Trulioo GlobalGateway Developer Portal

Welcome to the Trulioo GlobalGateway developer hub. You'll find comprehensive guides and documentation to help you start working with GlobalGateway as quickly as possible, as well as support if you get stuck. Let's jump right in!

Get Started

Keys and Authentication


The GlobalGateway API uses Basic Authentication. Once you have the username and password for your API account, you will be able to construct the request Authorization header as follows:

  • Username and password are combined into a string "username:password"
  • The resulting string is encoded using the RFC2045-MIME variant of Base64, except without the 76 char per line limitation. This encoded string will be referred to simply as ACCESS_TOKEN in examples.
  • The authorization method and a space, in this case "Basic ", is then put before the encoded string, so the resulting header is "Authorization: Basic ACCESS_TOKEN"

See the Test Authentication API reference for more examples.

If you are using an API testing application such as Postman or SOAPUI, you should be able to add a basic authentication header without encoding the username/password yourself, as described in the application's help docs. Most programming languages include HTTP client libraries that handle the fine details of basic authentication, and our SDKs for C# and Java make the process as streamlined as possible.

Authorization Headers

Our generated code examples in the API Reference don't currently include how to set Authorization headers so for now we'll document them here:


Add "--user" to your cURL command . cURL will add it to the Authorization header and encode it as a Base64 string:

--user username:password


For the options object you need to add a header object along with the url:

var options = { 
    method: 'GET',
  url: '<<endpoint>>/connection/v1/testauthentication',
  headers: {
      "Authorization": "Basic " + new Buffer("username:password").toString("base64")


XMLHttpRequest provides a method to set the request header. It has to be called between the open and send methods are called:"GET", "<<endpoint>>/connection/v1/testauthentication");
xhr.setRequestHeader("Authorization", "Basic " + btoa("username:password")); 


For Ruby, once we've initialized the request we can set the Authorization by using the .basic_auth method. It takes the username and password and encodes them as Base64 strings in the Authorization header.

request =
request.basic_auth("username", "password")
response = http.request(request)


For the request set up, after the url is passed in you need to add one more parameter auth as follows:

response = requests.request("GET", url, auth=('username', 'password'))

Updated 11 months ago

Keys and Authentication

Suggested Edits are limited on API Reference Pages

You can only suggest edits to Markdown body content, but not to the API spec.