Skip to main content

Image Retrieval

Starting with v1.1.0, Kora IDV automatically persists verification images (document front, document back, selfie, liveness frames) to Google Cloud Storage. You can retrieve these images via the API for compliance reviews, audit trails, and admin dashboards.

How it works

  1. When a user completes a verification step (document upload, selfie, liveness), the image is asynchronously persisted to GCS
  2. The imagePersisted field on the verification object becomes true when all images are stored
  3. You can then list available images and retrieve time-limited signed URLs
note

Image persistence is automatic — you don't need to change your integration. The retrieval API is for accessing images after the fact (compliance reviews, support cases, audit).

List available images

Returns the image types available for a verification.

GET /api/v1/idv/verifications/{id}/images
curl https://api.korastratum.com/api/v1/idv/verifications/ver_abc123/images \
  -H "Authorization: Bearer $KORAIDV_API_KEY" \
  -H "X-Tenant-ID: $KORAIDV_TENANT_ID"

Response:

{
  "images": [
    {"type": "document_front", "available": true},
    {"type": "document_back", "available": true},
    {"type": "selfie", "available": true},
    {"type": "liveness_frame", "available": true}
  ]
}

Get a signed image URL

Returns a time-limited signed URL (valid for 15 minutes) for a specific image.

GET /api/v1/idv/verifications/{id}/images/{imageType}
curl https://api.korastratum.com/api/v1/idv/verifications/ver_abc123/images/document_front \
  -H "Authorization: Bearer $KORAIDV_API_KEY" \
  -H "X-Tenant-ID: $KORAIDV_TENANT_ID"

Response:

{
  "url": "https://storage.googleapis.com/koraidv-images/tenant-id/ver_abc123/document_front.jpg?X-Goog-Signature=...",
  "expiresIn": 900,
  "imageType": "document_front"
}

Valid image types

Image TypeDescription
document_frontFront of the identity document
document_backBack of the identity document (if uploaded)
selfieSelfie photo used for face matching
liveness_frameKey frame from the liveness session

Storage details

  • Storage path: {tenant_id}/{verification_id}/{type}.jpg
  • Signed URL validity: 15 minutes
  • Access control: Tenant-scoped — you can only access images for verifications belonging to your tenant
  • Retention: Images are retained per your compliance settings (configurable in dashboard)

Checking persistence status

Before requesting images, check that persistence is complete:

const verification = await fetch(
  `https://api.korastratum.com/api/v1/idv/verifications/${verificationId}`,
  { headers }
);

const data = await verification.json();

if (data.imagePersisted) {
  // Safe to retrieve images
  const images = await fetch(
    `https://api.korastratum.com/api/v1/idv/verifications/${verificationId}/images`,
    { headers }
  );
}
warning

Image persistence is asynchronous. The imagePersisted field may be false immediately after a verification completes. Wait for it to become true or listen for the verification.completed webhook which includes the final persistence status.