Supergood | Trulioo API
Programmatically access Trulioo’s global identity, business verification, and AML watchlist capabilities—person KYC, KYB/UBO discovery, document checks, proof of address—via a stable REST API. Supergood builds and operates production-grade, unofficial Trulioo integrations so your team can automate onboarding and compliance without heavy custom engineering.
Trulioo is software that verifies identities and businesses worldwide. With an unofficial API, you can submit person and company details for verification, run sanctions/PEP watchlist screening, validate documents and addresses, discover beneficial owners, and retrieve machine-readable results and audit artifacts—directly inside your onboarding, GRC, and audit pipelines.
If you’re a tech company integrating Trulioo, you can push applicant or business profiles for checks, pull normalized verification outcomes and watchlist hits, enable KYB with UBO discovery, and export evidence for audit trails. You can also enrich identities with registry data, trigger document verification flows, and route outcomes to case queues—reducing manual work while maintaining strong regulatory coverage.
What is Trulioo?
Trulioo is a RegTech provider focused on global identity verification and business due diligence. Its platform powers KYC (person verification), KYB (business verification and UBO discovery), AML watchlist screening (sanctions and PEP), document verification, and proof-of-address checks across hundreds of countries and data sources.
Core product families include:
- Person Verification (identity, address, document checks)
- Business Verification (registry matching, KYB profiles, UBO discovery)
- AML Watchlist Screening (sanctions, PEP, enforcement lists)
- Compliance Evidence (reports, source metadata, audit artifacts)
Common data entities:
- Persons and businesses (applicants, organizations)
- Verification requests and results (KYC/KYB)
- Watchlist hits (sanctions, PEP)
- Registry records, directors, beneficial owners (UBOs)
- Documents and images (passports, national IDs, certificates)
- Reports and audit artifacts (machine-readable summaries, PDFs)
The Trulioo Integration Challenge
Organizations rely on Trulioo daily, but turning portal-centric workflows into automated pipelines is challenging:
- Product entitlements and geography: Access varies by country data sources and verification types (KYC, KYB, watchlists, document checks)
- Enterprise security controls: SSO, MFA, and network restrictions complicate headless automation
- Portal-first experiences: Key capabilities live in the web app; public APIs or account configurations may be limited
- Consent and evidence: Capturing consent timestamps, storing document images, and generating audit artifacts requires careful orchestration
- Data normalization: Results differ by source and country; downstream systems need consistent schemas
How Supergood Creates Trulioo APIs
Supergood reverse-engineers authenticated browser flows and network interactions to deliver a resilient API endpoint layer for your Trulioo workflows.
- Handles username/password, SSO/OAuth, and MFA (SMS, email, TOTP) securely
- Maintains session continuity with automated refresh and change detection
- Normalizes responses so you can integrate once and rely on consistent objects across capabilities
- Aligns with customer entitlements, data-source licensing, and country coverage to ensure compliant access
Use Cases
Automated Person KYC
- Trigger identity, address, and document checks during onboarding
- Retrieve match results, document validation outcomes, and watchlist hits with normalized risk summaries
- Route outcomes to approval, review, or decline queues with audit artifacts
KYB and UBO Discovery
- Verify businesses against official registries
- Discover and validate directors and beneficial owners
- Screen entities and principals against sanctions/PEP lists
AML Watchlist Screening
- Screen persons or businesses for sanctions and PEP exposure
- Configure risk thresholds and match strategies
- Centralize hits and evidence for case management
Compliance Archival and Audit Trails
- Export verification packets with source-level metadata
- Timestamp consent and results for regulatory retention
- Provide machine-readable evidence across KYC/KYB checks
Available Endpoints
Authentication
POST /auth/sessions: Establish a session using credentials. Supergood manages MFA (SMS, email, TOTP) and SSO/OAuth when enabled. Returns a short-lived auth token maintained by the platform.
curl --request POST \
--url https://api.supergood.ai/integrations/<integration_id>/auth/sessions \
--header 'Authorization: Basic <Base64 encoded token>' \
--header 'Content-Type: application/json' \
--data '{
"username": "[email protected]",
"password": "<password>",
"mfa": { "type": "totp", "code": "123456" },
"ssoProvider": null
}'
Example response
{
"authToken": "eyJhbGciOi...",
"expiresIn": 3600,
"user": {
"id": "u_8f12a1",
"name": "Analyst One",
"entitlements": ["kyc", "kyb", "watchlists", "documents"]
}
}
Person Verification (KYC)
POST /verifications/person: Run a person verification, including identity, address, document checks, and watchlist screening. Optionally attach document images.
curl --request POST \
--url https://api.supergood.ai/integrations/<integration_id>/verifications/person \
--header 'Authorization: Bearer <authToken>' \
--header 'Content-Type: application/json' \
--data '{
"countryCode": "US",
"verificationTypes": ["identity", "address", "document", "watchlist"],
"subject": {
"names": {"first": "Alex", "middle": null, "last": "Rivera"},
"birthDate": "1987-07-14",
"addresses": [{
"line1": "101 Market St",
"city": "San Francisco",
"region": "CA",
"postalCode": "94105",
"country": "US"
}],
"idNumbers": {"nationalId": null, "passport": null, "driverLicense": "D1234567"},
"contact": {"email": "[email protected]", "phone": "+14155550123"}
},
"document": {
"type": "driver_license",
"images": {
"frontBase64": "<base64>",
"backBase64": null
}
},
"watchlistScope": {"sanctions": true, "pep": true},
"consent": {"method": "checkbox", "timestamp": "2026-01-19T15:21:09Z"},
"referenceId": "onboarding-req-8821",
"riskThreshold": 70
}'
Example response
{
"verificationId": "v_kyc_45b8a2",
"status": "running",
"createdAt": "2026-01-19T15:21:09Z",
"referenceId": "onboarding-req-8821"
}
Business Verification (KYB)
POST /verifications/business: Run a business verification against registries, with optional UBO discovery and watchlist screening of principals.
curl --request POST \
--url https://api.supergood.ai/integrations/<integration_id>/verifications/business \
--header 'Authorization: Bearer <authToken>' \
--header 'Content-Type: application/json' \
--data '{
"countryCode": "GB",
"verificationTypes": ["kyb", "ubo", "watchlist"],
"business": {
"legalName": "Rivera Consulting Ltd",
"registrationNumber": "11223344",
"taxId": null,
"addresses": [{
"line1": "200 Bishopsgate",
"city": "London",
"region": "",
"postalCode": "EC2M 4NR",
"country": "GB"
}],
"website": "https://riveraconsulting.example"
},
"uboDiscovery": true,
"watchlistScope": {"sanctions": true, "pep": true},
"referenceId": "kyb-req-9931"
}'
Example response
{
"verificationId": "v_kyb_77c912",
"status": "running",
"createdAt": "2026-01-19T15:22:47Z",
"referenceId": "kyb-req-9931"
}
Results
GET /verifications/{verificationId}/results: Retrieve normalized results for a completed KYC/KYB verification, including data source matches, watchlist hits, UBOs, and evidence links.
curl --request GET \
--url https://api.supergood.ai/integrations/<integration_id>/verifications/v_kyc_45b8a2/results \
--header 'Authorization: Bearer <authToken>'
Example response
{
"verificationId": "v_kyc_45b8a2",
"status": "complete",
"type": "person",
"summary": {
"name": "Alex Rivera",
"countryCode": "US",
"referenceId": "onboarding-req-8821"
},
"riskScore": 62,
"identity": {
"match": true,
"dataSources": [
{"provider": "gov_registry", "confidence": 0.92},
{"provider": "credit_bureau", "confidence": 0.88}
]
},
"address": {"match": true, "source": "utility_data", "confidence": 0.85},
"document": {
"verified": true,
"type": "driver_license",
"expiry": "2029-07-14",
"checks": {"mrz": null, "visualMatch": 0.93, "tamper": false}
},
"watchlists": {
"hits": [
{
"hitId": "hit_san_001",
"type": "sanctions",
"list": "OFAC SDN",
"entityName": "Alex R. Rivera",
"matchScore": 86,
"country": "US",
"evidence": {"sourceUrl": "https://ofac.example/entry/1234", "snippet": "Alias similarity"}
},
{
"hitId": "hit_pep_003",
"type": "pep",
"entityName": "Alexander Rivera",
"position": "Municipal Official",
"matchScore": 72,
"evidence": {"sourceUrl": "https://pep.example/profile/8721", "snippet": "Alias and public position"}
}
]
},
"artifacts": {
"reportUrl": "https://files.supergood.ai/reports/v_kyc_45b8a2.pdf",
"sources": [
{"name": "Government Registry", "url": "https://registry.example/record/98765"}
]
}
}
Technical Specifications
- Authentication: Username/password with MFA (SMS, email, TOTP) and SSO/OAuth where enabled; supports service accounts or customer-managed credentials
- Response format: JSON with consistent resource schemas and pagination
- Rate limits: Tuned for enterprise throughput while honoring licensing, data-source quotas, and usage controls
- Session management: Automatic reauth and cookie/session rotation with health checks
- Data freshness: Near real-time retrieval of verification outcomes, watchlist hits, and generated reports
- Security: Encrypted transport, scoped tokens, and audit logging; respects Trulioo entitlements and regional restrictions
- Webhooks: Optional asynchronous delivery for long-running KYC/KYB verifications and watchlist alerts
Performance Characteristics
- Latency: Sub-second responses for list/detail queries under normal load
- Throughput: Designed for high-volume onboarding and batch verification pipelines
- Reliability: Retry logic, backoff, and idempotency keys minimize duplicate actions
- Adaptation: Continuous monitoring for UI/API changes with rapid adapter updates
Getting Started
- Schedule Integration Assessment
Book a 30-minute session to confirm your product mix, licensing, country coverage, and authentication model.
- Supergood Builds and Validates Your API
We deliver a hardened Trulioo adapter tailored to your workflows and entitlements.
- Deploy with Monitoring
Go live with continuous monitoring and automatic adjustments as Trulioo evolves.
Frequently Asked Questions
Q: Which Trulioo products can this integration cover?
Supergood supports workflows across person verification (KYC), business verification (KYB and UBO discovery), AML watchlist screening, and document verification, subject to your licensing and entitlements. We scope coverage during integration assessment.
Q: How are MFA and SSO handled for automation?
We support username/password + MFA (SMS, email, TOTP) and can operate behind SSO/OAuth when enabled. Sessions are refreshed automatically with secure challenge handling.
Q: Can I verify documents and proof of address?
Yes. You can submit document images for validation and include address checks. Results return match confidence, document type and expiry, and source metadata suitable for audit.
Q: Do you support UBO discovery and screening of principals?
Yes. KYB flows can include registry lookups, director and UBO discovery, and watchlist screening of principals. Outputs are normalized for downstream case systems.
Q: How is consent captured and preserved for audits?
Requests include consent method and timestamp. We return machine-readable artifacts and report URLs so you can maintain audit trails and meet retention requirements.
Related Integrations
Dow Jones Risk & Compliance API - Programmatically access Dow Jones Risk & Compliance with Supergood
Ready to automate your Trulioo workflows?
Supergood can have your Trulioo integration live in days with no ongoing engineering maintenance.
