v1 - Keys and Authentication

Authentication

The Trulioo API uses Basic Authentication. Once you have the username and password for your API account, you can construct the request Authorization header as follows:

  • Username and password are combined into a string username:password
  • The resulting string is encoded using the RFC2045-MIME variant of Base64, except without the 76 character per line limitation. This encoded string will be referred to as ACCESS_TOKEN in the examples.
  • The authorization method and a space, in this case "Basic ", are then put before the encoded string, so the resulting header is "Authorization: Basic ACCESS_TOKEN".

See Test Authentication API reference for more examples.

If you are using an API testing application such as SOAPUI or Postman, you should add a basic authentication header without encoding the username/password yourself, as described in the application's help documents. Most programming languages include HTTP client libraries that handle the fine details of basic authentication, and our SDKs for c# and Java makes the process as streamlined as possible.

🚧

Important:

Trulioo provides multiple global and regional endpoints. Please choose the correct endpoint based on your business use case and your regulatory and compliance requirements. You can find more information on the Multi-Region Hosting page.

cURL


Add "--user" to your cURL command. cURL will add it to the Authorization header and encode it as a Base64 string:

curl --request GET \
     --url <<endpoint>>/connection/v1/testauthentication \
     --header 'Accept: application/json' \
     --user username:password

Node


Using Fetch, for the options object you need to add an "Authorization" field in the headers. The username and password need to be converted to a base64 string, in this case using the Buffer class.

const fetch = require('node-fetch');

const url = '<<endpoint>>/connection/v1/testauthentication';
const options = {
  method: 'GET', 
  headers: {
	Accept: 'application/json',
	Authorization: 'Basic ' + new Buffer("username:password").toString("base64")	// provide basic auth
  }
};

fetch(url, options)
  .then(res => res.json())
  .then(json => console.log(json))
  .catch(err => console.error('error:' + err));

JavaScript

Using Fetch, for the options object you need to add an "Authorization" field in the headers. The username and password need to be converted to a base64 string, in this case using the btoa function.

const url = '<<endpoint>>/connection/v1/testauthentication';
const options = {
  method: 'GET',
  headers: {
	Accept: 'application/json', 
	Authorization: 'Basic ' + btoa("username:password")	// provide basic auth
  }
};

fetch(url, options)
  .then(response => response.json())
  .then(response => console.log(response))
  .catch(err => console.error(err));

Ruby


For Ruby, once you have initialized the request you can set the Authorization by using the .basic_auth method. It takes the username and password and encodes them as Base64 strings in the Authorization header.

require 'uri'
require 'net/http'
require 'openssl'

url = URI("<<endpoint>>/connection/v1/testauthentication")

http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true

request = Net::HTTP::Get.new(url)
request["Accept"] = 'application/json'
request.basic_auth("username", "password")	# provide basic auth

response = http.request(request)
puts response.read_body

Python


For the request set up, after the URL is passed, you need to add one more parameter auth as follows:

import requests

url = "<<endpoint>>/connection/v1/testauthentication"

# provide basic auth
response = requests.request("GET", url, auth=('username', 'password'))

print(response.text)

Using Fetch, for the options object you need to add an "Authorization" field in the headers. The username and password need to be converted to a base64 string, in this case using the btoa function.