> ## Documentation Index
> Fetch the complete documentation index at: https://documentation.idenfy.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Face Authentication

> Re-authenticate returning users with biometric face matching using iDenfy for account login, high-risk actions, and periodic checks.

Face Authentication is a service for **re-authenticating returning users** by comparing their live face to a biometric template captured during a previous identity verification.

Unlike a full KYC verification, Face Authentication does not require document scanning. The user simply takes a selfie, which is matched against their original verification photo. This makes it ideal for:

* **Account login** -- add biometric security as a second factor
* **High-risk actions** -- confirm the user's identity before transactions, withdrawals, or profile changes
* **Periodic re-verification** -- ensure the same person is still using the account over time

## How It Works

1. **Create a Face Authentication session** using the [Create Face Auth Session](/face-authentication/token-generation) endpoint, referencing the user's original `scanRef`.
2. **Launch the authentication session** via the [iFrame / Redirect URL](/face-authentication/iframe) or a native SDK.
3. **Receive the result** through a webhook callback indicating whether the face matched.

## Prerequisites

You must have at least one successful identity verification with iDenfy. The original verification's `scanRef` is required to create the authentication session.

## Next Steps

<CardGroup cols={2}>
  <Card title="Create Face Auth Session" icon="key" href="/face-authentication/token-generation">
    Create a face authentication session via API.
  </Card>

  <Card title="iFrame / Redirect" icon="window-maximize" href="/face-authentication/iframe">
    Embed the authentication flow in your application.
  </Card>
</CardGroup>