Truuth APIs provides a simple, but secure mechanism for authentication.

A client that is using the V1 version of the KYC application will need to request a new API key and secret from the truuth support team.

A client on the V2 version of the KYC application can generate their own API keys and secret via the Client Admin Portal. Refer to this link how to obtain your API keys.

To send an authenticated request to the truuth API you must provide your API key and secret in the Authorization header as Basic Authentication within each request.

Please note that the API key and secret must be combined with a colon ":" and must be formatted to form a base64-encoded string.

Example:

API key: doNotShare

Secret: withAnyone

Combined string before base64-encoding: doNotShare:withAnyone

Combined string after base64-encoding: ZG9Ob3RTaGFyZTp3aXRoQW55b25l

curl --location 'https://api.au.truuth.id/some-endpoint' \
--header 'Authorization: Basic ZG9Ob3RTaGFyZTp3aXRoQW55b25l' \
--header 'Content-Type: application/json'

const options = {
  method: 'GET',
  headers: {
    accept: 'application/json',
    'content-type': 'application/json',
    authorization: 'Basic ZG9Ob3RTaGFyZTp3aXRoQW55b25l'
  }
};

fetch('https://api.au.truuth.id/some-endpoint', options)
  .then(response => response.json())
  .then(response => console.log(response))
  .catch(err => console.error(err));