# Verify FaceMap

To clear a FACE_MAP challenge listed in a OTT.

Notes:
1. User is required to enrol facemap before the verification can be successful.
2. Rate limit may be applied if there are 5 continuous unsuccessful attempts and OTT creation will be blocked for 15 minutes.

Endpoint: POST /v1/one-time-token/facemap/verify
Security: UserToken

## Header parameters:

  - `One-Time-Token` (string, required)
    Text value of a OTT.

  - `X-External-Correlation-Id` (string)
    Optional UUID for correlating requests across systems. If provided, Wise echoes it back in the response. Maximum 36 characters. Learn more.
    Example: "f47ac10b-58cc-4372-a567-0e02b2c3d479"

## Request fields (application/json):

  - `faceMap` (string)
    Base64-encoded binary data as a string.

For more details how to get this binary, please read FaceTec's [export API](https://dev.facetec.com/api-guide#export-3d-facemap).

To retrieve Wise's FaceTec public key, please refer to our FaceTec's [Get Public Key API](/api-reference/facetec/facetecpublickeyget).
    Example: "<base64_encoded_string>"

## Response 200 fields (application/json):

  - `oneTimeTokenProperties` (object)
    Properties of the one time token.

  - `oneTimeTokenProperties.oneTimeToken` (string)
    Unique identifier of a one time token.

  - `oneTimeTokenProperties.challenges` (array)
    Array of challenge objects.

  - `oneTimeTokenProperties.challenges.primaryChallenge` (object)
    Type of challenge user can do.

  - `oneTimeTokenProperties.challenges.primaryChallenge.type` (string)
    [Type of the challenge](/api-reference/one-time-token#challenge-type).

  - `oneTimeTokenProperties.challenges.primaryChallenge.viewData` (object)
    An object that provides data required to present a challenge window. It can be messages, IDs, or other attributes.

  - `oneTimeTokenProperties.challenges.alternatives` (array)
    Alternative challenges that user can do instead.

  - `oneTimeTokenProperties.challenges.required` (boolean)
    Required (or not) to pass the OTT.

  - `oneTimeTokenProperties.challenges.passed` (boolean)
    Status of this challenge.

  - `oneTimeTokenProperties.validity` (integer)
    Seconds until the one time token becomes expired.

  - `oneTimeTokenProperties.actionType` (string)
    The action bound to the one time token. For example, BALANCE__GET_STATEMENT when we want to [retrieve a balance account statement](/api-reference/balance-statement/balancestatementget).

  - `oneTimeTokenProperties.userId` (integer)
    Creator of this one time token.