Checks API

NOTE: Truora provides a Postman collection online that includes the necessary tools to simplify the testing process.

Welcome to the Truora Check RESTful API reference. If you haven’t already, we strongly advise you to check out our Guides Section.

Truora Check API allows performing full background checks on people, vehicles and companies. There are three main types of background checks:

  • Personal background check: Verifies national IDs in multiple databases of public and legal entities in the LATAM region. For every national ID, returns information on: personal identity, criminal records, international background check, and professional background.
  • Vehicle background check: Verifies the vehicle documents and the owner identity in multiple databases of public and legal entities in the LATAM region. For every vehicle and owner type, returns information on: personal identity, driving records, criminal records, and vehicle information.
  • Company background check: Verifies the tax ID or a company name in multiple databases of public and legal entities in the LATAM region. For every company, returns the associated: business status, legal and criminal records, and media reports.

Authentication

To access Truora’s services and perform API calls securely, you need to authenticate your requests. This is done by including a specific authentication token, known as the ”Truora-API-Key” in the header of your requests.

By providing this key in your API requests, you establish a secure and authorized connection, enabling seamless interaction with Truora’s services.

  • If you haven’t already, sign up for a free account here before generating your Truora-API-Key.
  • Learn how to generate your Truora-API-Key here.
Base URL

https://api.checks.truora.com

Checks

Checks API enables you to create and retrieve background checks. It consults multiple databases and provides a comprehensive set of information to assess the reliability of a person, vehicle, or company. Explore our guide on Background Checks for further details.

Create check

Creates a background check and queues it to start collecting information. The full details of background checks can be retrieved with their respective Check IDs using getCheck endpoint. Keep in mind that, depending on the check type, input document, and country of a search, certain inputs are required. You should always provide as many inputs as possible in order to get the highest accuracy.

If your check type is not referenced in the following table, please reach out to find out the fields that apply for you.

CountryPerson-NationalPerson-ForeignerCompanyVehicle-NationalVehicle-Foreigner
Chile
CL		national_id*
date_of_birth
phone_number
issue_number		foreign_id*
date_of_birth*
phone_number
first_name*
last_name*
native_country*
issue_number		N/Anational_id*
license_plate*
driver_license (Santiago only)		foreign_id*
first_name*
last_name*
date_of_birth*
native_country*
license_plate*
driver_license (Santiago only)
Colombia
CO		national_id*
date_of_birth
issue_date
phone_number		foreign_id* or PPT*
date_of_birth*
phone_number
issue_date*		tax_id*
national_id		national_id*
date_of_birth
phone_number
license_plate*
owner_document_type
owner_document_id		foreign_id*
date_of_birth
phone_number
license_plate*
issue_date*
Mexico
MX		national_id*
phone_number		foreign_id*tax_id*license_plate*
national_id
vehicle_id
driver_license(Estado de Mexico only)		N/A
Brazil
BR		national_id*
date_of_birth*
region*
phone_number		N/Atax_id*license_plate*N/A
Costa Rica
CR		national_id*
phone_number		foreign_id*
phone_number		N/Alicense_plate*N/A
Peru
PE		national_id*
date_of_birth*
phone_number		foreign_id*
ptp
date_of_birth
phone_number*		N/Anational_id*
date_of_birth*
license_plate*		foreign_id*
ptp
date_of_birth*
license_plate*
International
ALL		name*name*company_name*N/AN/A
(*) Required field

Request
Request Body *application/x-www-form-urlencoded
country string
[Required]
Allowed: ALL | BR | CO | CL | MX | PE | CR

Document country

user_authorized boolean
[Required]

Indicates whether the person subject to the validation authorized the validation. Must be true in order to proceed [Required for API key V1 or later]

type string
[Required]
Allowed: person | vehicle | company | custom_type_name

Background check type. Replace custom_type_name with the name of your custom type to perform a custom type check

diplomatic_id string

Diplomatic ID

ptp string

ID for Venezuelans working in Peru

This field also apply for PPT (Permiso de Protección Temporal) in Colombia

passport string

Person passport

first_name string

Person or entity first name. If the document type and number are not provided, the report might include homonyms. Required when searching by first name, Required in order to get complete background checks in Brazil

national_id string

National ID

native_country string
Allowed: CO | MX | PE | BR | EC | CL | VE

Country of birth. Required if native_national_id is provided

professional_card string

Professional ID card

phone_number string

Person phone number. Required by law to notify the person their background is being checked

birth_certificate string

Person birth certificate

driver_license string

Driver’s license number

last_name string

Person or entity last name. If the document type and number are not provided, the report might include homonyms. Required when searching by last name. Required in order to get complete background checks in Brazil

owner_document_type string

national-id, foreign-id, tax-id or passport

verification_code string

Verification code registered for criminal records in Peru and Chile

region string
Allowed: DF | AC | AL | AP | AM | BA | CE | ES | GO | MA | MT | MS | MG | PA | PB | PR | PE | PI | RJ | RN | RS | RO | RR | SC | SP | SE | TO | ALL

Region where the background is to be checked in addition to the region where the person is from. By default, background checks in Brazil are performed in the person region of birth according to their CPF. Required for Brazil only. Keep in mind that a nation-wide search can take more than 24 hours to complete, whereas region-specific searches take from 2 to 20 min to complete.

Allowed values are: DF: Distrito Federal, AC: Acre, AL: Alagoas, AP: Amapá, AM: Amazonas, BA: Bahía, CE: Ceará, ES: Espírito Santo, GO: Goiás, MA: Maranhão, MT: Mato Grosso, MS: Mato Grosso do Sul, MG: Minas Gerais, PA: Pará, PB: Paraíba, PR: Paraná, PE: Pernambuco, PI: Piauí, RJ: Río de Janeiro, RN: Río Grande do Norte, RS: Río Grande do Sul, RO: Rondônia, RR: Roraima, SC: Santa Catarina, SP: São Paulo, SE: Sergipe, TO : Tocantins, ALL: nation-wide search

company_name string

Company name “Don’t forget this required field to complete background checks in Brazil”

license_plate string

Vehicle license plate

foreign_id string

Person foreign ID

pep string

ID for Venezuelans working in Colombia

watch string

Indicates whether the check score is to be periodically revised and its frequency. It can be daily, weekly, monthly, yearly or have a custom frequency written as a number accompanied by d: day, w: week, m: month, y: year for instance: 3d: every three days, 2w: every two weeks. Ignore this field if the check is only to be performed once

vehicle_id string

Vehicle NIV number

date_of_birth string

Person birthdate. This date is used to get some additional information about a person and to filter homonyms in some cases. YYYY-MM-DD format, Required for complete background checks in Brazil and Perú

force_creation boolean

Defines the behavior of the API when creating a background check with the same input values used for a recently created background check.

When true, forces the creation of a new background check; otherwise, it returns the result of the background check created earlier.

imei string

15-digit IMEI to be validated

native_national_id string

National ID from the person native country. Keep in mind that you must provide the native_country if you enter a native_national_id

state_id string

Used for the RG (Registro Geral) identification in Brazil. This identification has different formats according to the state that issues the document. It can have numbers and letters but other characters (- * , . ) are omitted, Required in order to get complete background checks in Brazil

tax_id string

Company ID used for tax payments

issue_date string

Person document issue date in “YYYY-mm-dd” format (e.g. 2008-12-31) . This date is used to get some additional information about a person in some cases

certificate_folio string

Folio for Chilean certificate search. Chile only

escrow string

Colombian escrow

issue_number string

Document number of Chilean identity. This number is used to get some additional information about a person. Chile only

owner_document_id string

ID of the vehicle owner

payment_date string

Payment day of a vehicle circulation permit (Chile only)

report_id string

Report ID the background check will be inserted into

post
/v1/checks

List checks

Lists all the existing checks created in the account. If report_id is provided, it will only return the checks from the report
get
/v1/checks
Query Parameters
report_id string
[Optional]
ID of the report of background checks to be returned.
start_key string
[Optional]
Start key value for the pagination.

Get check

Returns the results of the check that matches the ID provided, complete with a set of scores explained below.

Scores:

  • Global Score: Average risk associated with a person, company or vehicle, according to the background check results. The global score considers results that are validated with the ID number provided. The score ranges from 0 to 1, where 0 represents high risk and 1 low risk.
  • ID Score: Average risk associated with a person according to the background check results. The ID score considers the results that are validated with a person identity document. The score ranges from 0 to 1, where 0 represents high risk and 1 low risk.
  • Name Score: Average risk associated with a person according to the background check results. The name score considers results that are validated against the name of a person and could not be validated with their ID number. These results might have homonyms associated with them. The score ranges from 0 to 1, where 0 represents high risk and 1 low risk.

In order to calculate these scores, a weighted average is considered with different weights allocated to each dataset. Scores can be customized using the config endpoints by assigning a weight to each dataset according to its relevance.

Keep in mind that results from the API vary depending on the country, check type and the inputs entered on check creation.

get
/v1/checks/{check_id}
Path Parameters
check_id string
[Required]
A unique identifier for a check.

Get Check Attachments

Enables the download of PDF documents associated with the check result. This will list all the files found for a given check and provide the link for downloading
get
/v1/checks/{check_id}/attachments
Path Parameters
check_id string
[Required]
A unique identifier for a check.

List Check Details

Lists all details associated with a check, with support for pagination. It includes a list of data sources along with their respective information
get
/v1/checks/{check_id}/details
Path Parameters
check_id string
[Required]
A unique identifier for a check.
Query Parameters
lang string
[Optional]
Specifies the desired language for details; use lowercase ISO 639-1 format. If not specified, details will be provided in their original language.
start_key string
[Optional]
Start key value for the pagination.

Summarize

Returns a summary in a human readable way for the specified check id. It is useful when the details of the check are too long when reviewing manually
get
/v1/checks/{check_id}/summarize
Path Parameters
check_id string
[Required]
A unique identifier for a check.

Get the status of a database

Retrieve the current status of all databases that match with query parameters. This endpoint assists in determining the suitability of making a Check, allowing to review the availability of a database at any given moment.
get
/v1/health
Query Parameters
country string
[Required]
Country code in uppercase ISO 3166 format (e.g., CO for Colombia).
unixTimestampSeconds number
[Required]
Unix timestamp in seconds. Send a day timestamp to view the database hourly status for that day or send the current time to know the current database status.
unixtimezoneOffsetSeconds number
[Required]
Offset between the local time and the UTC time in seconds. (e.g., Colombia is at UTC -18000 seconds).

Delete check

Deletes the check that matches the Check ID provided, along with relevant information about that specific check. If the check belongs to a continuous check, it will be deleted only if isn’t the first one.
delete
/v1/checks/{check_id}
Path Parameters
check_id string
[Required]
A unique identifier for a check.

Custom-Type

The Custom Type API enables the creation of custom searches, allowing you to include only the desired datasets in background checks, thus enhancing the check efficiency. Moreover, you can customize the impact of each dataset on the global score by assigning it a weight value between 0 and 1. It’s important to note that the sum of all weights must equal 1.

You can use custom types in your checks to perform custom-type checks. For detailed information, refer to our Custom Type guide.

Create custom type

Create a custom type selecting the weight for each background check dataset and the country where it applies. Weights are numbers between 0 and 1 that represent how impactful the dataset is for the score, where datasets with weight 0 do not influence the score but are searched nonetheless. Keep in mind that the sum of all weights must equal 1. To perform a check with the custom type, create a Check and enter the name you gave to your custom type in type
Request
Request Body *application/x-www-form-urlencoded
country string
[Required]
Allowed: ALL | BR | CL | CO | MX | PE

Country where this set of rules applies. Use “all” if the check type searches by name by relying on international databases

type string
[Required]

Custom type name. It cannot be person, vehicle, or company. Use this type in your checks to perform custom-type checks

dataset_vehicle_permits number

Vehicle certificate background weight for score calculation. From 0 to 1. If not provided, the dataset is skipped entirely decreasing the search time

dataset_criminal_record number

Criminal record weight for score calculation. From 0 to 1. If not provided, the dataset is skipped entirely decreasing the search time

dataset_international_background number

International background weight for score calculation. From 0 to 1. If not provided, the dataset is skipped entirely decreasing the search time

dataset_legal_background number

Legal background weight for score calculation. From 0 to 1. If not provided, the dataset is skipped entirely decreasing the search time

dataset_personal_identity number

Personal identity weight for score calculation. From 0 to 1. If not provided, the dataset is skipped entirely decreasing the search time

dataset_affiliations_and_insurances number

Affiliation and insurance weight for score calculation. From 0 to 1. If not provided, the dataset is skipped entirely decreasing the search time

dataset_alert_in_media number

Alert in media weight for score calculation. From 0 to 1. If not provided, the dataset is skipped entirely decreasing the search time

dataset_driving_licenses number

Driving license weight for score calculation. From 0 to 1. If not provided, the dataset is skipped entirely decreasing the search time

dataset_professional_background number

Professional background weight for score calculation. From 0 to 1. If not provided, the dataset is skipped entirely decreasing the search time

dataset_taxes_and_finances number

Taxes and financial background weight for score calculation. From 0 to 1. If not provided, the dataset is skipped entirely decreasing the search time

dataset_traffic_fines number

Traffic fines weight for score calculation. From 0 to 1. If not provided, the dataset is skipped entirely decreasing the search time

dataset_vehicle_information number

Vehicle information weight for score calculation. From 0 to 1. If not provided, the dataset is skipped entirely decreasing the search time

dataset_business_background number

Business background weight for score calculation. From 0 to 1. If not provided, the dataset is skipped entirely decreasing the search time

post
/v1/config

Update custom type

Allows updating a custom type. Person, vehicle, and company types are not modifiable. Please visit How to Create a Custom Type for Background Check guide for more information.
Request
Request Body *application/x-www-form-urlencoded
type string
[Required]

Custom type name. It cannot be person, vehicle, or company. Use this type in your checks to perform custom-type checks

country string
[Required]
Allowed: ALL | BR | CL | CO | MX | PE

Country where this set of rules applies. Use “all” if the check type searches by name by relying on international databases

dataset_professional_background number

Professional background weight for score calculation. From 0 to 1. If not provided, the dataset is skipped entirely decreasing the search time

dataset_legal_background number

Legal background weight for score calculation. From 0 to 1. If not provided, the dataset is skipped entirely decreasing the search time

dataset_business_background number

Business background weight for score calculation. From 0 to 1. If not provided, the dataset is skipped entirely decreasing the search time

dataset_driving_licenses number

Driving license weight for score calculation. From 0 to 1. If not provided, the dataset is skipped entirely decreasing the search time

dataset_criminal_record number

Criminal record weight for score calculation. From 0 to 1. If not provided, the dataset is skipped entirely decreasing the search time

dataset_taxes_and_finances number

Taxes and financial background weight for score calculation. From 0 to 1. If not provided, the dataset is skipped entirely decreasing the search time

dataset_vehicle_permits number

Vehicle certificate background weight for score calculation. From 0 to 1. If not provided, the dataset is skipped entirely decreasing the search time

dataset_affiliations_and_insurances number

Affiliation and insurance weight for score calculation. From 0 to 1. If not provided, the dataset is skipped entirely decreasing the search time

dataset_alert_in_media number

Alert in media weight for score calculation. From 0 to 1. If not provided, the dataset is skipped entirely decreasing the search time

dataset_international_background number

International background weight for score calculation. From 0 to 1. If not provided, the dataset is skipped entirely decreasing the search time

dataset_traffic_fines number

Traffic fines weight for score calculation. From 0 to 1. If not provided, the dataset is skipped entirely decreasing the search time

dataset_vehicle_information number

Vehicle information weight for score calculation. From 0 to 1. If not provided, the dataset is skipped entirely decreasing the search time

dataset_personal_identity number

Personal identity weight for score calculation. From 0 to 1. If not provided, the dataset is skipped entirely decreasing the search time

put
/v1/config

List custom types

Lists all custom types of the associated account. Please visit How to Create a Custom Type for Background Check guide for more information.
get
/v1/config
Query Parameters
start_key string
[Optional]
Start key value for the pagination.

Delete custom type

Allows deleting a custom type. Please note that person, vehicle, and company custom types can not be deleted.

After deletion, the response will display the remaining custom types associated with the country of the deleted custom type.

delete
/v1/config
Query Parameters
country string
[Required]
Country where the custom type is valid. Use ISO 3166 format in uppercase (e.g., CO for Colombia)
type string
[Required]
Name of the custom type to be deleted.

Settings

Allows the configuration of parameters such as names matching type, retries and max duration.

Create setting

Allows setting up both retries and names matching type. Keep in mind that this feature is a configuration at a Client level, so it will affect all your check types.
Request
Request Body *application/x-www-form-urlencoded
names_matching_type string
Allowed: soft | exact

Defines the matching type between the names retrieved from the identity databases and the names found in the criminal, legal and international databases to determine whether a record should be included in the check or not. soft (used by default) means matching names when they are similar enough to be considered the same person (e.g., Maria Alejandra Gomez would match Alejandra Gomez). exact means the names must perfectly match. Keep in mind that this feature is a configuration at a Client level, so it will affect all your check types

retries boolean

Indicates whether or not database queries must be retried until they successfully return a response or until the max_duration time is reached

max_duration string

Indicates the maximum amount of time a check can take to fetch responses. It follows the following format "xt" where x is a number and t is a letter ( m for minutes or h for hours). Example 25m indicates 25 minutes, 2h indicates 2 hours. This value must be between 15 minutes and 7 days (168 hours). When not configured, it is set to default. If retries is enabled, the default max duration is set to 48 hours; otherwise, it is set to 3 hours for Colombia, Mexico, Peru, and Brazil; 48 hours for Chile and International searches; and 72 hours for Costa Rica

post
/v1/settings

Continuous

Enables the creation of recurring checks with customizable frequency, providing notifications whenever there are changes in check scores.

Create Continuous Check

Creates a continuous check that will run background checks recurrently according to the frequency provided.
Request
Request Body *application/x-www-form-urlencoded
frequency string
[Required]

Time between background checks. It can be daily, weekly, monthly, yearly or have a custom frequency written as a number accompanied by a letter d: day, w: week, m: month, y: year. For instance: 3d: every three days, 2w: every two weeks

end_date string
[Required]

Date on which background checks will stop. YYYY-MM-DD format. For the date to be valid, it must allow at least one check to be run according to the frequency.

check_id string
[Required]

Background checks to be processed recurrently

post
/v1/continuous-checks

Update Continuous Checks

Updates a continuous check using its ID. This method can only modify its frequency and status
Request
Request Body *application/x-www-form-urlencoded
frequency string

Time between background checks

status string
Allowed: enabled | disabled

Indicates whether the background checks must be processed recurrently

version string
Allowed: 0 | 1

API Key version to be used for the continuous check hooks. This version must match API key version you use. Version 0 is used by default.

put
/v1/continuous-checks/{continuous_check_id}
Path Parameters
continuous_check_id string
[Required]
Unique ID assigned after calling CreateContinuousCheck.

List Continuous Checks

Lists all continuous checks created in the given account. This method returns the ’next’ attribute to paginate for the next results
get
/v1/continuous-checks

Get Continuous Checks

Returns the specified continuous check using its ID. This method returns the last check executed and provides information such as frequency, status, count and end date
get
/v1/continuous-checks/{continuous_check_id}
Path Parameters
continuous_check_id string
[Required]
Unique ID assigned after calling CreateContinuousCheck.

List Continuous Check Logs

Returns Continuous Check Logs. These logs are useful for analyzing the behavior of the check over time. Each entry includes details of what changed
get
/v1/continuous-checks/{continuous_check_id}/history
Path Parameters
continuous_check_id string
[Required]
Unique ID assigned after calling CreateContinuousCheck.

PDF

Enables the export of a comprehensive PDF containing the obtained information, Truora’s assigned score, and consulted datasets. For more details, refer to Background Checks: PDF, Variables and Attachments guide.

Create PDF

Create PDF receives a check id and starts the conversion to PDF. Once the method is finished, it will return a link where the file can be downloaded
post
/v1/checks/{check_id}/pdf
Path Parameters
check_id string
[Required]
A unique identifier for a check.

Get PDF

Get PDF downloads the PDF in the specified language, Spanish by default. This endpoint must be called after making the POST call
get
/v1/checks/{check_id}/pdf
Path Parameters
check_id string
[Required]
A unique identifier for a check.
Query Parameters
lang string
[Optional]
Specifies the language of the PDF; use lowercase ISO 639-1 format. If not specified, the PDF will be downloaded in Spanish by default.

Batch

Given a valid xlsx file, this endpoint takes the information from the file and starts creating the checks and associating it to the specified report object. For a step-by-step explanation of all methods and required fields for submitting a batch, please refer to the Background Checks Batch via API guide.

Create Batch

This endpoint facilitates the creation of batches of different types. This endpoint does not include input file uploading or batch start logic.

The check inputs to be uploaded in the file can be manually mapped using columns_mapping.{input_name} body params, by default the inputs accepted by the check type will be mapped. The request will return a columns array with the order in which the inputs should be in the xlsx file.

The batch creation request returns a temporary URL in the file_upload_link field. This URL must be used to make a PUT request with the file containing the mapped batch data. It is crucial to note that the URL has a limited expiration time (30min) and will only allow the first submitted file to be uploaded. Therefore, it is highly recommended to carefully review the information before uploading.

Request
Request Body *application/x-www-form-urlencoded
country string
[Required]
Allowed: ALL | BR | CO | CL | MX | PE | CR

The country of batch checks

type string
[Required]
Allowed: person | vehicle | company | custom_type_name

Type of the batch checks. Replace custom_type_name with the name of your custom type to perform a batch of custom type checks. In case you want to create a custom type please visit How to Create a Custom Type for Background Check guide for more information.

service string
[Required]
Allowed: checks

The service for which the batch will be processed

columns_mapping.{input_name} number

Columns mapping of the xlsx file. This body parameter must be sent for each column you want to upload in the xlsx file, replacing the input_name with the name of the input (e.g. columns_mapping.national_id). The value must be the index of the column in the file, being 0 for column A, 1 for column B and so on. If no column mapping is sent, all inputs for the selected custom type will be automatically mapped.

end_date string

Date on which background checks will stop to create a batch of continuous checks. YYYY-MM-DD format. For the date to be valid, it must allow at least one check to be run according to the frequency.

frequency string

Time between background checks to create a batch of continuous checks. It can be daily, weekly, monthly, yearly or have a custom frequency written as a number accompanied by a letter d: day, w: week, m: month, y: year. For instance: 3d: every three days, 2w: every two weeks

post
/v1/batches

Request Batch Report Generation

This endpoint requests the generation of a report for a specific batch. The format of the report can be specified via a query param.
Request
Request Body *application/x-www-form-urlencoded
format string
[Required]

Batch report file format

post
/v1/batches/{batch_id}/report
Path Parameters
batch_id string
[Required]
Unique identifier of the batch.

Start Batch

This endpoint starts the execution of a specific batch. The batch needs to have an uploaded file for this to succeed.
post
/v1/batches/{batch_id}/start
Path Parameters
batch_id string
[Required]
Unique identifier of the batch.

Stop Batch

This endpoint is used to stop a specific batch (updating its status to “stopped”) only if it’s currently in progress or not started yet.
put
/v1/batches/{batch_id}
Path Parameters
batch_id string
[Required]
Unique identifier of the batch.

Get Batch

This endpoint returns a specific batch’s information, including its creation date, size, status and failure reason.
get
/v1/batches/{batch_id}
Path Parameters
batch_id string
[Required]
Unique identifier of the batch.

Get Batch Report

This endpoint obtains a previously requested batch report. If no report exists yet for the batch it returns a 404 response.
get
/v1/batches/{batch_id}/report
Path Parameters
batch_id string
[Required]
Unique identifier of the batch.

Shared Accounts

Truora Shared accounts API allows accessing services that are transversal to all other services like Background checks or Validators

Authentication

To access Truora’s services and perform API calls securely, you need to authenticate your requests. This is done by including a specific authentication token, known as the ”Truora-API-Key” in the header of your requests.

By providing this key in your API requests, you establish a secure and authorized connection, enabling seamless interaction with Truora’s services.

  • If you haven’t already, sign up for a free account here before generating your Truora-API-Key.
  • Learn how to generate your Truora-API-Key here.
Base URL

https://api.account.truora.com

Digital Identity

NOTE: Truora provides a Postman collection online that includes the necessary tools to simplify the testing process.

Truora Digital Identity (Truora DI) is a versatile platform that allows you to create a personalized process for authenticating your users. It enables you to utilize a range of Validators in a single process to simplify user identity verification. The Validators enable diverse actions, ranging from verifying that a phone or email belongs to the user, to matching users´ biometrics against government sources. The platform offers the flexibility to create the processes securely and without introducing complexity to the user experience, ensuring your new users can promptly access and enjoy your services.

Authentication

To access Truora’s services and perform API calls securely, you need to authenticate your requests. This is done by including a specific authentication token, known as the ”Truora-API-Key” in the header of your requests.

By providing this key in your API requests, you establish a secure and authorized connection, enabling seamless interaction with Truora’s services.

  • If you haven’t already, sign up for a free account here before generating your Truora-API-Key.
  • Learn how to generate your Truora-API-Key here.
Base URL

https://api.connect.truora.com

Web

Digital Identity Web is a versatile platform that allows you to create a customized process to authenticate your users. It allows you to use a number of validators in a unique process to simplify user identity verification.

Here you will find the endpoints you need to create process links and get results. If you need to create process flows please see the Documentation.

Generate Token

Once the flow has been created and published, a POST request must be made to generate a temporary API Key. This should be generated every time a user validation is performed.
Request
Request Body *application/x-www-form-urlencoded
key_type string
[Required]
Allowed: backend | web

API key type

country string
Allowed: ALL | BR | CL | CO | CR | EC | MX | PE | AR

Country for the identity verification process. Required only if grant is set to digital-identity

key_name string

API key name. Required only if key_type was set to backend

phones array

List of phone numbers to be validated during the identity verification process

account_id string

User identifier for the person who will perform digital-identity validation. Only used if grant is set to digital-identity. If not sent it is generated automatically. Note that only Account IDs following the regex pattern [a-zA-Z0-9_.-]+ are supported. Please go to Create an Account ID to learn more about it.

api_key_version string

API key version. Version 0 is used by default

billing_hub string

Billing hubs allow for separated counters and billing. Required if the customer uses billing hubs

document_type string
Allowed: passport | driver-license | foreign-id | national-id | pep

Document type for the identity verification process. Only used if grant is set to digital-identity

emails array

List of emails to be validated during the identity verification process

flow_id string

Validation flow to be performed for the identity verification process. Required only if grant is set to digital-identity

grant string
Allowed: digital-identity | signals

Indicates which service this API key grants access to. Required if key_type is set to web or sdk

redirect_url string

URL where the user is to be redirected once the verification process has ended. Required if grant is set to digital-identity

post
/v1/api-keys

Get Result

This API endpoint allows you to retrieve the current state and information of a process. The status starts in pending. When the process finishes, it can either be success or failure.

  • Pending means the process is still ongoing

  • Success occurs when all the steps in the process are successful, and if the flow has validators, all validation_status are successful.

  • Failure can occur due to an internal error, a timeout, or if the process is declined or expired.

  • Here’s a complete reference of the reasons why a process can expire. These reasons are set in the declined_reason field.

Reason Explanation
not_used When the user leaves at the beginning of the process without activating any validation
no_document_media_uploaded When a process expires because the user did not upload the document files for the document validation step.
no_face_media_uploaded When a process expires because the user did not upload the the selfie or video for the face validation step.
no_media_uploaded When a process expires because the user did not upload the required file for the step.
process_started_late When the process was started 3 minutes before expiring. Most likely the client did not had enough time to finish the flow.
not_answered_question When a process expires because the user did not answer a question in the WhatsApp conversation.
manual_review_not_performed When the process expires and the manual review is not completed.
abandoned_without_using_retries When the user abandons the process after making one or more validation attempts, but does not use all retries.
validation_not_finished When the process expires with some validation pending.
validation_expired When we have a validation within the flow that has expired and the process also expires.
user_process_postponed Indicates when the process finished because user chooses to postpone a process.
geolocation_denied Indicates when the process finished because user declines permission for geolocation services.
vpn_detected Indicates when the process finished because the system detects the use of a Virtual Private Network (VPN) by the user.
no_face_detected When a face can’t be detected in a document.

If a process has any validators and the identity process times out due to some validation not finishing, but all inputs have been uploaded, the process will have an additional 5 minutes to receive the validation response with the final status. This behavior will occur up to 3 times.

In the final attempt to get the last validation response with the final status, if the validation remains with a pending status, he identity process status will be failure and failure_status will be expired.

If a process has the attributes override_status and override_status_history, it means that the final status of the process was modified by an authorized user.

Therefore, the new attribute to know the final status of a process should be override_status instead of status and, the override_status_history attribute will contain the history of changes made to the status.

get
/v1/processes/{process_id}/result

WhatsApp

WhatsApp can be used as a channel to reach users through flows. Using WhatsApp Business Account (WABA), you would be able to send and receive messages through the WhatsApp Business API for your business processes, interactions with your users or create validation processes, accounts as a document, document + face, email, phone number, electronic signature, and background. There are two different types of messages that can be used through WhatsApp Business, incoming messages (inbound) and outgoing messages (outbound).

Update Inbound Flow

Allows updating an inbound flow.

Note: Do not forget that if you already have a whatsapp link created and you update it, you must generate a new link.

Request
Request Body *application/x-www-form-urlencoded
flow_id string

Identifier of the Flow previously created.

inbound_message string

Unique message the users will be sending to the business WhatsApp (WABA) in order to begin the Flow.

waba_phone_number string

Phone number of the WABA that interacts with the users. Must include the country code. Example 14080001111.

post
/v1/whatsapp/inbounds/{inbound_flow_id}

Create WABA subscription

This endpoint allows users to create a WhatsApp Business Account (WABA) subscription. Users can initiate and configure the subscription process by providing the necessary information to establish a connection or subscription with a WABA, facilitating communication and interaction with WhatsApp users.
post
/v1/whatsapp/waba-subscription

Send Outbound Message

Sends an Outbound Message as a first interaction to an user. The Outbound Message status needs to be APPROVED before it can be sent.
Request
Request Body *application/x-www-form-urlencoded
user_authorized boolean

[Required] Must be true for starting the conversation.

User has authorized to be contacted through WhatsApp.

var.<variable_name> string

[Required] If the outbound message has variables like hello {{.name}} {{.lastname}}. The value must be the desired value of the variable.

It is important to send as many key-value pairs as variables present in the message.

Example: for the first variable var.name: Roger and for the second variable var.lastname: Federer.

account_id string

This field is used as a unique identifier for your user in the Truora’ system. If you send it, outbound messages sent to each user will be linked through this. Note that only Account IDs following the regex pattern [a-zA-Z0-9_.-]+ are supported. Please go to Create an Account ID to learn more about it.

country_code string

[Required] Country code for the user phone number. Example: +57

flow_id string

[Required] If the Outbound Message is_notification field is false. Contains the FlowID of the flow that will start when the Outbound message is accepted by the user.

Example: IPF123

outbound_id string

[Required] ID of an approved Outbound Message. Example: OTB123

phone_number string

[Required] Phone number without the country code of the user that will receive the message. Example: 0001234567

post
/v1/whatsapp/outbounds/send

Provider Statuses

This endpoint receives and processes the status of a WhatsApp message from a WhatsApp provider. It enables system to handle and manage the status information associated with WhatsApp messages, facilitating effective monitoring and processing of message delivery and engagement.
post
/v1/whatsapp/{provider}/statuses

Create Outbound Messages

Creates an Outbound Message that allows to send messages to users as a first interaction. Outbound messages need to be approved before they can be used.
Request
Request Body *application/x-www-form-urlencoded
continue_process_message string

Required If is_notification is set to False, it will be the content for the continue option in the outbound message.

language_code string
Allowed: es | en

[Required] Code of the language the message is in.

media_url string

Required if the outbound type is not text.

template_type string
Allowed: TEXT | VIDEO | IMAGE | DOCUMENT

[Required] Type of the outbound message.

supported content Image: image/jpeg, image/png maximum size 5mb. Video: video/mp4, video/3gpp maximum size 16mb. Document: any valid MIME type maximum size 100mb.

var.<variable_name> string

Required if the outbound message has variables like hello {{.name}} {{.lastname}}. The value must be an example of the variable.

It is important to send as many key-value pairs as variables present in the message.

Example: for the first variable var.name: Jhon and for the second variable var.lastname: Doe.

cancel_process_message string

Required If is_notification is set False, it will be the content for the cancel option in the outbound message.

category string
Allowed: TRANSACTIONAL | MARKETING | OTP

[Required] Enum defined by WhatsApp of the category for the outbound. OTP is for One Time Passwords, MARKETING is for marketing campaigns and TRANSACTIONAL is for any other topic of the Outbound.

content string

[Required] The message to be sent to the user.

Example: “Hello, ¿are you ready to start the process?”

If the message will include variables, they should be specified between double brackets like {{.<variable_name>}}.

Example: “Hello {{.name}}, ¿are you ready to start the process?”

is_notification boolean

[Required] Indicates if the Outbound Message is a notification (true) or will start a flow (false).

outbound_name string

[Required] Contains a text specifying the name of the outbound.

waba_phone_number string

[Required] WABA in which this outbound template will be added.

post
/v1/whatsapp/outbounds

Cancell Campaign

This endpoint offers the capability to cancel an active campaign. Users can initiate the cancellation process for a specific campaign, preventing further message deliveries and interactions. It provides a means to swiftly and effectively halt campaign activities when necessary.
post
/v1/whatsapp/campaigns/{campaign_id}/cancel

Create Inbound Flows

Set up inbound message that triggers a specific flow. All inputs are required for inbound creation.

To finish the inbound creation process, you must access the following link, by adding the PhoneNumber and the activating message. when you need to put a space in the activation message write this code %20

https://api.whatsapp.com/send/?phone=PhoneNumber&text=activatingmessage

Example https://api.whatsapp.com/send/?phone=57317770000&text=Hola%20Truora

Request
Request Body *application/x-www-form-urlencoded
flow_id string

Identifier of the Flow previously created.

inbound_message string

Unique message the users will be sending to the business WhatsApp (WABA) in order to begin the Flow.

waba_phone_number string

Phone number of the WABA that interacts with the users. Must include the country code. Example 14080001111.

post
/v1/whatsapp/inbounds

Update Outbound Message

Updates an Outbound Message that allows to send messages to users as a first interaction. Outbound messages need to be approved before they can be used.
put
/v1/whatsapp/outbounds/{outbound_id}

Put WABA Line config

This endpoint provides the functionality to configure and customize the details of a WhatsApp Business Account (WABA) line. Users can modify various parameters and preferences to tailor the configuration of their WABA line according to their specific needs and preferences.
put
/v1/whatsapp/lines/{waba_line}/config
Path Parameters
default_flow_id string
[Optional]
The default_flow_id parameter is used to specify the ID of the default flow to be used in a WABA Line

Get Inbound Flow

This endpoint allows users to retrieve information about a previously created inbound. Users can access details and data related to a specific inbound.
get
/v1/whatsapp/inbounds/{inbound_flow_id}
Path Parameters
inbound_flow_id string
[Required]
Unique identifier of inbound flows

Get Campaign

This endpoint provides the functionality to retrieve detailed information about a specific campaign. Users can access comprehensive data related to the campaign.
get
/v1/whatsapp/campaigns/{campaign_id}
Path Parameters
campaign_id string
[Optional]
Unique identifier for the campaign

List WABAs

This endpoint retrieves a list of WhatsApp Business Accounts that have been assigned to a Truora account.
get
/v1/whatsapp/wabas

List WABA Lines

This endpoint retrieves a list of WhatsApp Business (WABA) lines that have been assigned to a Truora account. It provides essential information about each WABA line, including line details, configuration settings, and associated data, allowing account holders to manage and monitor their WhatsApp Business lines efficiently.
get
/v1/whatsapp/lines

Get WABA Line

This endpoint provides the functionality to retrieve detailed information about a WhatsApp Business Account (WABA) line. Users can access essential data related to the WABA line’s configuration, contact information, messaging capabilities, and integration options, facilitating effective management and utilization of the WABA line.
get
/v1/whatsapp/lines/{waba_line}

List Inbound Flows

This endpoint allows users to retrieve a list of created inbound flows. Users can access information about each inbound flow.
get
/v1/whatsapp/inbounds
Query Parameters
start_key string
[Optional]
[Optional] start key value for pagination, if you want to go to the previous or next page.

List Outbound Messages

This endpoint retrieves a list of outbound messages that have been created. Users can access this endpoint to view and review the outbound messages they have generated or sent, providing an overview of the created outbound messages within the system or application.
get
/v1/whatsapp/outbounds
Query Parameters
line string
[Required]
WhatsApp business account line (WABA). Do not forget that you must add the country code followed by the number. example: 1432567893

List Identity

This API endpoint allows to retrieve the current state and information of all identity processes.

If a process has the attributes override_status and override_status_history, it means that the final status of the process was modified by an authorized user.

Therefore, the new attribute to know the final status of a process should be override_status instead of status and, the override_status_history attribute will contain the history of changes made to the status.

get
/v1/processes

Read Identity

This API endpoint allows to retrieve the current state and information of an identity process.
get
/v1/processes/{process_id}

Get Outbound Message

This endpoint retrieves an outbound message. Users can use this endpoint to obtain details or content related to a specific outbound message.
get
/v1/whatsapp/outbounds/{outbound_id}
Path Parameters
outbound_id string
[Required]
outbound ID

Get Process Validations

This API endpoint allows you to retrieve the current state and information of the process validations.
get
/v1/processes/{process_id}/validations

Get Result

This API endpoint allows you to retrieve the current state and information of a process. The status starts in pending. When the process finishes, it can either be success or failure.

  • Pending means the process is still ongoing

  • Success occurs when all the steps in the process are successful, and if the flow has validators, all validation_status are successful.

  • Failure can occur due to an internal error, a timeout, or if the process is declined or expired.

  • Here’s a complete reference of the reasons why a process can expire. These reasons are set in the declined_reason field.

Reason Explanation
not_used When the user leaves at the beginning of the process without activating any validation
no_document_media_uploaded When a process expires because the user did not upload the document files for the document validation step.
no_face_media_uploaded When a process expires because the user did not upload the the selfie or video for the face validation step.
no_media_uploaded When a process expires because the user did not upload the required file for the step.
process_started_late When the process was started 3 minutes before expiring. Most likely the client did not had enough time to finish the flow.
not_answered_question When a process expires because the user did not answer a question in the WhatsApp conversation.
manual_review_not_performed When the process expires and the manual review is not completed.
abandoned_without_using_retries When the user abandons the process after making one or more validation attempts, but does not use all retries.
validation_not_finished When the process expires with some validation pending.
validation_expired When we have a validation within the flow that has expired and the process also expires.
user_process_postponed Indicates when the process finished because user chooses to postpone a process.
geolocation_denied Indicates when the process finished because user declines permission for geolocation services.
vpn_detected Indicates when the process finished because the system detects the use of a Virtual Private Network (VPN) by the user.
no_face_detected When a face can’t be detected in a document.

If a process has any validators and the identity process times out due to some validation not finishing, but all inputs have been uploaded, the process will have an additional 5 minutes to receive the validation response with the final status. This behavior will occur up to 3 times.

In the final attempt to get the last validation response with the final status, if the validation remains with a pending status, he identity process status will be failure and failure_status will be expired.

If a process has the attributes override_status and override_status_history, it means that the final status of the process was modified by an authorized user.

Therefore, the new attribute to know the final status of a process should be override_status instead of status and, the override_status_history attribute will contain the history of changes made to the status.

get
/v1/processes/{process_id}/result

Remove Outbound Message

This endpoint allows users to delete an outbound message. Users can initiate the removal process for a specific outbound message, effectively eliminating it from the system or application. It provides a means to manage and clean up outbound messages when they are no longer needed or relevant.
delete
/v1/whatsapp/outbounds/{outbound_id}

Remove Inbound Flow

This endpoint allows users to remove inbound flows. Users can initiate the removal process for specific inbound flows, effectively eliminating them from the system. It provides a means to manage and clean up inbound flows when they are no longer needed or relevant.
delete
/v1/whatsapp/inbounds/{inbound_flow_id}

WA Contacts

Add, search and manage your customers (end users) in a single place.

Create contact property

This endpoint is used to create a new contact property with data like its name and type. NOTE: A maximum of 25 visible (non-hidden) properties can exist simultaneously.
Request
Request Body *application/x-www-form-urlencoded
type string
[Required]
Allowed: string | int | boolean | date | email | enum

Indicates the type of the custom property.

name string
[Required]

Indicates the name of the custom property.

config_values.allowed_values string
Allowed: value1 | value2 | value3

Required only if type is enum. Add the list of personalized values separated by comma, example: value1, value2, value3.

is_hidden boolean

When set to true, this setting hides the property being created, ensuring it does not appear in a contact’s details. NOTE: A maximum of 25 visible (non-hidden) properties can exist simultaneously.

post
/v1/contact-properties

Create contact

This endpoint is used to create a new contact with data like its phone number, name, and optional email and values for custom contact properties.
Request
Request Body *application/x-www-form-urlencoded
phone_number string
[Required]

Indicates the Phone number of the contact that you want to register. Must include the country code (e.g., +570000000000).

name string
[Required]

Indicates the name of the contact that you want to register.

custom_property_values.{{property_id}} string

Indicates the custom property. You must replace the variable {{property_id}}, with the id of the property you want to set for the contact. (e.g., custom_property_values.CCP12345).

email string

Indicates the email address you want to register (e.g., email@yourdomain.com).

post
/v1/contacts

Update contact

This endpoint is used to update a specific contact with the ID provided as a path parameter. The contact’s name, email and custom property values can be changed. An optional “emit_sysevent” body parameter can be passed so that the update triggers a sysevent.
Request
Request Body *application/x-www-form-urlencoded
custom_property_values.{{property_id}} string

Indicates the custom property. You must replace the variable {{property_id}}, with the id of the property you want to update for the contact. (e.g., custom_property_values.CCP12345).

email string

Indicates the email address you want to update (e.g., email@yourdomain.com).

name string

Indicates the name of the contact that you want to update.

put
/v1/contacts/{contact_id}
Path Parameters
contact_id string
[Required]
The unique identifier of the contact to update.

Get contact properties

This endpoint is used to list pages of contact properties created in our platform. An optional “start_key” query parameter can be passed to continue pagination.
get
/v1/contact-properties

Get all contacts

This endpoint is used to list pages of contacts created in our platform. An optional “start_key” query parameter can be passed to continue pagination.
get
/v1/contacts

Get contact

This endpoint is used to get the data related to a specific contact with the ID provided as a path parameter.
get
/v1/contacts/{contact_id}
Path Parameters
contact_id string
[Required]
The unique identifier of the contact to retrieve.

Delete contact

This endpoint is used to delete a specific contact with the ID provided as a path parameter.
delete
/v1/contacts/{contact_id}
Path Parameters
contact_id string
[Required]
The unique identifier of the contact to delete.

DI Processes

Configure and order the validations you want to do in your process. Try and start validating your users by sending a link.

Create Identity

This endpoint allows you to initiate an identity validation process for a specific user. Before using this endpoint, you must create a Flow and generate a temporary api_key linked to the corresponding flow_id. Follow the Web Integration Token Guide to complete this setup. The response will include a process_id, which you’ll use in subsequent process requests.

Important Notes

Token:

You must generate a unique token (api_key) for each identity validation process, even if performed by the same user.

Header Setup:

Set the Truora-API-Key header to the value of the generated token (api_key) required before making this request.

post
/v1/processes

Identity Back

This request allows the user to navigate one step back in the identity validation process.
post
/v1/processes/{process_id}/back
Path Parameters
process_id string
[Required]
The ID of the ongoing process.

Download PDF

Allows to retrieve the pdf of a process or generates one if it doesn’t exist already
get
/v1/processes/{process_id}/pdf
Path Parameters
process_id string
[Required]
The ID of the generated and finished process that it’s required to be download as a pdf

Customers

Customers is a centralized solution that allows you to visualize and analyze the data generated by the transactions made by your users along different business funnels.

List Customers

This API endpoint allows retrieving the current status and general information of all customers associated with an account.
get
/v1/customers
Query Parameters
search string
[Optional]
Filter the list of customers by document-id, email, name and phone number
start_key string
[Optional]
Start key value for the pagination.

Get Customer

This API endpoint allows retrieving the details of the customer identified by the provided ID.
get
/v1/customers/{customer_id}
Path Parameters
customer_id string
[Required]
The customer ID is an automatically generated ID and is unique for each customer

List Customers Transactions

List customer transactions endpoint allows you to consult the detailed information of the transactions associated with a customer.
get
/v1/customers/{customer_id}/transactions
Path Parameters
customer_id string
[Required]
The customer ID is an automatically generated ID and is unique for each customer
Query Parameters
source string
[Optional]
Allowed: check | process | validation | engagement-chat

Product that originated the transaction.
start_key string
[Optional]
Start key value for the pagination.

Read Customer Transaction

Read customer transaction endpoint allows you to consult the detailed information of a transaction associated with a customer.
get
/v1/customers/{customer_id}/transactions/{transaction_id}
Path Parameters
customer_id string
[Required]
The customer ID is an automatically generated ID and is unique for each customer
transaction_id string
[Required]
The transaction ID is the unique identifier of the transaction.

Main Validator Suite API

NOTE: Truora provides a Postman collection online that includes the necessary tools to simplify the testing process.

Welcome to the Truora Validators Suite RESTful API Reference. If you haven’t already, we strongly advise you to check out our Validators API Documentation.

Here, you’ll find detailed technical information about our Validators API endpoints, including parameters, request and response formats, error codes, and supported methods for seamless integration.

The Validators Suite supports various use cases, such as document validation, phone and email verification, facial recognition, and more.

A validation process may include some or all of the following steps, depending on the validator:

  • Create Enrollment: Required to associate user data for validators requiring prior information, such as face, email, and phone.

  • Create Validation: Required for all validators; you must specify the validator type and relevant validation parameters.

  • Perform Validation: Executes asynchronous validations, such as email or phone, by verifying tokens received by the user.

  • Get Validation: Retrieves the final status, results, and details of any validation.

Please keep in mind that in our validation processes, the Account ID serves as a unique user identifier, allowing you to track the validations performed. It is important to generate a distinct identifier for each user undergoing validation to prevent data overlap between users and ensure proper monitoring for each one.

For conceptual overviews, implementation guides for each validator, and additional resources to enhance your integration experience, please visit our Validators API Documentation.

Authentication

To access Truora’s services and perform API calls securely, you need to authenticate your requests. This is done by including a specific authentication token, known as the ”Truora-API-Key” in the header of your requests.

By providing this key in your API requests, you establish a secure and authorized connection, enabling seamless interaction with Truora’s services.

  • If you haven’t already, sign up for a free account here before generating your Truora-API-Key.
  • Learn how to generate your Truora-API-Key here.
Base URL

https://api.validations.truora.com

Accounts

Validation accounts offer an easy way to identify validator users. A single validation account can be used in as many validations as you see fit. In order to streamline the process, a validation account is automatically created on enrollment unless an existing account_id is provided. Use custom-named validation accounts in order to easily trace your validation usage since validation accounts are automatically named with a random combination of numbers and letters if a custom name is not provided.

Create validation account

Creates a new validation account. This validation account is used to easily keep track of the validations made by a specific user.
Request
Request Body *application/x-www-form-urlencoded
twitter_user string

Person Twitter username

country string
Allowed: co | cl | mx | pe | do | sv | gt | br

Country where this person is located

document_type string
Allowed: national-id | foreign-id | pep | passport

Person document type

first_name string

Person first name

last_name string

Person last name

phone_number string

Person phone number

document_expedition_date string

Person document issue date. RFC3339 format

document_number string

Person document number

email string

Person e-mail address

facebook_user string

Person Facebook username

post
/v1/accounts

List validation accounts

Returns all the validation accounts that have been created for the user. A validation account is useful to be able to keep track of all validations performed by a single user.
get
/v1/accounts

Get validation account

Returns the validation account identified by the ID provided. This validation account represents a single user on the validation system
get
/v1/accounts/{account_id}
Path Parameters
validation_account_id string
[Required]
Validation account ID

Get Enrollments by Account

Retrieve all enrollments associated with a specific account_id. These enrollment objects include their status, and other information
get
/v1/accounts/{account_id}/enrollments

Enrollments

The enrollment step is crucial in our system, as it connects an account with a specific validation type. This process allows you to register a user once and perform multiple validations seamlessly. The required fields for an enrollment vary depending on the validation type. Note that enrollment is mandatory for all validators except document validation.

Create Enrollment

This is the first step in validation processes like Face Search, Face, Phone, and Email validation. It requires the submission of necessary images or base information. During enrollment, essential materials, such as photographs or other relevant data, are collected to serve as the basis for user verification. It is important to emphasize that the actual validation will take place in later steps, using the information gathered during this stage. This step is crucial to ensure the system has all the necessary elements to perform an accurate and effective evaluation in subsequent stages.
Request
Request Body *application/x-www-form-urlencoded
user_authorized boolean
[Required]

This indicates that you have the authorization of the person to be enrolled. This is mandatory in order to comply with data protection laws. Value must be set to true in order to perform the enrollment.

type string
[Required]
Allowed: face-recognition | email-verification | phone-verification | face-search

Indicates the type of validation to be performed along with this enrollment.

account_id string

Account ID linked to the enrollment.
An account ID is automatically created if omitted; otherwise, the custom account ID provided is used.
The account ID helps trace enrollments/validations linked to the account. Only account IDs matching the pattern [a-zA-Z0-9_.-]+ are supported. Learn more at Create an Account ID.

country string

[Optional* for phone-verification] Origin country of the person to be validated. *Required if it was not provided during account creation.

  • Allowed: CO | CL | MX | BR | VE | PE | EC | AR | US

[Required for face-search] Country of the reported face. Use ALL when using TruFace (face-search) as a Face Validation compliment.

  • Allowed: ALL | BR | CL | CO | CR | EC | MX | PE

email string

[Required for email-verification] Email to be associated with the user account.

fraud_reason string
Allowed: manipulated_document | manipulated_photo | non_payment | criminal_records_in_company | fraudster

[Required for face-search] Indicates the reason to block a face. Set one of the following:

  • manipulated_document: Indicates that this person is known to use manipulated documents to pass identity validations.

  • manipulated_photo: Indicates that this person is known to manipulate photos to pass identity validations.

  • non_payment: Indicates that this person has incomplete payments and refuses to pay.

  • criminal_records_in_company: Indicates that this person has some sort of criminal history with your company, or an ally.

  • fraudster: Indicates you know this person to be a fraudster for reasons different from the above.

phone_number string

[Required for phone-verification] Phone number to be associated with the validation account on successful validation. Must include the country code (e.g., +57300XXXXXXX).

confirmation string
Allowed: none

Only available for face-recognition validations. Used to specify the creation of enrollment that does not require an identity validation to complete. Set as none to skip the required validation. If omitted, the enrollment will require the normal validation process, and the enrollment status will remain pending until successfully validated.

Note: To use the confirmation parameter your company’s account must be authorized. To request authorization, please contact our Support Team. This authorization will affect only your Truora-API-Keys created after the approval.

phone_type string
Allowed: home | office | recover

[Required for phone-verification] Specifies the label of the phone number to be associated with the validation account upon successful validation. You can associate up to three phone numbers with a user account. To do this, you must create a new enrollment by choosing a different phone_type each time.

post
/v1/enrollments
Query Parameters
account_id string
[Optional]
Validation account ID. If left empty, a new validation account will be created

Get Enrollments by Account

Retrieve all enrollments associated with a specific account_id. These enrollment objects include their status, and other information
get
/v1/accounts/{account_id}/enrollments

Get Enrollment

Allows searching for an enrollment in order to verify its progress, this step is optional. The enrollment status begins as pending and can ultimately result in either success or failure.

To learn more about the reasons for failure, please refer to the following guides:

get
/v1/enrollments/{enrollment_id}
Path Parameters
enrollment_id string
[Required]
Enrollment ID to search.

Delete enrollment

Deletes an enrollment. If this endpoint is executed on an enrollment ID, the enrollment will be removed from the client’s account.
delete
/v1/enrollments/{enrollment_id}
Path Parameters
enrollment_id string
[Required]
Enrollment ID to be removed from the client’s account.

Validations

Validations is your tool for managing various validators such as document validation, face recognition, face search (TruFace), email verification, and phone verification. This API handles all the necessary logic for these validators, offering a unified service to manage multiple validators efficiently.

Create new validation with account

Creates a new validation for the validation account. Check out our Guide on Liveness test to learn more about this feature.

Note: You need the account_id from the first step and If you had already created an enrollment, it is not necessary to create one again for each validation.

Request
Request Body *application/x-www-form-urlencoded
account_id string
[Required]

Account ID linked to the validation.
For document-validation, an account ID is automatically created if omitted; otherwise, the custom account ID provided is used.
For other validations, use the same account ID from the enrollment process.
The account ID helps trace validations linked to the account. Only account IDs matching the pattern [a-zA-Z0-9_.-]+ are supported. Learn more at Create an Account ID.

user_authorized boolean
[Required]

This indicates that you have the authorization of the person to be verified. This is mandatory in order to comply with data protection laws. Value must be set to true in order to perform the validation.

type string
[Required]
Allowed: document-validation | face-recognition | email-verification | phone-verification | face-search

Indicates the type of validation to be performed.

verify_channel string
Allowed: sms | call | whatsapp

[Required for phone-verification] Indicates the channel used to perform the verification. Some problems may occur when receiving the SMS due to external protocols of the mobile service providers, so we recommend giving an additional option to the users.

If you set whatsapp as the verify_channel value, you must have your own WABA line and Activate it. Then, create your Outbound message of type OTP and Contact Support to provide your Outbound ID for inclusion in your process.

phone_type string
Allowed: home | office | recover

[Required for phone-verification] Specifies the label of the phone number to be associated with the validation account upon successful validation. The phone type must have already been enrolled.

custom_type string

For document-validation, when specified, indicates the name of the Custom Type check to be used when a background check linked to this validation is desired. Keep in mind that the Custom Type check must already exist.

check_manual_review_availability boolean

Evaluates the availability for manual review according to the review schedule. If unavailable, the manual review will be skipped without affecting the validation status, and the manual review status will be marked as unavailable.

country string

[Required for document-validation] Set the country of the document being validated. Use ALL when document_type is set to passport.
For BR,CR, please ask sales team.

  • Allowed: CO | CL | MX | PE | BR | CR | ALL

[Required for face-search] Country of the face to be searched in reported lists (TruFace).
Use ALL when using TruFace (face-search) as a Face Validation compliment.

  • Allowed: ALL | BR | CL | CO | CR | EC | MX | PE

phone_locale string
Allowed: en | es | pt-BR

[Required for phone-verification] Language used to perform the validation via the selected verification channel.

retry_of_id string

[Required if you have active retries] Refers to the validation_id of the failed validation. Remember that it is also necessary to send the same account ID (even if it is the automatically generated one) of the failed validation.
Note: When type is face-recognition, only available if passive liveness is enabled.

subvalidations array
Allowed: passive_liveness | similarity | speech_match

Indicates which subvalidations you want to perform during the face-recognition validation execution. If omitted, only similarity will be used. You can select more than one.

timeout integer

The time, in seconds, users will have to complete the validation. If omitted, the timeout from the client’s config will be used.

  • Default: 300 (5 minutes) for all validators.
  • Max: 600 (10 minutes) for phone-verification and email-verification;
    21600 (6 hours) for document-validation, face-recognition and face-search.

document_type string
Allowed: national-id | foreign-id | driver-license | passport | identity-card | rut | ppt | invoice | picture-id | record | cnh

[Required for document-validation] Set this value to the type of document been validated. For ppt please ask sales team.

Refer to Supported Document Types for a complete reference of supported document types, applicable countries and document front/reverse picture requirements.

language string
Allowed: es | en

For email-verification, specifies the language of the email that the final user receives.

threshold number

Determines the required similarity between the provided picture and video or selfie to pass the face-recognition validation, ranging from 0 to 1. By default, the threshold is set to 0.65.

minimum_precision string
Allowed: very_high | high | medium | low

[Required for speech_match subvalidation] Minimum precision that the audio transcription obtained from the video selfie should have with the speech_token.

post
/v1/accounts/{account_id}/validations

Perform sync validation

Performs a sync validation for the specified validation_id within the specified account_id. Examples of these validators include phone and email. Not applicable to async validators such as document or face.

If a previous validation attempt was unsuccessful, this will count as a retry, which could occur due to errors such as a typo in the token or other mistakes.
Request
Request Body *application/x-www-form-urlencoded
type string
[Required]
Allowed: email-verification | phone-verification

Indicates the type of validation to be performed.

token string
[Required]

The validation code sent to the user’s email or phone (via SMS, call, or WhatsApp) for verification.

post
/v1/accounts/{account_id}/validations/{validation_id}
Path Parameters
account_id string
[Required]
The account ID associated with the validation.
validation_id string
[Required]
ID of the validation to be performed.

Create Validation

Creates a new validation for the specified validation type. This process allows your company to confirm that the user’s identity matches the provided information (such as documents, images, videos, or codes like OTP), ensuring accuracy and security in the verification process, which is crucial for legal responsibilities.
Request
Request Body *application/x-www-form-urlencoded
type string
[Required]
Allowed: document-validation | face-recognition | email-verification | phone-verification | face-search

Indicates the type of validation to be performed.

account_id string
[Required]

Account ID linked to the validation.
For document-validation, an account ID is automatically created if omitted; otherwise, the custom account ID provided is used.
For other validations, use the same account ID from the enrollment process.
The account ID helps trace validations linked to the account. Only account IDs matching the pattern [a-zA-Z0-9_.-]+ are supported. Learn more at Create an Account ID.

user_authorized boolean
[Required]

This indicates that you have the authorization of the person to be verified. This is mandatory in order to comply with data protection laws. Value must be set to true in order to perform the validation.

custom_type string

For document-validation, when specified, indicates the name of the Custom Type check to be used when a background check linked to this validation is desired. Keep in mind that the Custom Type check must already exist.

verify_channel string
Allowed: sms | call | whatsapp

[Required for phone-verification] Indicates the channel used to perform the verification. Some problems may occur when receiving the SMS due to external protocols of the mobile service providers, so we recommend giving an additional option to the users.

If you set whatsapp as the verify_channel value, you must have your own WABA line and Activate it. Then, create your Outbound message of type OTP and Contact Support to provide your Outbound ID for inclusion in your process.

document_type string
Allowed: national-id | foreign-id | driver-license | passport | identity-card | rut | ppt | invoice | picture-id | record | cnh

[Required for document-validation] Set this value to the type of document been validated. For ppt please ask sales team.

Refer to Supported Document Types for a complete reference of supported document types, applicable countries and document front/reverse picture requirements.

country string

[Required for document-validation] Set the country of the document being validated. Use ALL when document_type is set to passport.
For BR,CR, please ask sales team.

  • Allowed: CO | CL | MX | PE | BR | CR | ALL

[Required for face-search] Country of the face to be searched in reported lists (TruFace).
Use ALL when using TruFace (face-search) as a Face Validation compliment.

  • Allowed: ALL | BR | CL | CO | CR | EC | MX | PE

phone_locale string
Allowed: en | es | pt-BR

[Required for phone-verification] Language used to perform the validation via the selected verification channel.

retry_of_id string

[Required if you have active retries] Refers to the validation_id of the failed validation. Remember that it is also necessary to send the same account ID (even if it is the automatically generated one) of the failed validation.
Note: When type is face-recognition, only available if passive liveness is enabled.

subvalidations array
Allowed: passive_liveness | similarity | speech_match

Indicates which subvalidations you want to perform during the face-recognition validation execution. If omitted, only similarity will be used. You can select more than one.

timeout integer

The time, in seconds, users will have to complete the validation. If omitted, the timeout from the client’s config will be used.

  • Default: 300 (5 minutes) for all validators.
  • Max: 600 (10 minutes) for phone-verification and email-verification;
    21600 (6 hours) for document-validation, face-recognition and face-search.

phone_type string
Allowed: home | office | recover

[Required for phone-verification] Specifies the label of the phone number to be associated with the validation account upon successful validation. The phone type must have already been enrolled.

language string
Allowed: es | en

For email-verification, specifies the language of the email that the final user receives.

check_manual_review_availability boolean

Evaluates the availability for manual review according to the review schedule. If unavailable, the manual review will be skipped without affecting the validation status, and the manual review status will be marked as unavailable.

minimum_precision string
Allowed: very_high | high | medium | low

[Required for speech_match subvalidation] Minimum precision that the audio transcription obtained from the video selfie should have with the speech_token.

threshold number

Determines the required similarity between the provided picture and video or selfie to pass the face-recognition validation, ranging from 0 to 1. By default, the threshold is set to 0.65.

post
/v1/validations

Perform validation

Perform validation for the specified validation_id. If a previous validation attempt was unsuccessful, this will count as a retry, which could occur due to errors such as a typo in the token or other mistakes.
Request
Request Body *application/x-www-form-urlencoded
type string
[Required]
Allowed: email-verification | phone-verification

Indicates the type of validation to be performed.

token string
[Required]

The validation code sent to the user’s email or phone (via SMS, call, or WhatsApp) for verification.

post
/v1/validations/{validation_id}
Path Parameters
validation_id string
[Required]
ID of the validation to be performed.

File Upload

Allows the upload of binary files, such as images or videos, needed for document validation or person verification. To upload a file, make a PUT request to the URL provided during the validation or enrollment process.
Request
Request Body *
file binary
[Required]

Accepts binary files such as images, videos, or other types of files, encoded in Base64 format. This input is used for uploading media or documents required in identity verification processes.

put
{file_upload_url}

Get account validations

Retrieve all validations associated with a specific account id. This is useful to easily have all validations of a user in one place.
get
/v1/accounts/{account_id}/validations
Path Parameters
account_id string
[Required]
The account ID linked with the validations.

Get Validation from Account

Retrieves the detailed information of a specific validation using an account_id and validation_id. This object is useful for understanding the exact status of the validation process. You can retrieve the current status and results of a validation, where the validation_status begins as pending and can either be success or failure upon completion.

To obtain details such as the inputs or uploaded media for the validation, you can include the query parameter show_details with the value of true.

To learn more about the reasons for failure, please refer to the following guides:

get
/v1/accounts/{account_id}/validations/{validation_id}

Get all user Validations

This endpoint allows you to list all validations associated with your users, enabling effective tracking of their current statuses. The returned object provides insights into the exact status of each validation process, where the validation_status begins as pending and can ultimately result in either success or failure.

To learn more about the reasons for failure, please refer to the following guides:

get
/v1/validations

Get Validation

Returns a validation object given a validation_id. This object is useful for understanding the exact status of the validation process. You can retrieve the current status and results of a validation, where the validation_status begins as pending and can either be success or failure upon completion.

To obtain details such as the inputs or uploaded media for the validation, you can include the query parameter show_details with the value of true.

To learn more about the reasons for failure, please refer to the following guides:

get
/v1/validations/{validation_id}
Path Parameters
validation_id string
[Required]
Unique identifier of the validation.
Query Parameters
show_details boolean
[Optional]
If set to true, allows you to visualize the file uploaded by the user.

Config

The Config Validators feature allows for customization of various parameters to improve the behavior of the validators. This is particularly valuable when you wish to set different decision parameters like thresholds, timeouts, manual review enabling, and more. Below are the parameters that are configurable across multiple validators.

  • timeout: The amount of time, in seconds, that users will have to perform the validation before it times out.

  • allowed_retries: The number of times the validation may be retried before failing.

  • retry_ttl: The time to live (TTL), in seconds, for creating a retry of any validation.

    ParametersDocument ValidatorFace ValidatorPhone ValidatorEmail Validator
    timeoutXXXX
    allowed_retriesXXXX
    retries_ttlXX--

Config by Validator Type

Each Validator has its own particularities and specific parameters (not listed in the table above) that you may modify to better suit your company’s needs. To learn about specific configurable parameters, default values, and special considerations, please visit the guide for the validator you want to configure:

NOTES:

  • The Config Validators parameters are global to your account and will affect all validations performed across it.

  • However, validations performed in a Flow will prioritize the configuration in the Validator Block of your flow. All other parameters, not configurable within the Flow Builder, will take the global configuration values. To learn about flows, please visit the Create your first flow guide from our Digital Identity documentation.

Update config

Allows updating the values of various parameters to improve the behavior of the validators, such as timeout, allowed retries, threshold, manual review, among other properties from our validators. For more datails about customizable parameters for each validator, please refer to the individual configuration guides:

Request
Request Body *application/x-www-form-urlencoded
validator string
[Required]
Allowed: face-recognition | email-verification | phone-verification | document-validation

Validator to be configured.

validation_method.data-consistency.status string
Allowed: enabled | disabled

Analyzes the extracted data from the document for consistency in document-validation, such as date of birth and document number.

validation_method.photocopy-analysis.status string
Allowed: enabled | disabled

Analyzes if the image used for document-validation is a photocopy of a document.

validation_method.photo-of-photo.status string
Allowed: enabled | disabled

Analyzes if the image used for validation is a photograph of a photograph of a document in document-validation.

email_text_1 string

Custom text appearing before the verification code in the email-verification validator email. For details, language options and default values, see the Email Validator Config guide.

custom_name string

Custom text within the OTP phone-verification messages, up to 30 characters. For details, language options and default values, see the Phone Validator Config guide.

country string
Allowed: CO | CL | MX | PE | BR | ALL

Country for which the document-validation configuration will be updated.

email_subject string

Custom subject text in the email-verification validator email. For details, language options and default values, see the Email Validator Config guide.

email_title string

Custom main title text in the email-verification validator email. For details, language options and default values, see the Email Validator Config guide.

document_version string
Allowed: mx_ine-c | mx_ine-d | mx_ine-e | mx_ife-f | mx_ife-g | mx_fm3 | co_national-id-2000 | co_national-id-2020 | co_foreign-id | co_ppt | passport

The version of the document_type for which the document-validation configuration will be updated. If omitted, all supported document versions will be affected.

Note: For a complete list of Allowed document versions available by country and document type, refer to the tables in Appendix 1: Supported Document Versions. Please contact our Support Team for further assistance.

document_type string
Allowed: national-id | foreign-id | driver-license | passport | identity-card | rut | ppt | invoice | picture-id | record | cnh

[Required if modifying a validation_method] The type of document for which the document-validation configuration will be updated. If omitted, all supported document types will be affected.

Note: Refer to Appendix 1 tables in the Document Validator Config guide for a list of supported Document Types by Country.

validation_method.government-database-validation.status string
Allowed: enabled | disabled

Validates the extracted identification number against government databases in document-validation.

retry_ttl number

Available for document-validation and face-recognition.

The time to live (TTL), in seconds, for creating a retry of any validation.

  • For document-validation: The default value is 300 seconds (5 minutes), with a maximum of 1800 seconds (30 minutes) and a minimum of 1 second.

  • For face-recognition: The default and maximum value is 300 seconds (5 minutes), with a minimum of 1 second.

    Note: For face-recognition, retry feature is only available when passive liveness is enabled in the Face Validation process. For more information visit the Facial Recognition Methods guide.

validation_method.image-analysis.status string
Allowed: enabled | disabled

Checks for any alterations or edits in the image of the validated document in document-validation.

email_text_2 string

Custom text appearing after the verification code in the email-verification validator email. For details, language options and default values, see the Email Validator Config guide.

include_face_search boolean

When set to true, adds face_search subvalidation to the face-recognition validation. This enables the system to check if the uploaded face is reported in Truface (face-search).

support_email string

Custom support email address displayed at the bottom of the email-verification validator email. For details, language options and default values, see the Email Validator Config guide.

threshold number

Determines the required similarity, ranging from 0 to 1, between the provided picture and the video or selfie used to pass the face-recognition validation. By default, the threshold is set to 0.65.

timeout number

The time, in seconds, users will have to complete the validation.

  • Default: 300 (5 minutes) for all validators.
  • Max: 600 (10 minutes) for phone-verification and email-verification;
    21600 (6 hours) for document-validation and face-recognition.

use_manual_review boolean

Determines whether manual review will be performed upon face-recognition validation failure. You must contact Truora to activate this service. For more information about manual review, please visit the Manual Review guide.

allowed_retries number

The number of times the validation may be retried before failing.

Note: For face-recognition, retry feature is only available when passive liveness is enabled in the Face Validation process. For more information visit the Facial Recognition Methods guide.

  • For document-validation: The default value is 0 retries, with a maximum of 3 retries.

  • For face-recognition: The default value is 0 retries, with a maximum of 2 retries.

  • For email-verification and phone-verification: The default value is 2 retries, with a maximum of 4 retries.

validation_method.manual-review.status string
Allowed: enabled | disabled

Determines whether manual review will be performed upon validation failure in document-validation.

For more information about manual review, please visit the Manual Review guide.

put
/v1/config

Get Config

Fetches the current configuration state for all validators associated with your account.

Note: Since the response includes configuration details for all validators linked to your account, please review the specific validator details you’re interested in carefully.

get
/v1/config

Delete Config

Allows you to delete a validator’s configuration or a specific parameter (type) within the validator’s configuration. Deleting the configuration resets its values back to their defaults.

Note: If you omit the type parameter when sending the request, all configurations associated with the validator will be deleted, reverting all values to their default settings.
delete
/v1/config
Query Parameters
type enum
[Optional]
If validator is document-validation:
Allowed: timeout | allowed_retries | use_manual_review | document_config | retry_ttl

If validator is face-recognition:
Allowed: threshold | timeout | enrollment_timeout | use_manual_review | include_face_search

If validator is email-verification:
Allowed: timeout | allowed_retries | email_subject | email_title | email_text_1 | email_text_2 | support_email

If validator is phone-verification:
Allowed: allowed_retries | timeout | custom_name

Configuration type to be reset. If provided, the validator reset will only affect the selected configuration; otherwise, all configurations will be reset.

Note : For document-validation, setting the type field to document_config will reset any Document Version Config to their default values.
validator enum
[Required]
Allowed: document-validation | face-recognition | email-verification | phone-verification

Name of the validator’s config to be deleted.

Status

Status lets you check the current state of our services in real time.

Get status

Checks the current availability of the validations API. If this endpoint fails, it means the validations api is down and should contact support.
get
/v1/status