> This development guide applies to the SDK of API Version 8 or later.
## When to Use
OpenHarmony supports 2D and 3D facial recognition that can be used for identity authentication during device unlocking, application login, and payment.
2D and 3D facial recognition used in identity authentication scenarios such as device unlocking, application login, and payment
## Available APIs
The **userIAM\_userAuth** module provides methods for checking the support for biometric authentication, and performing and canceling authentication. You can perform authentication based on biometric features such as facial characteristics. Before performing biometric authentication, check whether your device supports this capability, including the authentication type, security level, and whether local authentication is used. If biometric authentication is not supported, consider using another authentication type. The following table lists methods in the APIs available for biometric authentication.
The userIAM_userAuth module provides methods for checking the support for user authentication, and performing and canceling authentication. You can perform authentication based on biometric features such as facial characteristics. For more details, see [API Reference](../reference/apis/js-apis-useriam-userauth.md).
**Table 1** Methods available for biometric authentication
Before performing authentication, check whether the device supports user authentication, including the authentication type and level. If user authentication is not supported, consider using another authentication type. The following table lists the APIs available for user authentication.
| getAuthenticator(): Authenticator | Obtains an **Authenticator** object for user authentication. <sup>6+</sup><br>Obtains an **Authenticator** object to check the device's capability of user authentication, perform or cancel user authentication, and obtain the tips generated in the authentication process. <sup>7+</sup> |
| checkAvailability(type: AuthType, level: SecureLevel): number | Checks whether the device supports the specified authentication type and security level. |
| execute(type: AuthType, level: SecureLevel, callback: AsyncCallback\<number>): void | Performs user authentication and returns the authentication result using an asynchronous callback. |
| execute(type: AuthType, level: SecureLevel): Promise\<number> | Performs user authentication and returns the authentication result using a promise. |
| cancel(): void | Cancels the current authentication. |
| on(type: "tip", callback: Callback\<Tip>): void | Subscribes to the events of the specified type. |
| off(type: "tip", callback?: Callback\<Tip>): void | Unsubscribes from the events of the specified type. |
| getVersion() : number | Obtains the version information of an authentication object. |
| getAvailableStatus(authType : UserAuthType, authTrustLevel : AuthTrustLevel) : number | Checks whether the device supports the specified authentication type and level.|
| auth(challenge: Uint8Array, authType: UserAuthType, authTrustLevel: AuthTrustLevel, callback: IUserAuthCallback): Uint8Array | Performs user authentication. This method uses asynchronous callback to return the result. |
| cancelAuth(contextID : Uint8Array) : number | Cancels an authentication. |
## How to Develop
Before starting the development, make the following preparations:
1. Add the **ohos.permission.ACCESS\_BIOMETRIC** permission declaration to the application permission file.
2. Add **import userIAM\_userAuth from '@ohos.userIAM.userAuth'** to the code file that provides biometric recognition.
1.Add the ohos.permission.ACCESS_BIOMETRIC permission declaration to the application permission file.
2.Add **import userIAM_userAuth from '@ohos.userIAM.userAuth'** to the code file.
The development procedure is as follows:
1. Obtain an **Authenticator** singleton object. The sample code is as follows:
```
let auth = userIAM_userAuth.getAuthenticator();
```
2. Check whether the device provides the authentication capability of the specified level.
2D facial recognition supports authentication lower than S2, and 3D facial recognition supports authentication lower than S3. The sample code is as follows:
```
let authenticator = userIAM_userAuth.getAuthenticator();
let checkCode = authenticator.checkAvailability("FACE_ONLY", "S2");
if (checkCode == userIAM_userAuth.CheckAvailabilityResult.SUPPORTED) {
console.info("check auth support success");
} else {
console.error("check auth support fail, code = " + checkCode);
}
```
3.\(Optional\) Subscribe to tip information. The sample code is as follows:
```
let authenticator = userIAM_userAuth.getAuthenticator();