Authenticated Workflow API

Keys and Authentication

Workflow APIs can be published to use OAuth. Once a Client ID and Client Secret are generated for the Workflow API account, you will be able to request for a token and pass in the token for other requests.

Request for a Token

A token can be retrieved by making a request to our Token endpoint. Using your Client Id and Client Secret you can generate a bearer token by calling the following endpoint - https://auth-api.trulioo.com/connect/token. Set the grant_type as client_credentials and scope as workflow.studio.api.

curl --location --request POST '://auth-api.trulioo.com/connect/token'\

--header 'Content-Type: application/x-www-form-urlencoded'
--data-raw '{
	"client_id": "clientid",  
	"client_secret": "clientsecret",
  "grant_type": "client_credentials",
  "scope": "workflow.studio.api"
	}'
var options = {
	'method': 'POST',
	 'url': 'https://auth-api.trulioo.com/connect/token',
	'headers': {
		'Content-Type': 'application/x-www-form-urlencoded'
	body: JSON.stringify({
		"ClientId":"clientid",
		"ClientSecret":"clientsecret"})
	};
},
JSON.stringify({
	"ClientId":"clientid",
	"ClientSecret":"clientsecret"
});

xhr.open("POST","https://auth-api.trulioo.com/connect/token");
xhr.setRequestHeader("Content-Type", "application/x-www-form-urlencoded");
xhr.send(data);
request = Net::HTTP::Post.new("https://auth-api.trulioo.com/connect/token")
request["Content-Type"] = "application/x-www-form-urlencoded"
request.body = "{\n\t\"ClientId\": \"clientid\",\n\t\"ClientSecret\": \"clientsecret\"\n}": "clientsecret"
}"
response = https.request(request)
url = "https://auth-api.trulioo.com/connect/token"

payload = "{\n\t\"ClientId\": \"clientid\",\n\t\"ClientSecret\": \"clientsecret\"\n}"
headers = {
	'Content-Type': 'application/x-www-form-urlencoded'
}
response = requests.request("POST", url, headers=headers, data = payload)

Token Expiration

Tokens retrieved from the token endpoint can only be used before they have expired. When the server returns a token, it will also return the token time and expiry time of the token. The value of the ExpiresIn field is the number of seconds that the token is valid for. Typically, this is one hour.

{
    "Token":  "authenticationtoken",
    "TokenType": "bearer",
    "ExpiresIn": 3599
}

The expiry time of the token can also be derived from the token itself. The payload of the token, which is encoded in base64, also stores when the token expires under "exp". The value within the token represents the Epoch time of when the token will have expired.

If an expired token is used to call any endpoint that requires authentication, a 401 Unauthorized Error will be returned. A new token can be retrieved by following the steps to request for a token.

Using the API

After retrieving a token, the token should be added to the header to any requests to the API that need authentication:

curl --location --request GET 'url' \
--header 'Content-Type: application/json' \
--header 'Authorization: Bearer authenticationtoken' \
var request = require('request');
var options = {
	 'method': 'GET',
	'url': 'url',
	'headers': {
	'Content-Type': 'application/json',
	'Authorization': 'Bearer authenticationtoken'
	}
};
xhr.withCredentials = true;
xhr.open("GET", "url");
xhr.setRequestHeader("Content-Type", "application/json");
xhr.setRequestHeader("Authorization", "Bearer authenticationtoken");

xhr.send(data);
request = Net::HTTP::Get.new(url)
request["Content-Type"] = "application/json"
request["Authorization"] = "Bearer authenticationtoken"

response = https.request(request)
headers = {
	 'Content-Type': 'application/json',
	'Authorization': 'Bearer authenticationtoken'
}
response = requests.request("GET", url, headers=headers, data = payload)