How to create a Web Integration Token

After creating a Flow, You need a Web Integration Token to link the Flow with your URL and perform the validations. Follow these steps to create a Web Integration Token in Postman or another API client:

  1. Create a POST request with the next URL: https://api.account.truora.com/v1/api-keys

  2. Add the next headers

    • Truora-API-Key: <api key> Get an API key following the authentication guide
    • Content-Type: application/x-www-form-urlencoded

  3. Add the following params in the request body with their respective values

    • country: Required The country where the validation is to be performed. Allowed: ALL, BR, CL, CO, CR, EC, MX, PE or AR
    • flow_id: Required flow_id from flow creation
    • grant: Required digital-identity
    • key_type: Required web
    • redirect_url: Required URL where the user is to be redirected once the validation is completed
    • document_type: The document type with which the validation is to be performed. Allowed: passport, driver-license, foreign-id, national-id or pep
    • emails: The user email that you want validate
    • phone: The user phone number can be set if you already have it, e.g.: +573100000000

  4. Send the request and copy the api_key from the response.

Once you have the integration token you can start the process in two different ways in our application, which are mentioned below:

Web redirection by GET method

This is the easiest integration, the only thing it requires is to generate the following url https://identity.truora.com/?token=<api_key>, where <api_key> would be the one generated in the previous steps, and access this url through the browser or by performing a direct redirection.

Web redirection by POST method

This type of redirection is ideal if you do not want the user to know the temporary token, this requires an additional step in your code to redirect via the POST method.

Below is an example of javascript code to perform this type of web redirection:

// Create HTML form with the action and method
const form = document.createElement('form')
form.action = 'https://api.identity.truora.com/v1/processes/web'
form.method = 'POST'

// This is optional. Use it if you want to redirect in another tab
form.target = "_blank"

// Create HTML input
const input = document.createElement('input')
input.type = 'hidden'

// This is mandatory. The "input.name" must always be "token" 
input.name = 'token'

// This value is the api_key generated in the previous steps
input.value = '<api_key>'

form.appendChild(input)
document.body.appendChild(form)

// Performs redirection
form.submit()

Remember to always use as action https://api.identity.truora.com/v1/processes/web with the POST method, and use the temporary <api_key> generated with the previous steps.

Note: Web integration tokens have a default lifetime of 2 hours.

Browser compatibility

The table below lists the minimum versions of web browsers which are supported on:

Computers
Browser Version
Chrome 53 (Released 2016-08-31)
Edge 79 (Released 2020-01-15)
Firefox 36 (Released 2015-02-24)*
Opera 40 (Released 2016-09-20)
Safari 14 (Released 2020-09-16)
Mobile phones
Browser Version
Chrome Android 53 (Released 2016-08-31)
Firefox for Android 36 (Released 2015-02-24)*
Opera Android 41 (Released 2016-10-25)
Safari on iOS 14.3 (Released 2020-09-16)
Samsung Internet 6.0 (Released 2017-08-23)
WebView Android 53 (Released 2016-09-07)

*Some versions may have restrictions, so if you have any questions, please ask us.