Trulioo offers a functionality to automatically cycle the API keys. You do not need to manually regenerate keys to meet your API key cycling needs. This feature is only available to those customers who have upgraded their account to a Business Plan or an Enterprise Plan.
Yes, you can automatically regenerate API keys at a set frequency by entering the desired number of days in the “Auto Regeneration Life cycle” field. Click on “Enable auto API key cycling” button on the homepage to set up this feature.
You will have to enter the Endpoint information for us to communicate the API key securely to your server. Please ensure that you are using HTTPS for your web application's end point.
Note: The new API key will be communicated to your endpoint at 12 AM UTC of the start date.
Yes, you can change the Endpoint or the frequency. Login to the portal, click on the “edit” icon next to the API key on the home page. Follow the on-screen instructions to save your changes. Trulioo will send an email notifying each instance of change.
Yes, you can disable this feature anytime. Login to the portal, click on “Disable auto API key cycling” button on the home page and follow the on-screen instructions to disable this feature.
You may choose to whitelist the Trulioo IP address. Please for further details about the IP address to be whitelisted.
Yes, you can re-enable the manual generation of API key feature anytime after you've disabled the auto API key cycling feature. Login to the portal, click on “Disable auto API key cycling” button on the home page and follow the on-screen instructions to disable auto cycling of API key. Click on “Regenerate Key” for manual regeneration of the API key.
Ensuring secure communication between your application and Trulioo is essential. The first step would be to ensure that you are using HTTPS for your web application's endpoint. While responding back, please ensure that you send the exact contents from
“requestId”to complete the Test.
While responding back, please ensure that you send the exact contents from
“requestId”. If we do not receive the desired response then we will consider the communication has failed and your existing API key will be made valid again until the next cycle.