesintSelected days between Monday to Sunday 1: Sunday, 2: Monday, 3: Tuesday, 4: Wednesday, 5: Thursday, 6: Friday, 7: Saturday
    dayRangerefYes<Range«Day»>Date range (in year, month, day)
    dayTypestringYes EVERYDAY (daily), CUSTOM (custom)
    timeRangerefYes<Range«Time»>Time period (in hours, minutes, seconds)
    titlestringYes Name (Length between 1-20 characters, special characters not allowed, duplicates are not allowed within the same rule.)
    typestringYes CYCLE (long-term), TIMING (custom)
    Response body: Range«Day»
    FieldTypeRequiredStructureDescription
    endrefNo<Day> 
    startrefNo<Day> 
    Response body: Day
    FieldTypeRequiredStructureDescription
    dayintYes  
    mmintYes  
    yearintYes  
    Response body: Range«Time»
    FieldTypeRequiredStructureDescription
    endrefNo<Time> 
    startrefNo<Time> 
    Response body: Time
    FieldTypeRequiredStructureDescription
    hourintYes  
    minuteintYes  
    secondintYes  
    Example response

    5.5.2. Add new rule

    Add rules, add deviceSns, deviceVisible and saasVisible fields

    Summary
    Request Example
    Request parameters
    FieldParameter positionTypeDefault valueRequiredStructureDescription
    rulebodyref true<RuleDTO>rule
    Request body: RuleDTO

    Rule

    FieldTypeRequiredStructureDescription
    descriptionstringNo Description
    deviceSnsarrayNostringDevice group serial no. to send rule to
    deviceVisibleintNo On-device visibility 0: Hidden (default) 1: Visible
    namestringYes Name
    organizationIdsarrayNointegerOrganization ID set Required when type is 1
    passModestringYes Access method FACE Facial scan FACE_AND_ID Facial scan + Identity card FACE_AND_PASSPORT Facial scan + Passport FACE_AND_GUARD Facial scan + Access card FACE_AND_IC Facial scan + IC card QCODE QR Code SCANNING_GUN Scanning device FACE_AND_PASSWORD Facial scan + Password
    personIdsarrayNostringPersonnel ID set Required when type is 0
    saasVisibleintNo Visible to SaaS 0: Hidden (default) 1: Visible
    timeRulearrayYes<TimeRule>Rule timeframe timeRule[0].action ALLOW (allow access), DENY (deny access) timeRule[0].type CYCLE (long-term), TIMING (custom) timeRule[0].dayType EVERYDAY (daily), CUSTOM (custom) timeRule[0].customDays When dayType is set to CUSTOM, parameters are days from Monday to Sunday. Example parameter: Calendar.SUNDAY timeRule[0].dayRange Date range (in years, months, days). When type is set as TIMING, this value is the date time period timeRule[0].timeRange Time range (in hours, minutes, seconds)
    typeintYes Type 0: Personnel rule; 1: Organization rule
    Response
    NameTypeStructureDescription
    200ref<CommonResponse«Rule»>OK
    Response body: CommonResponse«Rule»

    Generic response body

    FieldTypeRequiredStructureDescription
    codeintYes Response status code (Defined internally)
    entityrefNo<Rule>Response entity details
    messagestringNo Error message
    pathstringNo Request path
    statusintYes Response status code
    timestamplongYes Timestamp
    Example response

    5.5.3. Get rule details from ID

    Get rule details from ID

    Summary
    Request Example
    Request parameters
    FieldParameter positionTypeDefault valueRequiredStructureDescription
    ruleIdpathinteger true Rule ID
    Response
    NameTypeStructureDescription
    200ref<CommonResponse«Rule»>OK
    Example response

    5.5.4. Update rule

    Update rule

    Summary
    Request Example
    Request parameters
    FieldParameter positionTypeDefault valueRequiredStructureDescription
    rulebodyref true<RuleDTO>rule
    ruleIdpathinteger true Rule ID
    Response
    NameTypeStructureDescription
    200string OK

    5.5.5. Delete rule

    Delete rule

    Summary
    Request Example
    Request parameters
    FieldParameter positionTypeDefault valueRequiredStructureDescription
    ruleIdpathinteger true Rule ID
    Response
    NameTypeStructureDescription
    200string OK

    5.5.6. Retrieve details of personnel under a rule

    Retrieve details of personnel under a rule/div>

    Summary
    Request Example
    Request parameters
    FieldParameter positionTypeDefault valueRequiredStructureDescription
    namequerystring false Name
    numberquerystring false No.
    organizationIdqueryinteger false Organization ID
    ruleIdqueryinteger true Rule ID
    pagequeryinteger false Page number. If blank, defaults to retrieving data from the first page
    sizequeryinteger false Page items. If blank, defaults to listing 10 items per page
    sortquerystring false Sorting rule. name, desc will return results in reverse alphabetical order, not in reverse chronological order using updateTime
    Response
    NameTypeStructureDescription
    200ref<CommonResponse«Page«PersonVo»»>OK
    Example response

    5.5.7. Bind device to rule

    Bind device to rule

    Summary
    Request Example
    Request parameters
    FieldParameter positionTypeDefault valueRequiredStructureDescription
    deviceSnsbodystring true Device serial no. group
    ruleIdpathinteger true Rule ID
    Response
    NameTypeStructureDescription
    200string OK

    5.5.8. Unbind device from rule

    Unbind device from rule

    Summary
    Request Example
    Request parameters
    FieldParameter positionTypeDefault valueRequiredStructureDescription
    deviceSnpathstring true Device serial no.
    ruleIdpathinteger true Rule ID
    Response
    NameTypeStructureDescription
    200string OK

    5.5.9. Retrieve details of devices under a rule

    Retrieve details of devices under a rule

    Summary
    Request Example
    Request parameters
    FieldParameter positionTypeDefault valueRequiredStructureDescription
    deviceGroupIdquerystring false Device group ID
    deviceNamequerystring false Device name
    deviceSnquerystring false Device serial no.
    deviceTypequerystring false Device type Standing terminal: DEVICE_ONE_SINGLE_SCREEN Wall-mounted terminal: DEVICE_ONE_ACCESS_CONTROL Turnstile: DEVICE_ONE_GATE_MACHINE Desktop terminal: DEVICE_ONE_DESKTOP_MACHINE
    ruleIdpathinteger true Rule ID
    pagequeryinteger false Page number. If blank, defaults to retrieving data from the first page
    sizequeryinteger false Page items. If blank, defaults to listing 10 items per page
    sortquerystring false Sorting rule. name, desc will return results in reverse alphabetical order, not in reverse chronological order using updateTime
    statusquerystring false Device status (String type) Device disconnected DEVICE_OFF_LINE Device normal DEVICE_RECOVERY
    Response
    NameTypeStructureDescription
    200ref<CommonResponse«Page«Device»»>OK
    Response body: CommonResponse«Page«Device»»

    Generic response body

    FieldTypeRequiredStructureDescription
    codeintYes Response status code (Defined internally)
    entityrefNo<Page«Device»>Response entity details
    messagestringNo Error message
    pathstringNo Request path
    statusintYes Response status code
    timestamplongYes Timestamp
    Response body: Page«Device»
    FieldTypeRequiredStructureDescription
    contentarrayNo<Device>Content
    firstbooleanYes Is first page
    lastbooleanYes Is last page
    numberintYes Current page
    numberOfElementsintYes Current page
    sizeintYes Number of items on each page
    sortundefinedNo Sort
    totalElementslongYes Total items
    totalPagesintYes Total pages
    Response body: Device

    Device type

    FieldTypeRequiredStructureDescription
    createTimeintNo Creation time
    groupIdintNo Device group ID
    groupNamestringNo Device group
    idintNo id
    namestringNo Device name
    operatorIdlongNo Operator ID
    operatorNamestringNo Operator
    snstringNo Device serial no.
    statusstringNo Device status (String type) Device disconnected DEVICE_OFF_LINE Device normal DEVICE_RECOVERY
    tenantIdlongNo Tenant ID
    typestringNo Device type: Standing terminal DEVICE_ONE_SINGLE_SCREEN
    Wall-mounted terminal DEVICE_ONE_ACCESS_CONTROL
    Turnstile DEVICE_ONE_GATE_MACHINE
    Desktop terminal DEVICE_ONE_DESKTOP_MACHINE
    Standing terminal DEVICE_TYPE_SINGLE_SCREEN
    Wall-mounted terminal DEVICE_TYPE_ACCESS_CONTROL
    Turnstile DEVICE_TYPE_GATE_MACHINE
    Desktop terminal DEVICE_TYPE_DESKTOP_MACHINE
    Camera TYPE_DYNAMIC_CAMERA
    Kiosk TYPE_SELF_SERVICE_TERMINAL
    Digital signage TYPE_DIGITAL_SIGNAGE
    updateTimeintNo Update time
    versionstringNo Version no.
    Example response

    5.5.10. Add rules and bind personnel

    Simplified rule binding interface

    Summary
    Request Example
    Request parameters
    FieldParameter positionTypeDefault valueRequiredStructureDescription
    simpleRuleDTObodyref true<SimpleRuleDTO>simpleRuleDTO
    Request body: SimpleRuleDTO

    Simplified rule object

    FieldTypeRequiredStructureDescription
    descriptionstringNo Description (Length between 0-64 characters, special characters not allowed.)
    deviceSnsarrayNostringDevice group serial no. to send rule to
    deviceVisibleintNo On-device visibility 0: Hidden (default) 1: Visible
    endDatelongYes End Date
    namestringYes Name (Length between 1-64 characters, special characters not allowed, must be unique)
    passModestringYes Access method FACE Facial scan FACE_AND_ID Facial scan + Identity card FACE_AND_PASSPORT Facial scan + Passport FACE_AND_GUARD Facial scan + Access card FACE_AND_IC Facial scan + IC card QCODE QR Code SCANNING_GUN Scanning device FACE_AND_PASSWORD Facial scan + Password
    personInforefNo<PersonDTO>Personnel details Required when adding rule, not required if updating rule
    saasVisibleintNo Visible to SaaS 0: Hidden (default) 1: Visible
    startDatelongYes Start date
    Response
    NameTypeStructureDescription
    200ref<CommonResponse«Rule»>OK
    Example response

    5.5.11. Update rule and bind personnel

    Simplified rule interface

    Summary
    Request Example
    Request parameters
    FieldParameter positionTypeDefault valueRequiredStructureDescription
    ruleIdpathinteger true Rule ID
    simpleRuleDTObodyref true<SimpleRuleDTO>simpleRuleDTO
    Response
    NameTypeStructureDescription
    200ref<CommonResponse«Rule»>OK
    Example response

    5.5.12. Add personnel to rule

    Simplified rule interface

    Summary
    Request Example
    Request parameters
    FieldParameter positionTypeDefault valueRequiredStructureDescription
    personIdsbodyarray true personIds
    ruleIdpathinteger true Rule ID
    Response
    NameTypeStructureDescription
    200string OK

    5.5.13. Remove personnel from rule

    Simplified rule interface

    Summary
    Request Example
    Request parameters
    FieldParameter positionTypeDefault valueRequiredStructureDescription
    personIdsbodyarray true personIds
    ruleIdpathinteger true Rule ID
    Response
    NameTypeStructureDescription
    200string OK

    5.5.14. Add device to rule

    Simplified rule interface

    Summary
    Request Example
    Request parameters
    FieldParameter positionTypeDefault valueRequiredStructureDescription
    deviceSnsbodyarray true deviceSns
    ruleIdpathinteger true Rule ID
    Response
    NameTypeStructureDescription
    200string OK

    5.5.15. Remove device from rule

    Simplified rule interface

    Summary
    Request Example
    Request parameters
    FieldParameter positionTypeDefault valueRequiredStructureDescription
    deviceSnsbodyarray true deviceSns
    ruleIdpathinteger true Rule ID
    Response
    NameTypeStructureDescription
    200string OK

    5.6. Identification Record Interface

    Retrieve Identification Records from devices. Use to trace personnel access and gather statistics on recognition process.

    5.6.1. Retrieve identification records list

    Obtain Identification Records list

    Summary
    Request Example
    Request parameters
    FieldParameter positionTypeDefault valueRequiredStructureDescription
    deviceGroupIdqueryinteger false Device group ID
    endTimequerylong false End Date
    namequerystring false Name
    organizationIdqueryinteger false Organization ID
    pagequeryinteger false Page number. If blank, defaults to retrieving data from the first page
    sizequeryinteger false Page items. If blank, defaults to listing 10 items per page
    personNoquerystring false Personnel no.
    regexNamequeryboolean false Whether regex-based search is used in name search
    regexPersonNoqueryboolean false Whether regex-based search is used in personnel no. search
    resultTypequerystring false Access result: TERMINAL_VALIDATION_PASS, TERMINAL_VALIDATION_FAILURE
    ruleIdqueryinteger false Rule ID
    snquerystring false Device serial no.
    sortquerystring false Sorting rules (e.g. ?sort=version,updateTime,asc&sort=name,desc)
    startTimequerylong false Start date
    Response
    NameTypeStructureDescription
    200ref<CommonResponse«Page«AccessRecordInfo»»>OK
    Response body: CommonResponse«Page«AccessRecordInfo»»

    Generic response object

    FieldTypeRequiredStructureDescription
    codeintYes Request response code
    entityrefNo<Page«AccessRecordInfo»>Included objects
    messagestringYes Response message
    pathstringNo Request path
    statusintYes Status code
    timestamplongYes Request timestamp
    Response body: Page«AccessRecordInfo»
    FieldTypeRequiredStructureDescription
    contentarrayNo<AccessRecordInfo>Content
    firstbooleanYes Is first page
    lastbooleanYes Is last page
    numberintYes Current page
    numberOfElementsintYes Current page
    sizeintYes Number of items on each page
    sortundefinedNo Sort
    totalElementslongYes Total items
    totalPagesintYes Total pages
    Response body: AccessRecordInfo

    Identification record details

    FieldTypeRequiredStructureDescription
    avatarsobjectNo Image address
    createTimelongNo Creation time
    deviceInforefYes<DeviceInfo>Device details
    idstringYes Identification record ID
    idNumberstringNo Card no.
    identifyCardrefNo<IdentifyCard>Document no.
    identifyInfoobjectNo Access document no.
    namestringYes Personnel name
    nirScorestringNo Near-infrared score
    passModestringYes Access method
    FACE Facial scan
    FACE_AND_ID Facial scan + Identity card
    FACE_AND_PASSPORT Facial scan + Passport
    FACE_AND_GUARD Facial scan + Access card
    FACE_AND_IC Facial scan + IC card QCODE QR Code
    SCANNING_GUN Scanning device
    FACE_AND_PASSWORD Facial scan + Password
    personInforefYes<PersonInfo>Personnel details
    qrCodestringNo QR Code
    rejectReasonstringNo Rejection cause:
    FACIAL_COMPARISON_NOT_PASS Facial scan does not match
    BLACKLIST_EXCEEDS_REFUSE Blacklist access denied
    PERSONNAL_RULE_VALIDATION_FAILURE Personnel rule
    FINGERPRINT_VALIDATION_FAILURE Fingerprint validation failed
    INVALID_VALIDATION Not validated (No valid card)
    resultTypestringYes Access result: TERMINAL_VALIDATION_PASS, TERMINAL_VALIDATION_FAILURE
    scorestringNo Visible light score
    syncTimelongYes Access time
    tenantIdlongYes Tenant ID
    typestringNo Access type: IN_TYPE Entry, OUT_TYPE Exit
    Response body: DeviceInfo

    Device details

    FieldTypeRequiredStructureDescription
    areaIdintNo Area ID
    areaNamestringNo Area name
    directionbyteNo Device direction
    groupIdintNo Device group ID
    namestringNo Device name
    snstringNo Device serial no.
    Response body: IdentifyCard

    ID details

    FieldTypeRequiredStructureDescription
    addressstringNo Address
    birthPlacestringNo Place of birth
    birthdaystringNo Birthday
    countryCodestringNo Country code
    idCardstringNo ID no.
    imageUrlstringNo ID image
    issuePlacestringNo Place of issue
    namestringNo Name
    nationstringNo Nationality
    sexstringNo Gender: MALE, FEMALE
    signBeginstringNo Date of issue
    signEndstringNo Expiry date
    signOrgstringNo Issuing authority
    Response body: PersonInfo

    Personnel details

    FieldTypeRequiredStructureDescription
    ageintNo Age
    appIdstringNo Application ID
    avatarsobjectNo Image
    groupIdstringNo Feature library
    groupNamestringNo Feature library name
    icNumberstringNo IC card no.
    idstringNo id
    idCardstringNo Identity card no.
    namestringYes Name
    nostringYes No.
    organizationIdintNo Organization ID
    phonestringNo Mobile
    ruleIdstringNo Rule ID
    ruleNamestringNo Rule name
    sexstringNo Gender: MALE, FEMALE
    tenantIdlongNo Tenant ID
    typestringNo FREQUENTER, VISITOR
    variableobjectNo Dynamic variable
    wgNumberstringNo Wiegand no.
    Example response

    5.6.2. Retrieve identification record details

    Retrieve identification records via ID

    Summary
    Request Example
    Request parameters
    FieldParameter positionTypeDefault valueRequiredStructureDescription
    idpathstring true id
    Response
    NameTypeStructureDescription
    200ref<CommonResponse«AccessRecordInfo»>OK
    Response body: CommonResponse«AccessRecordInfo»

    Generic response object

    FieldTypeRequiredStructureDescription
    codeintYes Request response code
    entityrefNo<AccessRecordInfo>Included objects
    messagestringYes Response message
    pathstringNo Request path
    statusintYes Status code
    timestamplongYes Request timestamp
    Example response

    5.7. Image Upload Interface

    Upload Controller

    5.7.1. Single image upload (Deprecated)

    This interface is deprecated since update 2.1, please use Batch image upload

    Summary
    Request Example
    Request parameters
    FieldParameter positionTypeDefault valueRequiredStructureDescription
    fileformDatafile false file
    Response
    NameTypeStructureDescription
    200ref<CommonResponse«string»>OK
    Example response

    5.7.2. Batch image upload

    Upload a photo and return cropped photo details

    Summary
    Request Example
    Request parameters
    FieldParameter positionTypeDefault valueRequiredStructureDescription
    clearLevelformDatanumber false Assessed clarity level (0-100). Above 70 is considered blurred, otherwise, considered clear.
    imagePixelformDatastring false Image resolution
    THREE_TWO (3232 px, cannot be lower than 32px)
    ONE_TWO_EIGHT (128
    128 px, cannot be lower than 128px
    THREE_TWO_ZERO (320*320 px, cannot be lower than 320px)
    qualityAngleformDataboolean false Whether to turn on the angle symbol
    qualityDetectformDataboolean false Whether to turn on image evaluation. If activated, the four variables (qualityAngle, clearLevel, visLevel, imagePixel) must be filled in.
    visLevelformDatanumber false Occlusion (0-100). Values above 80 means that subject is blocked
    Response
    NameTypeStructureDescription
    200ref<CommonResponse«List«MultipartFileResp»»>OK
    Response body: CommonResponse«List«MultipartFileResp»»

    Generic response body

    FieldTypeRequiredStructureDescription
    codeintYes Response status code (Defined internally)
    entityarrayNo<MultipartFileResp>Response entity details
    messagestringNo Error message
    pathstringNo Request path
    statusintYes Response status code
    timestamplongYes Timestamp
    Response body: MultipartFileResp

    File upload response body

    FieldTypeRequiredStructureDescription
    fileNamestringYes Original file name
    flagbooleanYes Upload success flag
    messagestringNo Response message
    urlstringNo File access location
    Example response

    5.8. Facial Recognition Management Interface

    Uses facial recognition algorithms to perform face detection and analysis, based on image analysis and comparison operations

    5.8.1. Single face analysis

    Supports analysis of multiple images containing individual faces. The default maximum number of images that can be handled concurrrently is 20. If there are more than 20 concurrent requests, the system will notify that the handles cannot be retrieved and the processing will fail. Based on the number of custom handles, private deployment processes can manage the concurrent requests. The recommended number of handles is the number of CPUs available.

    Summary
    Request parameters
    FieldParameter positionTypeDefault valueRequiredStructureDescription
    faceImagesformDataarray true Image information
    pitchqueryinteger false Algorithm-reserved field. Optional setting
    bppqueryinteger false Image information. Color image: 24; gray-scale image: 8. Optional setting
    maxCountqueryinteger false Maximum number of people that can be recognized. Optional setting
    Response
    NameTypeStructureDescription
    200ref<CommonResponse«List«FaceResponse»»>OK
    Response body: CommonResponse«List«FaceResponse»»

    Generic response body

    FieldTypeRequiredStructureDescription
    codeintYes Response status code (Defined internally)
    entityarrayNo<FaceResponse>Response entity details
    messagestringNo Error message
    pathstringNo Request path
    statusintYes Response status code
    timestamplongYes Timestamp
    Response body: FaceResponse

    Face information response entity

    FieldTypeRequiredStructureDescription
    errorstringNo Facial detection exception: Missing image border: NO_IMAGE_RECT
    Face not detected: NO_FACE
    Algorithm exception: ALGO_EXCEPTION
    facerefNo<Face>Facial information
    hasFacebooleanNo Whether face information can be detected
    messagestringNo Face detection information
    Response body: Face

    Facial information

    FieldTypeRequiredStructureDescription
    detectFaceCountintNo Face count
    detectResultrefNo<DetectResult>Face detection result
    featurestringNo  
    qualityResultrefNo<QualityResult>Face detection quality result
    Response body: DetectResult

    Face detection result

    FieldTypeRequiredStructureDescription
    confidencenumberNo Face detection confidence level
    heightintNo Face height
    pitchnumberNo Face pitch angle
    pointLeftEyerefNo<Point>Left eye coordinate point
    pointRightEyerefNo<Point>Right eye coordinate point
    rectFacerefNo<Rect>Face coordinate matrix
    rollnumberNo Image float
    signaturestringNo Facial signature
    widthintNo Face image width
    yawnumberNo Face yaw angle
    Response body: Point

    Coordinate information

    FieldTypeRequiredStructureDescription
    xlongNo X-coordinate
    ylongNo Y-coordinate
    Response body: Rect

    Face rectangle position

    FieldTypeRequiredStructureDescription
    bottomlongNo Rectangle bottom-right point Y-coordinate
    leftlongNo Rectangle top left point X-coordinate
    rightlongNo Rectangle bottom-right point X-coordinate
    toplongNo Rectangle top left point Y-coordinate
    Response body: QualityResult

    Face detection quality result

    FieldTypeRequiredStructureDescription
    anglearrayNointAngle information
    clearLevelnumberNo Face clarity level [0,100] Indicates the level of clarity of the image. If the value is greater than 70, the image is considered blur. Otherwise, the image is considered clear.
    glassLevelnumberNo Probability that the person is wearing glasses [0,100]; Indicates if a person is wearing glasses. If the value is greater than 75, the person is considered to be wearing glasses. Otherwise, the person is considered as not wearing glasses.
    visLevelnumberNo Degree of facial occlusion [0,100]; Indicates area of face that is blocked. If the value is greater than 80, the face is considered blocked. Otherwise, the face is not blocked.
    Example response

    5.8.2. Single-face detection details

    Supports analysis of multiple images containing individual faces. The default maximum number of images that can be handled concurrrently is 20. If there are more than 20 concurrent requests, the system will notify that the handles cannot be retrieved and the processing will fail. Based on the number of custom handles, private deployment processes can manage the concurrent requests. The recommended number of handles is the number of CPUs available.

    Summary
    Request parameters
    FieldParameter positionTypeDefault valueRequiredStructureDescription
    faceImagesformDataarray true Image information, supports multiple image uploads.
    pitchqueryinteger false Algorithm-reserved field. Optional setting
    bppqueryinteger false Image information. Color image: 24; gray-scale image: 8. Optional setting
    maxCountqueryinteger false Maximum number of people that can be recognized. Optional setting
    Response
    NameTypeStructureDescription
    200ref<CommonResponse«List«DetectResponse»»>OK
    Response body: CommonResponse«List«DetectResponse»»

    Generic response body

    FieldTypeRequiredStructureDescription
    codeintYes Response status code (Defined internally)
    entityarrayNo<DetectResponse>Response entity details
    messagestringNo Error message
    pathstringNo Request path
    statusintYes Response status code
    timestamplongYes Timestamp
    Response body: DetectResponse

    Face detection response object

    FieldTypeRequiredStructureDescription
    errorstringNo Facial detection exception: Missing image border: NO_IMAGE_RECT
    Face not detected: NO_FACE
    Algorithm exception: ALGO_EXCEPTION
    faceDetectrefNo<FaceDetect>Face detection information
    hasFacebooleanNo Whether face information can be detected
    messagestringNo Face detection information
    Response body: FaceDetect

    Facial information

    FieldTypeRequiredStructureDescription
    detectFaceCountintNo Face count
    detectResultrefNo<DetectResult>Face detection result
    Example response

    5.8.3. Single-face facial feature extraction

    Supports analysis of multiple images containing individual faces. The default maximum number of images that can be handled concurrrently is 20. If there are more than 20 concurrent requests, the system will notify that the handles cannot be retrieved and the processing will fail. Based on the number of custom handles, private deployment processes can manage the concurrent requests. The recommended number of handles is the number of CPUs available.

    Summary
    Request parameters
    FieldParameter positionTypeDefault valueRequiredStructureDescription
    faceImagesformDataarray true Image information
    pitchqueryinteger false Algorithm-reserved field. Optional setting
    bppqueryinteger false Image information. Color image: 24; gray-scale image: 8. Optional setting
    maxCountqueryinteger false Maximum number of people that can be recognized. Optional setting
    Response
    NameTypeStructureDescription
    200ref<CommonResponse«List«FeatureResponse»»>OK
    Response body: CommonResponse«List«FeatureResponse»»

    Generic response body

    FieldTypeRequiredStructureDescription
    codeintYes Response status code (Defined internally)
    entityarrayNo<FeatureResponse>Response entity details
    messagestringNo Error message
    pathstringNo Request path
    statusintYes Response status code
    timestamplongYes Timestamp
    Response body: FeatureResponse

    Feature extraction response body

    FieldTypeRequiredStructureDescription
    errorstringNo Facial detection exception: Missing image border: NO_IMAGE_RECT
    Face not detected: NO_FACE
    Algorithm exception: ALGO_EXCEPTION
    faceFeaturerefNo<FaceFeature>Facial feature information
    hasFacebooleanNo Whether face information can be detected
    messagestringNo Face detection information
    Response body: FaceFeature

    Facial feature information

    FieldTypeRequiredStructureDescription
    detectFaceCountintNo Face count
    detectResultrefNo<DetectResult>Face detection result
    featurestringNo Facial feature
    Example response

    5.8.4. Single-face quality inspection information

    Supports analysis of multiple images containing individual faces. The default maximum number of images that can be handled concurrrently is 20. If there are more than 20 concurrent requests, the system will notify that the handles cannot be retrieved and the processing will fail. Based on the number of custom handles, private deployment processes can manage the concurrent requests. The recommended number of handles is the number of CPUs available.

    Summary
    Request parameters
    FieldParameter positionTypeDefault valueRequiredStructureDescription
    faceImagesformDataarray true Image information
    pitchqueryinteger false Algorithm-reserved field. Optional setting
    bppqueryinteger false Image information. Color image: 24; gray-scale image: 8. Optional setting
    maxCountqueryinteger false Maximum number of people that can be recognized. Optional setting
    Response
    NameTypeStructureDescription
    200ref<CommonResponse«List«QualityResponse»»>OK
    Response body: CommonResponse«List«QualityResponse»»

    Generic response body

    FieldTypeRequiredStructureDescription
    codeintYes Response status code (Defined internally)
    entityarrayNo<QualityResponse>Response entity details
    messagestringNo Error message
    pathstringNo Request path
    statusintYes Response status code
    timestamplongYes Timestamp
    Response body: QualityResponse

    Single-face quality information entity

    FieldTypeRequiredStructureDescription
    errorstringNo Facial detection exception: Missing image border: NO_IMAGE_RECT
    Face not detected: NO_FACE
    Algorithm exception: ALGO_EXCEPTION
    faceQualityrefNo<FaceQuality>Face quality information entity
    hasFacebooleanNo Whether face information can be detected
    messagestringNo Face detection information
    Response body: FaceQuality

    Face detection quality

    FieldTypeRequiredStructureDescription
    detectFaceCountintNo Face count
    detectResultrefNo<DetectResult>Face detection result
    qualityResultrefNo<QualityResult>Face detection quality
    Example response

    5.8.5. Multi-face analysisj

    Supports analysis of multiple images containing multiple faces. The default maximum number of images that can be handled concurrrently is 20. If there are more than 20 concurrent requests, the system will notify that the handles cannot be retrieved and the processing will fail. Based on the number of custom handles, private deployment processes can manage the concurrent requests. The recommended number of handles is the number of CPUs available.

    Summary
    Request parameters
    FieldParameter positionTypeDefault valueRequiredStructureDescription
    faceImagesformDataarray true Image information
    pitchqueryinteger false Algorithm-reserved field. Optional setting
    bppqueryinteger false Image information. Color image: 24; gray-scale image: 8. Optional setting
    maxCountqueryinteger false Maximum number of people that can be recognized. Optional setting
    Response
    NameTypeStructureDescription
    200ref<CommonResponse«List«MultiFaceResponse»»>OK
    Response body: CommonResponse«List«MultiFaceResponse»»

    Generic response body

    FieldTypeRequiredStructureDescription
    codeintYes Response status code (Defined internally)
    entityarrayNo<MultiFaceResponse>Response entity details
    messagestringNo Error message
    pathstringNo Request path
    statusintYes Response status code
    timestamplongYes Timestamp
    Response body: MultiFaceResponse

    Multi-face response object

    FieldTypeRequiredStructureDescription
    errorstringNo Facial detection exception: Missing image border: NO_IMAGE_RECT
    Face not detected: NO_FACE
    Algorithm exception: ALGO_EXCEPTION
    hasFacebooleanNo Whether face information can be detected
    messagestringNo Face detection information
    multiFacerefNo<MultiFace>Muitple face information
    Response body: MultiFace

    Multi-face recognition parameters

    FieldTypeRequiredStructureDescription
    detectFaceCountintNo Face count
    detectResultListarrayNo<DetectResult>Multiple face detection quality result
    featureListarrayNointMultiple face image information
    qualityResultListarrayNo<QualityResult>Multiple face detection quality result
    Example response

    5.8.6. Multiple-face detection details

    Supports analysis of multiple images containing multiple faces. The default maximum number of images that can be handled concurrrently is 20. If there are more than 20 concurrent requests, the system will notify that the handles cannot be retrieved and the processing will fail. Based on the number of custom handles, private deployment processes can manage the concurrent requests. The recommended number of handles is the number of CPUs available.

    Summary
    Request parameters
    FieldParameter positionTypeDefault valueRequiredStructureDescription
    faceImagesformDataarray true Image information
    pitchqueryinteger false Algorithm-reserved field. Optional setting
    bppqueryinteger false Image information. Color image: 24; gray-scale image: 8. Optional setting
    maxCountqueryinteger false Maximum number of people that can be recognized. Optional setting
    Response
    NameTypeStructureDescription
    200ref<CommonResponse«List«MultiDetectResponse»»>OK
    Response body: CommonResponse«List«MultiDetectResponse»»

    Generic response body

    FieldTypeRequiredStructureDescription
    codeintYes Response status code (Defined internally)
    entityarrayNo<MultiDetectResponse>Response entity details
    messagestringNo Error message
    pathstringNo Request path
    statusintYes Response status code
    timestamplongYes Timestamp
    Response body: MultiDetectResponse

    Multi-face detection response object

    FieldTypeRequiredStructureDescription
    errorstringNo Multi-face detection exception type:
    Missing image border: NO_IMAGE_RECT
    Face not detected: NO_FACE
    Algorithm exception: ALGO_EXCEPTION
    hasFacebooleanNo Whether face information can be detected
    messagestringNo Face detection information
    multiFaceDetectrefNo<MultiFaceDetect>Multi-face detection information
    Response body: MultiFaceDetect

    Multi-face detection result

    FieldTypeRequiredStructureDescription
    detectFaceCountintNo Face count
    detectResultListarrayNo<DetectResult>Multiple face detection quality result
    Example response

    5.8.7. Multiple-face facial feature extraction

    Supports analysis of multiple images containing multiple faces. The default maximum number of images that can be handled concurrrently is 20. If there are more than 20 concurrent requests, the system will notify that the handles cannot be retrieved and the processing will fail. Based on the number of custom handles, private deployment processes can manage the concurrent requests. The recommended number of handles is the number of CPUs available.

    Summary
    Request parameters
    FieldParameter positionTypeDefault valueRequiredStructureDescription
    faceImagesformDataarray true Image information
    pitchqueryinteger false Algorithm-reserved field. Optional setting
    bppqueryinteger false Image information.
    Color image: 24; gray-scale image: 8. Optional setting
    maxCountqueryinteger false Maximum number of people that can be recognized. Optional setting
    Response
    NameTypeStructureDescription
    200ref<CommonResponse«List«MultiFeatureResponse»»>OK
    Response body: CommonResponse«List«MultiFeatureResponse»»

    Generic response body

    FieldTypeRequiredStructureDescription
    codeintYes Response status code (Defined internally)
    entityarrayNo<MultiFeatureResponse>Response entity details
    messagestringNo Error message
    pathstringNo Request path
    statusintYes Response status code
    timestamplongYes Timestamp
    Response body: MultiFeatureResponse

    Multiple-face feature extraction entity

    FieldTypeRequiredStructureDescription
    errorstringNo Facial detection exception:
    Missing image border: NO_IMAGE_RECT
    Face not detected: NO_FACE
    Algorithm exception: ALGO_EXCEPTION
    hasFacebooleanNo Whether face information can be detected
    messagestringNo Face detection information
    multiFaceFeaturerefNo<MultiFaceFeature>Multiple-face feature extraction information
    Response body: MultiFaceFeature

    Multiple-face feature extraction result

    FieldTypeRequiredStructureDescription
    detectFaceCountintNo Face count
    detectResultListarrayNo<DetectResult>Multiple face detection quality result
    featureListarrayNointMultiple-face feature extraction information
    Example response