Checks API
NOTE: Truora provides a Postman collection online that includes the necessary tools to simplify the testing process.
Welcome to the Truora Check RESTful API reference. If you haven’t already, we strongly advise you to check out our Guides Section.
Truora Check API allows performing full background checks on people, vehicles and companies. There are three main types of background checks:
- Personal background check: Verifies national IDs in multiple databases of public and legal entities in the LATAM region. For every national ID, returns information on: personal identity, criminal records, international background check, and professional background.
- Vehicle background check: Verifies the vehicle documents and the owner identity in multiple databases of public and legal entities in the LATAM region. For every vehicle and owner type, returns information on: personal identity, driving records, criminal records, and vehicle information.
- Company background check: Verifies the tax ID or a company name in multiple databases of public and legal entities in the LATAM region. For every company, returns the associated: business status, legal and criminal records, and media reports.
Authentication
To access Truora’s services and perform API calls securely, you need to authenticate your requests. This is done by including a specific authentication token, known as the โTruora-API-Keyโ in the header of your requests.
By providing this key in your API requests, you establish a secure and authorized connection, enabling seamless interaction with Truora’s services.
Base URL
https://api.checks.truora.com
Checks
Checks API enables you to create and retrieve background checks. It consults multiple databases and provides a comprehensive set of information to assess the reliability of a person, vehicle, or company. Explore our guide on Background Checks for further details.
Create check
Creates a background check and queues it to start collecting information. The full details of background checks can be retrieved with their respective Check IDs using getCheck endpoint. Keep in mind that, depending on the check type, input document, and country of a search, certain inputs are required. You should always provide as many inputs as possible in order to get the highest accuracy.
If your check type is not referenced in the following table, please reach out to find out the fields that apply for you.
Document country
Indicates whether the person subject to the validation authorized the validation. Must be true in order to proceed [Required for API key V1 or later]
Background check type. Replace custom_type_name with the name of your custom type to perform a custom type check
Company name “Don’t forget this required field to complete background checks in Brazil”
Person or entity first name. If the document type and number are not provided, the report might include homonyms. Required when searching by first name, Required in order to get complete background checks in Brazil
Person passport
ID for Venezuelans working in Colombia
Optional external identifier stored in the database along with the main structure. Used for reference purposes only, without affecting processing or logic. (Maximum length: 128 characters).
Payment day of a vehicle circulation permit (Chile only)
Region where the background is to be checked in addition to the region where the person is from. By default, background checks in Brazil are performed in the person region of birth according to their CPF. Required for Brazil only. Keep in mind that a nation-wide search can take more than 24 hours to complete, whereas region-specific searches take from 2 to 20 min to complete.
Allowed values are: DF: Distrito Federal, AC: Acre, AL: Alagoas, AP: Amapรก, AM: Amazonas, BA: Bahรญa, CE: Cearรก, ES: Espรญrito Santo, GO: Goiรกs, MA: Maranhรฃo, MT: Mato Grosso, MS: Mato Grosso do Sul, MG: Minas Gerais, PA: Parรก, PB: Paraรญba, PR: Paranรก, PE: Pernambuco, PI: Piauรญ, RJ: Rรญo de Janeiro, RN: Rรญo Grande do Norte, RS: Rรญo Grande do Sul, RO: Rondรดnia, RR: Roraima, SC: Santa Catarina, SP: Sรฃo Paulo, SE: Sergipe, TO : Tocantins, ALL: nation-wide search
Person birthdate. This date is used to get some additional information about a person and to filter homonyms in some cases. YYYY-MM-DD format, Required for complete background checks in Brazil and Perรบ
Person foreign ID
Country of birth. Required if native_national_id is provided
Driver’s license number
Vehicle license plate
Verification code registered for criminal records in Peru and Chile
Vehicle NIV number
Folio for Chilean certificate search. Chile only
ID for Venezuelans working in Peru
This field also apply for PPT (Permiso de Protecciรณn Temporal) in Colombia
Diplomatic ID
National ID from the person native country. Keep in mind that you must provide the native_country if you enter a native_national_id
Person or entity last name. If the document type and number are not provided, the report might include homonyms. Required when searching by last name. Required in order to get complete background checks in Brazil
Used for the RG (Registro Geral) identification in Brazil. This identification has different formats according to the state that issues the document. It can have numbers and letters but other characters (- * , . ) are omitted, Required in order to get complete background checks in Brazil
Indicates whether the check score is to be periodically revised and its frequency. It can be daily, weekly, monthly, yearly or have a custom frequency written as a number accompanied by d: day, w: week, m: month, y: year for instance: 3d: every three days, 2w: every two weeks. Ignore this field if the check is only to be performed once
Defines the behavior of the API when creating a background check with the same input values used for a recently created background check.
When true, forces the creation of a new background check; otherwise, it returns the result of the background check created earlier.
Document number of Chilean identity. This number is used to get some additional information about a person. Chile only
National ID
ID of the vehicle owner
Person phone number. Required by law to notify the person their background is being checked
Colombian escrow
national-id, foreign-id, tax-id or passport
Professional ID card
Report ID the background check will be inserted into
Company ID used for tax payments
Person birth certificate
15-digit IMEI to be validated
Person document issue date in “YYYY-mm-dd” format (e.g. 2008-12-31) . This date is used to get some additional information about a person in some cases
List checks
Get check
Returns the results of the check that matches the ID provided, complete with a set of scores explained below.
Scores:
- Global Score: Average risk associated with a person, company or vehicle, according to the background check results. The global score considers results that are validated with the ID number provided. The score ranges from 0 to 1, where 0 represents high risk and 1 low risk.
- ID Score: Average risk associated with a person according to the background check results. The ID score considers the results that are validated with a person identity document. The score ranges from 0 to 1, where 0 represents high risk and 1 low risk.
- Name Score: Average risk associated with a person according to the background check results. The name score considers results that are validated against the name of a person and could not be validated with their ID number. These results might have homonyms associated with them. The score ranges from 0 to 1, where 0 represents high risk and 1 low risk.
In order to calculate these scores, a weighted average is considered with different weights allocated to each dataset. Scores can be customized using the config endpoints by assigning a weight to each dataset according to its relevance.
Keep in mind that results from the API vary depending on the country, check type and the inputs entered on check creation.
Get Check Attachments
List Check Details
Summarize
Get the status of a database
Delete check
Custom-Type
The Custom Type API enables the creation of custom searches, allowing you to include only the desired datasets in background checks, thus enhancing the check efficiency. Moreover, you can customize the impact of each dataset on the global score by assigning it a weight value between 0 and 1. It’s important to note that the sum of all weights must equal 1.
You can use custom types in your checks to perform custom-type checks. For detailed information, refer to our Custom Type guide.
Create custom type
typeCountry where this set of rules applies. Use “all” if the check type searches by name by relying on international databases
Custom type name. It cannot be person, vehicle, or company. Use this type in your checks to perform custom-type checks
Traffic fines weight for score calculation. From 0 to 1. If not provided, the dataset is skipped entirely decreasing the search time
Affiliation and insurance weight for score calculation. From 0 to 1. If not provided, the dataset is skipped entirely decreasing the search time
Alert in media weight for score calculation. From 0 to 1. If not provided, the dataset is skipped entirely decreasing the search time
Business background weight for score calculation. From 0 to 1. If not provided, the dataset is skipped entirely decreasing the search time
Professional background weight for score calculation. From 0 to 1. If not provided, the dataset is skipped entirely decreasing the search time
Taxes and financial background weight for score calculation. From 0 to 1. If not provided, the dataset is skipped entirely decreasing the search time
Vehicle information weight for score calculation. From 0 to 1. If not provided, the dataset is skipped entirely decreasing the search time
Driving license weight for score calculation. From 0 to 1. If not provided, the dataset is skipped entirely decreasing the search time
Criminal record weight for score calculation. From 0 to 1. If not provided, the dataset is skipped entirely decreasing the search time
International background weight for score calculation. From 0 to 1. If not provided, the dataset is skipped entirely decreasing the search time
Legal background weight for score calculation. From 0 to 1. If not provided, the dataset is skipped entirely decreasing the search time
Personal identity weight for score calculation. From 0 to 1. If not provided, the dataset is skipped entirely decreasing the search time
Vehicle certificate background weight for score calculation. From 0 to 1. If not provided, the dataset is skipped entirely decreasing the search time
Update custom type
Custom type name. It cannot be person, vehicle, or company. Use this type in your checks to perform custom-type checks
Country where this set of rules applies. Use “all” if the check type searches by name by relying on international databases
Legal background weight for score calculation. From 0 to 1. If not provided, the dataset is skipped entirely decreasing the search time
Vehicle certificate background weight for score calculation. From 0 to 1. If not provided, the dataset is skipped entirely decreasing the search time
Criminal record weight for score calculation. From 0 to 1. If not provided, the dataset is skipped entirely decreasing the search time
International background weight for score calculation. From 0 to 1. If not provided, the dataset is skipped entirely decreasing the search time
Vehicle information weight for score calculation. From 0 to 1. If not provided, the dataset is skipped entirely decreasing the search time
Affiliation and insurance weight for score calculation. From 0 to 1. If not provided, the dataset is skipped entirely decreasing the search time
Driving license weight for score calculation. From 0 to 1. If not provided, the dataset is skipped entirely decreasing the search time
Taxes and financial background weight for score calculation. From 0 to 1. If not provided, the dataset is skipped entirely decreasing the search time
Traffic fines weight for score calculation. From 0 to 1. If not provided, the dataset is skipped entirely decreasing the search time
Alert in media weight for score calculation. From 0 to 1. If not provided, the dataset is skipped entirely decreasing the search time
Business background weight for score calculation. From 0 to 1. If not provided, the dataset is skipped entirely decreasing the search time
Professional background weight for score calculation. From 0 to 1. If not provided, the dataset is skipped entirely decreasing the search time
Personal identity weight for score calculation. From 0 to 1. If not provided, the dataset is skipped entirely decreasing the search time
List custom types
Delete custom type
Allows deleting a custom type. Please note that person, vehicle, and company custom types can not be deleted.
After deletion, the response will display the remaining custom types associated with the country of the deleted custom type.
Settings
Allows the configuration of parameters such as names matching type, retries and max duration.
Create setting
Indicates the maximum amount of time a check can take to fetch responses. It follows the following format "xt" where x is a number and t is a letter ( m for minutes or h for hours). Example 25m indicates 25 minutes, 2h indicates 2 hours. This value must be between 15 minutes and 7 days (168 hours). When not configured, it is set to default. If retries is enabled, the default max duration is set to 48 hours; otherwise, it is set to 3 hours for Colombia, Mexico, Peru, and Brazil; 48 hours for Chile and International searches; and 72 hours for Costa Rica
Defines the matching type between the names retrieved from the identity databases and the names found in the criminal, legal and international databases to determine whether a record should be included in the check or not. soft (used by default) means matching names when they are similar enough to be considered the same person (e.g., Maria Alejandra Gomez would match Alejandra Gomez). exact means the names must perfectly match. Keep in mind that this feature is a configuration at a Client level, so it will affect all your check types
Indicates whether or not database queries must be retried until they successfully return a response or until the max_duration time is reached
Continuous
Enables the creation of recurring checks with customizable frequency, providing notifications whenever there are changes in check scores.
Create Continuous Check
Time between background checks. It can be daily, weekly, monthly, yearly or have a custom frequency written as a number accompanied by a letter d: day, w: week, m: month, y: year. For instance: 3d: every three days, 2w: every two weeks
Date on which background checks will stop. YYYY-MM-DD format. For the date to be valid, it must allow at least one check to be run according to the frequency.
Background checks to be processed recurrently
Update Continuous Checks
Time between background checks
Indicates whether the background checks must be processed recurrently
API Key version to be used for the continuous check hooks. This version must match API key version you use. Version 0 is used by default.
List Continuous Checks
Get Continuous Checks
List Continuous Check Logs
Enables the export of a comprehensive PDF containing the obtained information, Truora’s assigned score, and consulted datasets. For more details, refer to Background Checks: PDF, Variables and Attachments guide.
Create PDF
Get PDF
Batch
Given a valid xlsx file, this endpoint takes the information from the file and starts creating the checks and associating it to the specified report object. For a step-by-step explanation of all methods and required fields for submitting a batch, please refer to the Background Checks Batch via API guide.
Create Batch
This endpoint facilitates the creation of batches of different types. This endpoint does not include input file uploading or batch start logic.
The check inputs to be uploaded in the file can be manually mapped using columns_mapping.{input_name} body params, by default the inputs accepted by the check type will be mapped. The request will return a columns array with the order in which the inputs should be in the xlsx file.
The batch creation request returns a temporary URL in the file_upload_link field. This URL must be used to make a PUT request with the file containing the mapped batch data. It is crucial to note that the URL has a limited expiration time (30min) and will only allow the first submitted file to be uploaded. Therefore, it is highly recommended to carefully review the information before uploading.
The country of batch checks
Type of the batch checks. Replace custom_type_name with the name of your custom type to perform a batch of custom type checks. In case you want to create a custom type please visit How to Create a Custom Type for Background Check guide for more information.
The service for which the batch will be processed
Date on which background checks will stop to create a batch of continuous checks. YYYY-MM-DD format. For the date to be valid, it must allow at least one check to be run according to the frequency.
Time between background checks to create a batch of continuous checks. It can be daily, weekly, monthly, yearly or have a custom frequency written as a number accompanied by a letter d: day, w: week, m: month, y: year. For instance: 3d: every three days, 2w: every two weeks
Columns mapping of the xlsx file. This body parameter must be sent for each column you want to upload in the xlsx file, replacing the input_name with the name of the input (e.g. columns_mapping.national_id). The value must be the index of the column in the file, being 0 for column A, 1 for column B and so on. If no column mapping is sent, all inputs for the selected custom type will be automatically mapped.
Request Batch Report Generation
Batch report file format
Start Batch
Stop Batch
Get Batch
Get Batch Report
Digital Identity
NOTE: Truora provides a Postman collection online that includes the necessary tools to simplify the testing process.
Truora Digital Identity (Truora DI) is a versatile platform that allows you to create a personalized process for authenticating your users. It enables you to utilize a range of Validators in a single process to simplify user identity verification. The Validators enable diverse actions, ranging from verifying that a phone or email belongs to the user, to matching usersยด biometrics against government sources. The platform offers the flexibility to create the processes securely and without introducing complexity to the user experience, ensuring your new users can promptly access and enjoy your services.
Authentication
To access Truora’s services and perform API calls securely, you need to authenticate your requests. This is done by including a specific authentication token, known as the โTruora-API-Keyโ in the header of your requests.
By providing this key in your API requests, you establish a secure and authorized connection, enabling seamless interaction with Truora’s services.
Base URL
https://api.connect.truora.com
Web
Digital Identity Web is a versatile platform that allows you to create a customized process to authenticate your users. It allows you to use a number of validators in a unique process to simplify user identity verification.
Here you will find the endpoints you need to create process links and get results. If you need to create process flows please see the Documentation.
Generate Token
API key type
API key version. Version 0 is used by default
Billing hubs allow for separated counters and billing. Required if the customer uses billing hubs
Indicates which service this API key grants access to. Required if key_type is set to web or sdk
List of phone numbers to be validated during the identity verification process
URL where the user is to be redirected once the verification process has ended. Required if grant is set to digital-identity
User identifier for the person who will perform digital-identity validation. Only used if grant is set to digital-identity. If not sent it is generated automatically. Note that only Account IDs following the regex pattern [a-zA-Z0-9_.-]+ are supported. Please go to Create an Account ID to learn more about it.
Country for the identity verification process. Required only if grant is set to digital-identity
Document type for the identity verification process. Only used if grant is set to digital-identity
List of emails to be validated during the identity verification process
Validation flow to be performed for the identity verification process. Required only if grant is set to digital-identity
API key name. Required only if key_type was set to backend
Download Process PDF
Retrieves the PDF document for a specified process by its ID.
If the PDF has not been requested before, it is generated first, progressing through:
- 202 Accepted โ
"file_status":"requested" - 202 Accepted โ
"file_status":"in_progress" - 302 Found * โ Redirects to the PDF file when ready
- 200 OK โ Returns the file
If the PDF has already been generated, the response immediately returns:
- 302 Found * โ Redirects to the PDF file when ready
- 200 OK โ Returns the file
Polling: If the file is not ready (202 Accepted), retry until 302 Found or 200 OK.
* 302 Redirect Handling: Most API clients and browsers follow redirects automatically. However, if your API client does not, extract the Location header containing the PDF’s URL and make a GET request to download the file.
Get Result
Allows you to retrieve the current status and details of a process. The status begins as pending and updates to either success or failure when the process completes.
- Pending: The process is still ongoing.
- Success: All steps in the process have been successfully completed. If the flow includes validators, all
validation_statusvalues must also be successful. - Failure: Occurs due to an internal error, timeout, or if the process is declined or expired.
Here’s a comprehensive list of reasons why a process or validation might be declined or expired, as recorded in the declined_reason and expired_reason fields:
If a process includes validators and the identity process times out because a validation did not complete, but all inputs have been uploaded, the system grants an additional 5 minutes to receive a validation response with the final status. This behavior occurs up to 3 times.
On the final attempt to retrieve the validation response, if the validation remains in the pending status, the identity process status will update to failure, with failure_status set to expired.
If a process includes the attributes override_status and override_status_history, it means the final status was modified by an authorized user. In this case, use the override_status attribute instead of status to determine the final status of the process. The override_status_history attribute will contain the history of changes made to the status.
WA Engagement
Increase your customer engagement by automating your customer service, marketing and sales process in WhatsApp.
Get Chat
Search Chat Activities
Search Chats
Download Process PDF
Retrieves the PDF document for a specified process by its ID.
If the PDF has not been requested before, it is generated first, progressing through:
- 202 Accepted โ
"file_status":"requested" - 202 Accepted โ
"file_status":"in_progress" - 302 Found * โ Redirects to the PDF file when ready
- 200 OK โ Returns the file
If the PDF has already been generated, the response immediately returns:
- 302 Found * โ Redirects to the PDF file when ready
- 200 OK โ Returns the file
Polling: If the file is not ready (202 Accepted), retry until 302 Found or 200 OK.
* 302 Redirect Handling: Most API clients and browsers follow redirects automatically. However, if your API client does not, extract the Location header containing the PDF’s URL and make a GET request to download the file.
WA Contacts
Add, search and manage your customers (end users) in a single place.
Create contact property
Indicates the type of the custom property.
Indicates the name of the custom property.
Required only if type is enum. Add the list of personalized values separated by comma, example: value1, value2, value3.
When set to true, this setting hides the property being created, ensuring it does not appear in a contact’s details. NOTE: A maximum of 25 visible (non-hidden) properties can exist simultaneously.
Create contact
Indicates the Phone number of the contact that you want to register. Must include the country code (e.g., +570000000000).
Indicates the name of the contact that you want to register.
Indicates the custom property. You must replace the variable {{property_id}}, with the id of the property you want to set for the contact. (e.g., custom_property_values.CCP12345).
Indicates the email address you want to register (e.g., email@yourdomain.com).
Update contact
Indicates the custom property. You must replace the variable {{property_id}}, with the id of the property you want to update for the contact. (e.g., custom_property_values.CCP12345).
Indicates the email address you want to update (e.g., email@yourdomain.com).
Indicates the name of the contact that you want to update.
Get contact properties
Get all contacts
Get contact
Delete contact
DI Processes
Configure and order the validations you want to do in your process. Try and start validating your users by sending a link.
Create Identity
This endpoint allows you to initiate an identity validation process for a specific user. Before using this endpoint, you must create a Flow and generate a temporary api_key linked to the corresponding flow_id. Follow the Web Integration Token Guide to complete this setup. The response will include a process_id, which you’ll use in subsequent process requests.
Important Notes
Token:
You must generate a unique token (api_key) for each identity validation process, even if performed by the same user.
Header Setup:
Set the Truora-API-Key header to the value of the generated token (api_key) required before making this request.
Verify Identity
The Verify Identity endpoint processes each step in an identity verification process. It receives step input data, validates it, and updates the process to the next step. The step input must be provided in the request body according to the specific requirements of each step.
To retrieve steps required values and track the process progression use the Read Identity endpoint.
Refer to the Verify Identity Steps guide for a practical example of using the Verify Identity endpoint along with other DI Processes endpoints.
If you need help with a specific integration scenario, please contact our Support Team.
The identifier for the verification that the step belongs to.
The type of step being verified.
The identifier for the step being verified.
An array containing the required inputs for the specified step type. Some steps may not require inputsโomit this parameter in such cases.
Identity Back
Allows stepping back in the identity verification process or retrying the last step.
- If
retry_stepis true, the last step is re-executed with the same expected inputs. - If
retry_stepis false or not provided, the process moves one step back.
Indicates whether to retry the previous step with the same expected inputs. If set to true, it decreases current_step by 1 and invokes the verify process.
Send Process Link
This request sends a short link to the user’s phone number via the specified messaging channel and in the specified language. The link directs the user to a secure URL to perform or continue their identity validation process.
Header Setup:
Set the Truora-API-Key header to the same api_key value used when creating the process_id (via the Create Identity request).
The recipient’s phone number, excluding the country code.
The country code for the recipient’s phone number, including the + symbol (e.g., +57 for Colombia). Refer to this list of country codes.
The channel through which the message will be sent.
The language of the redirection/recovery message.
Update Identity
process_id, modifying changeable process information such as phone number and device details until the process is complete.Device information in serialized JSON format.
Phone number with country code.
List Identity
Retrieves the current status and details of all identity processes. Query parameters can be used to filter results based on specific criteria. When a date range is defined, the search is limited to 2 months. The response includes up to 20 processes per query.
Note: If a process includes the attributes override_status and override_status_history, it means the final status was modified by an authorized user. In this case, use the override_status attribute instead of status to determine the final status of the process. The override_status_history attribute will contain the history of changes made to the status.
start_date and end_date cannot exceed 2 months. Both start_date and end_date are required for date range filtering.
start_date and end_date cannot exceed 2 months. Both start_date and end_date are required for date range filtering.
Read Identity
Download Process PDF
Retrieves the PDF document for a specified process by its ID.
If the PDF has not been requested before, it is generated first, progressing through:
- 202 Accepted โ
"file_status":"requested" - 202 Accepted โ
"file_status":"in_progress" - 302 Found * โ Redirects to the PDF file when ready
- 200 OK โ Returns the file
If the PDF has already been generated, the response immediately returns:
- 302 Found * โ Redirects to the PDF file when ready
- 200 OK โ Returns the file
Polling: If the file is not ready (202 Accepted), retry until 302 Found or 200 OK.
* 302 Redirect Handling: Most API clients and browsers follow redirects automatically. However, if your API client does not, extract the Location header containing the PDF’s URL and make a GET request to download the file.
Get Result
Allows you to retrieve the current status and details of a process. The status begins as pending and updates to either success or failure when the process completes.
- Pending: The process is still ongoing.
- Success: All steps in the process have been successfully completed. If the flow includes validators, all
validation_statusvalues must also be successful. - Failure: Occurs due to an internal error, timeout, or if the process is declined or expired.
Here’s a comprehensive list of reasons why a process or validation might be declined or expired, as recorded in the declined_reason and expired_reason fields:
If a process includes validators and the identity process times out because a validation did not complete, but all inputs have been uploaded, the system grants an additional 5 minutes to receive a validation response with the final status. This behavior occurs up to 3 times.
On the final attempt to retrieve the validation response, if the validation remains in the pending status, the identity process status will update to failure, with failure_status set to expired.
If a process includes the attributes override_status and override_status_history, it means the final status was modified by an authorized user. In this case, use the override_status attribute instead of status to determine the final status of the process. The override_status_history attribute will contain the history of changes made to the status.
Read Variables
Delete Identity
Customers
Customers is a centralized solution that allows you to visualize and analyze the data generated by the transactions made by your users along different business funnels.
List Customers
Get Customer
List Customers Transactions
Product that originated the transaction.
Read Customer Transaction
Main Validator Suite API
NOTE: Truora provides a Postman collection online that includes the necessary tools to simplify the testing process.
Welcome to the Truora Validators Suite RESTful API Reference. If you haven’t already, we strongly advise you to check out our Validators API Documentation.
Here, you’ll find detailed technical information about our Validators API endpoints, including parameters, request and response formats, error codes, and supported methods for seamless integration.
The Validators Suite supports various use cases, such as document validation, phone and email verification, facial recognition, and more.
A validation process may include some or all of the following steps, depending on the validator:
-
Create Enrollment: Required to associate user data for validators requiring prior information, such as face, email, and phone.
-
Create Validation: Required for all validators; you must specify the validator type and relevant validation parameters.
-
Perform Validation: Executes asynchronous validations, such as email or phone, by verifying tokens received by the user.
-
Get Validation: Retrieves the final status, results, and details of any validation.
Please keep in mind that in our validation processes, the Account ID serves as a unique user identifier, allowing you to track the validations performed. It is important to generate a distinct identifier for each user undergoing validation to prevent data overlap between users and ensure proper monitoring for each one.
For conceptual overviews, implementation guides for each validator, and additional resources to enhance your integration experience, please visit our Validators API Documentation.
Authentication
To access Truora’s services and perform API calls securely, you need to authenticate your requests. This is done by including a specific authentication token, known as the โTruora-API-Keyโ in the header of your requests.
By providing this key in your API requests, you establish a secure and authorized connection, enabling seamless interaction with Truora’s services.
Base URL
https://api.validations.truora.com
Accounts
Validation accounts simplify user identification across multiple Truora validators, enabling a single user to undergo various validation methods using the same account. For better user tracking, it is recommended to create custom-named validation accounts and use them during the validation or enrollment processes; otherwise , if a custom account_id is not specified during these processes, validators will automatically assign a random alphanumeric name.
Create Validation Account
X (formerly Twitter) username of the person associated with the account.
Type of document for the person associated with the account.
First name of the person associated with the account.
Issue date of the person’s document, formatted in RFC3339 (e.g., 2000-05-24).
Document number of the person associated with the account.
Email address of the person associated with the account.
Facebook username of the person associated with the account.
Last name of the person associated with the account.
Phone number of the person associated with the account.
Customized ID for the validation account being created. Only account IDs matching the pattern [a-zA-Z0-9_.-]+ are supported. If omitted, a random alphanumeric account ID is automatically created.
Country where the person associated with the account is located, specified in ISO 3166 Alpha-2 format (e.g., CO for Colombia). See the full list of ISO Country Codes.
Create Validation for an Account
Creates a new validation for the specified account_id.
Note: Ensure you have the account_id from previous steps. If an enrollment has already been created, it is not necessary to create a new one for each validation.
This indicates that you have the authorization of the person to be verified. This is mandatory in order to comply with data protection laws. Value must be set to true in order to perform the validation.
Account ID linked to the validation.
For document-validation, an account ID is automatically created if omitted; otherwise, the custom account ID provided is used.
For other validations, use the same account ID from the enrollment process.
The account ID helps trace validations linked to the account. Only account IDs matching the pattern [a-zA-Z0-9_.-]+ are supported. Learn more at Create an Account ID.
Indicates the type of validation to be performed.
[Required for phone-verification] Specifies the label of the phone number to be associated with the validation account upon successful validation. The phone type must have already been enrolled.
[Required for speech_match subvalidation] Minimum precision that the audio transcription obtained from the video selfie should have with the speech_token.
[Required for phone-verification] Language used to perform the validation via the selected verification channel.
Optional external identifier stored in the database along with the main structure. Used for reference purposes only, without affecting processing or logic. (Maximum length: 128 characters).
For email-verification, specifies the language of the email that the final user receives.
Determines the required similarity between the provided picture and video or selfie to pass the face-recognition validation, ranging from 0 to 1. By default, the threshold is set to 0.65.
[Required for phone-verification] Indicates the channel used to perform the verification. Some problems may occur when receiving the SMS due to external protocols of the mobile service providers, so we recommend giving an additional option to the users.
If you set whatsapp as the verify_channel value, you must have your own WABA line and Activate it. Then, create your Outbound message of type OTP and Contact Support to provide your Outbound ID for inclusion in your process.
[Required for document-validation] Set the country of the document being validated. Use ALL when document_type is set to passport.
For BR,CR, please ask sales team.
- Allowed: CO | CL | MX | PE | BR | CR | ALL
[Required for face-search] Country of the face to be searched in reported lists (TruFace).
Use ALL when using TruFace (face-search) as a Face Validation compliment.
- Allowed: ALL | BR | CL | CO | CR | EC | MX | PE
[Required if you have active retries] Refers to the validation_id of the failed validation. Remember that it is also necessary to send the same account ID (even if it is the automatically generated one) of the failed validation.
Note: When type is face-recognition, only available if passive liveness is enabled.
Indicates which subvalidations you want to perform during the face-recognition validation execution. If omitted, only similarity will be used. You can select more than one.
The time, in seconds, users will have to complete the validation. If omitted, the timeout from the client’s config will be used.
- Default: 300 (5 minutes) for all validators.
- Max: 600 (10 minutes) for phone-verification and email-verification;
21600 (6 hours) for document-validation, face-recognition and face-search.
Evaluates the availability for manual review according to the review schedule. If unavailable, the manual review will be skipped without affecting the validation status, and the manual review status will be marked as unavailable.
For document-validation, when specified, indicates the name of the Custom Type check to be used when a background check linked to this validation is desired. Keep in mind that the Custom Type check must already exist.
[Required for document-validation] Set this value to the type of document been validated. For ppt please ask sales team.
Refer to Supported Document Types for a complete reference of supported document types, applicable countries and document front/reverse picture requirements.
List Validation Accounts
start_key query parameter. The response includes a list of each validation account and its details.Get Validation Account
Get Enrollments by Account
Retrieves all enrollments linked to a specific account_id. Each enrollment object includes its status and other relevant details. Enrollment status begins as pending and can ultimately result in either success or failure.
For more information about declined enrollment reasons, please refer to the Declined Reasons Guide.
Get Account Validations
Retrieves all validations linked to a specific account_id. Each validation object includes its validation status, expired reason, failure reason and other relevant details. Validation status begins as pending and can ultimately result in either success or failure.
For more information on failure reasons, please refer to the following guides:
Get Validation from Account
Retrieves the detailed information of a specific validation using an account_id and validation_id. This object is useful for understanding the exact status of the validation process. You can retrieve the current status and results of a validation, where the validation_status begins as pending and can either be success or failure upon completion.
To obtain details such as the inputs or uploaded media for the validation, you can include the query parameter show_details with the value of true.
To learn more about the reasons for failure, please refer to the following guides:
true, retrieves additional validation details, including links to user-uploaded files that remain valid for 15 minutes.
Enrollments
The enrollment step is crucial in our system, as it connects an account with a specific validation type. This process allows you to register a user once and perform multiple validations seamlessly. The required fields for an enrollment vary depending on the validation type. Note that enrollment is mandatory for all validators except document validation.
Create Enrollment
Indicates the type of validation to be performed along with this enrollment.
This indicates that you have the authorization of the person to be enrolled. This is mandatory in order to comply with data protection laws. Value must be set to true in order to perform the enrollment.
[Required for email-verification] Email to be associated with the user account.
[Required for face-search] Indicates the reason to block a face. Set one of the following:
-
manipulated_document: Indicates that this person is known to use manipulated documents to pass identity validations. -
manipulated_photo: Indicates that this person is known to manipulate photos to pass identity validations. -
non_payment: Indicates that this person has incomplete payments and refuses to pay. -
criminal_records_in_company: Indicates that this person has some sort of criminal history with your company, or an ally. -
fraudster: Indicates you know this person to be a fraudster for reasons different from the above.
[Required for phone-verification] Phone number to be associated with the validation account on successful validation. Must include the country code (e.g., +57300XXXXXXX).
Account ID linked to the enrollment.
An account ID is automatically created if omitted; otherwise, the custom account ID provided is used.
The account ID helps trace enrollments/validations linked to the account. Only account IDs matching the pattern [a-zA-Z0-9_.-]+ are supported. Learn more at Create an Account ID.
Only available for face-recognition validations. Used to specify the creation of enrollment that does not require an identity validation to complete. Set as none to skip the required validation. If omitted, the enrollment will require the normal validation process, and the enrollment status will remain pending until successfully validated.
Note: To use the confirmation parameter your company’s account must be authorized. To request authorization, please contact our Support Team. This authorization will affect only your Truora-API-Keys created after the approval.
[Optional* for phone-verification] Origin country of the person to be validated. *Required if it was not provided during account creation.
- Allowed: CO | CL | MX | BR | VE | PE | EC | AR | US
[Required for face-search] Country of the reported face. Use ALL when using TruFace (face-search) as a Face Validation compliment.
- Allowed: ALL | BR | CL | CO | CR | EC | MX | PE
[Required for phone-verification] Specifies the label of the phone number to be associated with the validation account upon successful validation. You can associate up to three phone numbers with a user account. To do this, you must create a new enrollment by choosing a different phone_type each time.
Get Enrollments by Account
Retrieves all enrollments linked to a specific account_id. Each enrollment object includes its status and other relevant details. Enrollment status begins as pending and can ultimately result in either success or failure.
For more information about declined enrollment reasons, please refer to the Declined Reasons Guide.
Get Enrollment
Allows you to search for an enrollment to verify its progress. Using this step is optional. The enrollment status begins as pending and can ultimately result in either success or failure.
For more information about declined enrollment reasons, please refer to the Declined Reasons Guide.
Delete enrollment
Validations
Validations is your tool for managing various validators such as document validation, face recognition, face search (TruFace), email verification, and phone verification. This API handles all the necessary logic for these validators, offering a unified service to manage multiple validators efficiently.
Perform sync validation
validation_id within the specified account_id. Examples of these validators include phone and email. Not applicable to async validators such as document or face.If a previous validation attempt was unsuccessful, this will count as a retry, which could occur due to errors such as a typo in the token or other mistakes.
Indicates the type of validation to be performed.
The validation code sent to the user’s email or phone (via SMS, call, or WhatsApp) for verification.
Create Validation
This indicates that you have the authorization of the person to be verified. This is mandatory in order to comply with data protection laws. Value must be set to true in order to perform the validation.
Indicates the type of validation to be performed.
Account ID linked to the validation.
For document-validation, an account ID is automatically created if omitted; otherwise, the custom account ID provided is used.
For other validations, use the same account ID from the enrollment process.
The account ID helps trace validations linked to the account. Only account IDs matching the pattern [a-zA-Z0-9_.-]+ are supported. Learn more at Create an Account ID.
Determines the required similarity between the provided picture and video or selfie to pass the face-recognition validation, ranging from 0 to 1. By default, the threshold is set to 0.65.
Optional external identifier stored in the database along with the main structure. Used for reference purposes only, without affecting processing or logic. (Maximum length: 128 characters).
Evaluates the availability for manual review according to the review schedule. If unavailable, the manual review will be skipped without affecting the validation status, and the manual review status will be marked as unavailable.
For document-validation, when specified, indicates the name of the Custom Type check to be used when a background check linked to this validation is desired. Keep in mind that the Custom Type check must already exist.
[Required for phone-verification] Language used to perform the validation via the selected verification channel.
[Required for document-validation] Set this value to the type of document been validated. For ppt please ask sales team.
Refer to Supported Document Types for a complete reference of supported document types, applicable countries and document front/reverse picture requirements.
Indicates which subvalidations you want to perform during the face-recognition validation execution. If omitted, only similarity will be used. You can select more than one.
The time, in seconds, users will have to complete the validation. If omitted, the timeout from the client’s config will be used.
- Default: 300 (5 minutes) for all validators.
- Max: 600 (10 minutes) for phone-verification and email-verification;
21600 (6 hours) for document-validation, face-recognition and face-search.
[Required if you have active retries] Refers to the validation_id of the failed validation. Remember that it is also necessary to send the same account ID (even if it is the automatically generated one) of the failed validation.
Note: When type is face-recognition, only available if passive liveness is enabled.
[Required for document-validation] Set the country of the document being validated. Use ALL when document_type is set to passport.
For BR,CR, please ask sales team.
- Allowed: CO | CL | MX | PE | BR | CR | ALL
[Required for face-search] Country of the face to be searched in reported lists (TruFace).
Use ALL when using TruFace (face-search) as a Face Validation compliment.
- Allowed: ALL | BR | CL | CO | CR | EC | MX | PE
[Required for speech_match subvalidation] Minimum precision that the audio transcription obtained from the video selfie should have with the speech_token.
[Required for phone-verification] Indicates the channel used to perform the verification. Some problems may occur when receiving the SMS due to external protocols of the mobile service providers, so we recommend giving an additional option to the users.
If you set whatsapp as the verify_channel value, you must have your own WABA line and Activate it. Then, create your Outbound message of type OTP and Contact Support to provide your Outbound ID for inclusion in your process.
For email-verification, specifies the language of the email that the final user receives.
[Required for phone-verification] Specifies the label of the phone number to be associated with the validation account upon successful validation. The phone type must have already been enrolled.
Perform validation
validation_id. If a previous validation attempt was unsuccessful, this will count as a retry, which could occur due to errors such as a typo in the token or other mistakes.Indicates the type of validation to be performed.
The validation code sent to the user’s email or phone (via SMS, call, or WhatsApp) for verification.
File Upload
Accepts binary files such as images, videos, or other types of files, encoded in Base64 format. This input is used for uploading media or documents required in identity verification processes.
Get Account Validations
Retrieves all validations linked to a specific account_id. Each validation object includes its validation status, expired reason, failure reason and other relevant details. Validation status begins as pending and can ultimately result in either success or failure.
For more information on failure reasons, please refer to the following guides:
Get Validation from Account
Retrieves the detailed information of a specific validation using an account_id and validation_id. This object is useful for understanding the exact status of the validation process. You can retrieve the current status and results of a validation, where the validation_status begins as pending and can either be success or failure upon completion.
To obtain details such as the inputs or uploaded media for the validation, you can include the query parameter show_details with the value of true.
To learn more about the reasons for failure, please refer to the following guides:
true, retrieves additional validation details, including links to user-uploaded files that remain valid for 15 minutes.
Get all user Validations
This endpoint allows you to list all validations associated with your users, enabling effective tracking of their current statuses. The returned object provides insights into the exact status of each validation process, where the validation_status begins as pending and can ultimately result in either success or failure.
To learn more about the reasons for failure, please refer to the following guides:
Get Validation
Returns a validation object given a validation_id. This object is useful for understanding the exact status of the validation process. You can retrieve the current status and results of a validation, where the validation_status begins as pending and can either be success or failure upon completion.
To obtain details such as the inputs or uploaded media for the validation, you can include the query parameter show_details with the value of true.
To learn more about the reasons for failure, please refer to the following guides:
true, retrieves additional validation details, including links to user-uploaded files that remain valid for 15 minutes.
Config
The Config Validators feature allows for customization of various parameters to improve the behavior of the validators. This is particularly valuable when you wish to set different decision parameters like thresholds, timeouts, manual review enabling, and more. Below are the parameters that are configurable across multiple validators.
-
timeout: The amount of time, in seconds, that users will have to perform the validation before it times out. -
allowed_retries: The number of times the validation may be retried before failing. -
retry_ttl: The time to live (TTL), in seconds, for creating a retry of any validation.
Config by Validator Type
Each Validator has its own particularities and specific parameters (not listed in the table above) that you may modify to better suit your company’s needs. To learn about specific configurable parameters, default values, and special considerations, please visit the guide for the validator you want to configure:
NOTES:
-
The Config Validators parameters are global to your account and will affect all validations performed across it.
-
However, validations performed in a Flow will prioritize the configuration in the Validator Block of your flow. All other parameters, not configurable within the Flow Builder, will take the global configuration values. To learn about flows, please visit the Create your first flow guide from our Digital Identity documentation.
Update config
Allows updating the values of various parameters to improve the behavior of the validators, such as timeout, allowed retries, threshold, manual review, among other properties from our validators. For more datails about customizable parameters for each validator, please refer to the individual configuration guides:
Validator to be configured.
When set to true, adds face_search subvalidation to the face-recognition validation. This enables the system to check if the uploaded face is reported in Truface (face-search).
The time, in seconds, users will have to complete the validation.
- Default: 300 (5 minutes) for all validators.
- Max: 600 (10 minutes) for
phone-verificationandemail-verification;
21600 (6 hours) fordocument-validationandface-recognition.
Available for document-validation and face-recognition.
The time to live (TTL), in seconds, for creating a retry of any validation.
-
For
document-validation: The default value is 300 seconds (5 minutes), with a maximum of 1800 seconds (30 minutes) and a minimum of 1 second. -
For
face-recognition: The default and maximum value is 300 seconds (5 minutes), with a minimum of 1 second.
Note: Forface-recognition, retry feature is only available when passive liveness is enabled in the Face Validation process. For more information visit the Facial Recognition Methods guide.
[Required if modifying a validation_method] The type of document for which the document-validation configuration will be updated. If omitted, all supported document types will be affected.
Note: Refer to Appendix 1 tables in the Document Validator Config guide for a list of supported Document Types by Country.
Custom support email address displayed at the bottom of the email-verification validator email. For details, language options and default values, see the Email Validator Config guide.
Determines whether manual review will be performed upon face-recognition validation failure. You must contact Truora to activate this service. For more information about manual review, please visit the Manual Review guide.
Checks for any alterations or edits in the image of the validated document in document-validation.
The number of times the validation may be retried before failing.
Note: For face-recognition, retry feature is only available when passive liveness is enabled in the Face Validation process. For more information visit the Facial Recognition Methods guide.
-
For
document-validation: The default value is 0 retries, with a maximum of 3 retries. -
For
face-recognition: The default value is 0 retries, with a maximum of 2 retries. -
For
email-verificationandphone-verification: The default value is 2 retries, with a maximum of 4 retries.
Custom text appearing after the verification code in the email-verification validator email. For details, language options and default values, see the Email Validator Config guide.
Analyzes if the image used for document-validation is a photocopy of a document.
Custom text appearing before the verification code in the email-verification validator email. For details, language options and default values, see the Email Validator Config guide.
Country for which the document-validation configuration will be updated.
Custom main title text in the email-verification validator email. For details, language options and default values, see the Email Validator Config guide.
Custom subject text in the email-verification validator email. For details, language options and default values, see the Email Validator Config guide.
Analyzes the extracted data from the document for consistency in document-validation, such as date of birth and document number.
Custom text within the OTP phone-verification messages, up to 30 characters. For details, language options and default values, see the Phone Validator Config guide.
The version of the document_type for which the document-validation configuration will be updated. If omitted, all supported document versions will be affected.
Note: For a complete list of Allowed document versions available by country and document type, refer to the tables in Appendix 1: Supported Document Versions. Please contact our Support Team for further assistance.
Determines the required similarity, ranging from 0 to 1, between the provided picture and the video or selfie used to pass the face-recognition validation. By default, the threshold is set to 0.65.
Validates the extracted identification number against government databases in document-validation.
Determines whether manual review will be performed upon validation failure in document-validation.
For more information about manual review, please visit the Manual Review guide.
Analyzes if the image used for validation is a photograph of a photograph of a document in document-validation.
Get Config
Fetches the current configuration state for all validators associated with your account.
Note: Since the response includes configuration details for all validators linked to your account, please review the specific validator details youโre interested in carefully.
Delete Config
type) within the validatorโs configuration. Deleting the configuration resets its values back to their defaults.Note: If you omit the
type parameter when sending the request, all configurations associated with the validator will be deleted, reverting all values to their default settings.Allowed: timeout | allowed_retries | use_manual_review | document_config | retry_ttl
If validator is face-recognition:
Allowed: threshold | timeout | enrollment_timeout | use_manual_review | include_face_search
If validator is email-verification:
Allowed: timeout | allowed_retries | email_subject | email_title | email_text_1 | email_text_2 | support_email
If validator is phone-verification:
Allowed: allowed_retries | timeout | custom_name
Configuration type to be reset. If provided, the validator reset will only affect the selected configuration; otherwise, all configurations will be reset.
Note : For
document-validation, setting the type field to document_config will reset any Document Version Config to their default values.
Name of the validator’s config to be deleted.
Status
Status lets you check the current state of our services in real time.