All Products
Search

This Product

    ID Verification:Authorize a RAM user to access ID Verification - KYC

    Document Center

    ID Verification:Authorize a RAM user to access ID Verification - KYC

    Last Updated:Oct 30, 2024

    You can use the credentials of a Resource Access Management (RAM) user to access ID Verification - KYC. KYC is short for Know Your Customer. You can create a RAM user and grant the RAM user the permissions to call the ID Verification - KYC API or ID Verification - KYC SDK. You can authorize RAM users only to view the call status. This topic describes how to create a RAM user and grant permissions to the RAM user. This topic also describes how to generate an AccessKey pair to call the ID Verification - KYC API.

    Prerequisites

    • ID Verification - KYC is activated for your Alibaba Cloud account. For more information, see Activate ID Verification - KYC.

    • You are allowed to use the Alibaba Cloud account.

    Procedure

    1. Log on to the RAM console by using an Alibaba Cloud account or a RAM user who has administrative rights.

    2. In the left-side navigation pane, choose Identities > Users.

    3. Optional. Click Create User to create a RAM user.

      If you have created a RAM user, skip this step. For more information, see Create a RAM user.

    4. Grant permissions on ID Verification - KYC to the RAM user.

      Note

      An Alibaba Cloud account has access and control permissions on all Alibaba Cloud resources within the account. If your Alibaba Cloud account is disclosed, security risks may occur. We strongly recommend that you create and grant a RAM user the permissions to use ID Verification - KYC based on the principle of least privilege.

      1. On the Users page, find the RAM user to which you want to grant permissions and click Add Permissions in the Actions column.

      2. In the Select Policy section of the Add Permissions panel, click System Policy and select the policies that you want to attach to the RAM user.

        The following table describes the system policies supported by ID Verification - KYC. You can enter the keyword of a policy name, such as AntCloud, in the search box to find the policy and attach the policy to the RAM user based on your business requirements.

        Policy

        Permission

        Description

        AliyunAntCloudAuthFullAccess

        Management permissions on ID Verification - KYC

        This policy allows you to perform the following operations:

        • Call the ID Verification - KYC API.

        • View the details of the calls.

        • Use a RAM user to activate ID Verification - KYC.

        AliyunYundunCloudAuthFullAccess

        Access permissions on the ID Verification - KYC console

        This policy allows you to perform the following operations:

        • View the number of calls and verification details in the ID Verification - KYC console.

      3. Click OK. Then, click Complete.

    5. Optional. If you want to call an API operation by using the RAM user, create an AccessKey pair for the RAM user. The AccessKey pair is used for identity authentication when you call the API operation.

      For more information about how to create an AccessKey pair for a RAM user, see Create an AccessKey pair.

      Note

      We recommend that you create an AccessKey pair only for RAM users that you want to use to call API operations.

      After the authorization is complete, you can use the RAM user to integrate ID Verification - KYC with your app or view information about API calls.