DEV Community

Cover image for Build Face-Based Access Control with a Comparison API
AI Engine
AI Engine

Posted on • Originally published at ai-engine.net

Build Face-Based Access Control with a Comparison API

#python #tutorial #api #security

Badges get lost, PINs get shared. A face-based access control system verifies identity through facial recognition — no tokens to manage. Here's how to build one with the Face Analyzer API.

How It Works

  1. Enroll — Upload authorized users' photos to a facial repository
  2. Store — The API extracts and stores facial features
  3. Verify — Search the repository with a new photo to grant or deny access

Step 1: Create a Repository 

import requests

BASE = "https://faceanalyzer-ai.p.rapidapi.com"
HEADERS = {
    "x-rapidapi-host": "faceanalyzer-ai.p.rapidapi.com",
    "x-rapidapi-key": "YOUR_API_KEY",
}

response = requests.post(
    f"{BASE}/create-facial-repository",
    headers={**HEADERS, "Content-Type": "application/x-www-form-urlencoded"},
    data={"repository_id": "office-access"},
)
print(response.json())
Enter fullscreen mode Exit fullscreen mode

Step 2: Enroll Users 

with open("employee_alice.jpg", "rb") as f:
    response = requests.post(
        f"{BASE}/save-face-in-repository",
        headers=HEADERS,
        files={"image": ("alice.jpg", f, "image/jpeg")},
        data={
            "repository_id": "office-access",
            "external_id": "alice-johnson",
            "max_faces": "1",
        },
    )
print(response.json())  # {"statusCode": 200, "faces_id": ["face-id-abc123"]}
Enter fullscreen mode Exit fullscreen mode

Step 3: Verify Access 

with open("access_attempt.jpg", "rb") as f:
    response = requests.post(
        f"{BASE}/search-face-in-repository",
        headers=HEADERS,
        files={"image": ("attempt.jpg", f, "image/jpeg")},
        data={"repository_id": "office-access"},
    )

result = response.json()
THRESHOLD = 85

if result.get("FaceMatches"):
    best = result["FaceMatches"][0]
    if best["Similarity"] >= THRESHOLD:
        print(f"ACCESS GRANTED — {best['Face']['ExternalImageId']}")
    else:
        print(f"ACCESS DENIED — low confidence ({best['Similarity']}%)")
else:
    print("ACCESS DENIED — face not recognized")
Enter fullscreen mode Exit fullscreen mode

Direct 1:1 Comparison

For simpler scenarios (selfie vs. ID photo), skip the repository:

with open("selfie.jpg", "rb") as src, open("id_photo.jpg", "rb") as tgt:
    response = requests.post(
        f"{BASE}/compare-faces",
        headers=HEADERS,
        files={"source_image": src, "target_image": tgt},
    )

result = response.json()
matched = result["body"]["matchedFaces"]
print("MATCH" if matched else "NO MATCH")
Enter fullscreen mode Exit fullscreen mode

Use Cases

  • Office/building access — Replace badge readers with cameras
  • Event check-in — Contactless registration verification
  • KYC — Verify selfie matches government ID photo
  • Exam proctoring — Verify test-taker identity

Best Practices

  • Set threshold to 85% for general access, 90%+ for high-security areas
  • Use well-lit, front-facing enrollment photos
  • Always provide a fallback method (PIN, badge)
  • Comply with GDPR/CCPA — get consent, allow data deletion

👉 Read the full tutorial with JavaScript examples and repository management

Top comments (0)