Account Management
Set up your account and obtain or update keys
Welcome to Truepic! Currently, the Truepic team manages account configurations and API keys. You'll be able to manage these yourself in the near future. Lens SDKs, libraries, and APIs require keys in order to work
The first step in the integration process is providing us with the information required to issue you keys across platforms. Our SDKs, libraries, and APIs require valid keys used only in allowed origins and applications. The exception is the display library, which is currently available for free and without registration.
Registration Information Requirements
Account creation
Accounts at Truepic start with organizations. Your company is welcome to have multiple if it makes sense for your use case, though we recommend one organization and as many org units as needed instead. Org units contain apps, and each org unit has either a test or production environment designation. We do this so you can keep your keys separate by environment. There is no additional charge for multiple items of any type.
| Item | Description | Example |
|---|---|---|
| Org | What organization name would you like to be associated with your overall Truepic account? This will be included in the metadata of every photo and video captured via the Lens SDK. | Truepic |
| Org Unit | The department, product, or division name that will integrate the SDK into one of your many mobile applications. If you have one application, the Org Unit may be identical to the Org Name. | Vision |
| Org Unit Country | The country in which the Org Unit or division is based. Default value is US. | US |
| Org Unit Environment | Whether this org unit's environment is test or production. | test |
Once you have an org and one or more org units set up, we can register apps and generate keys within them. Here's the information we need for each platform.
iOS SDK keys
| Item | Description | Example |
|---|---|---|
| App Name | The name of the application as listed in the Apple App Store. | My App |
| App ID | The unique app reference ID as it will be submitted to the Apple App Store. The App ID is a combination of the App ID Prefix (or Team ID) and Bundle ID, joined by a period. | XZBPL6P2LU.com.epic.analysis |
Obtain your iOS App ID
- Log in to developer.apple.com
- Click on Certificates, IDs & Profiles
- Click on Identifiers
- Find the Bundle ID for your app, e.g. com.mycompany.myapp. Click on that row.
- This opens the Certificates, Identifiers & Profiles page. Look for App ID Prefix.
- The App ID is a combination of the App ID Prefix (or Team ID) and Bundle ID, joined by a period.
Android SDK keys
| Item | Description | Example |
|---|---|---|
| App Name | The name of the application as listed in the Play Store. | My App |
| Package Name | The name of the package as it will be submitted to the Google Play Store. | com.epic.analysis |
| SHA-256 Certificate Fingerprint | A short and unique representation of a certificate used to digitally sign your APK before it is installed on a device or updated. You can have multiple certificate digests defined for the same app and key. Please convert convert the hexadecimal fingerprint to base64 before sharing with us. | aAxXZqd4VXr6vLLQcnpbDC Z/zxS1/QBVR3dwp4k6rFP= |
Obtain your Android app’s certificate fingerprint
There are two ways to get your app's certificate fingerprint.
Locally
Run the following command:
keytool -list -v -keystore path-to-your-keystore-file -alias your-alias-name -storepass your-keystore-password
Replace the following placeholders:
path-to-your-keystore-file: Replace this with the path to your keystore file (e.g., `/path/to/your/keystore.jks).your-alias-name: Replace this with the alias name you used when generating the key pair for your app.your-keystore-password: Replace this with the password for your keystore.
Running this command will output various information about the certificate, including its SHA-256 fingerprint. Look for the "SHA256" value under the "Certificate fingerprint" section.
Keep in mind that this command is specific to Java-based Android projects. If you're using a different development environment, the process might differ slightly.
Google Admin
Log into your Google Play Admin panel for your distributed app and navigate to “App Integrity.”
Before sending us your fingerprint, convert the SHA-256 value to base64 with this command:
echo "SHA256_TEXT_REPRESENTATION" | xxd -r -p | openssl base64
Certificate hashes may change during development and pre- and post-app distribution. We are able to accept multiple certificate digests per app, if that is needed. If you'd to prevent this value from changing during development among multiple developers, follow our guide here.
Web SDK keys
Capture Library
| Item | Description | Example |
|---|---|---|
| App Name | The name of the web app or website. | MyInsurance |
| Origin(s) | The origin(s) (scheme, hostname, and port) that will be making the request to Truepic from your app's environment (test/development or production). Only allowed origins will be able to load the Javascript library. Wildcards are allowed for subdomains. You may provide as many urls as needed. | https://my-staging.app.com |
Display Library
For the web SDK's display library, registration is not currently required. You are welcome to use the script without setting up Truepic account.
API keys
Once you have an org and an org unit, there are no required fields to be issued API keys, but be sure to send us webhook details in order to be issued a secret.
Optional API information
| Item | Description |
|---|---|
| Default Capture Options | This field is set at the org unit level and applies to all API keys for that org unit. Please take a moment to review the Captures Model in the API reference for a full list of fields we return in the JSON response. All options are enabled by default unless configured otherwise. Are there any fields you do not want returned in your response, ever? |
| Capture Retention Period | This field is set at the org unit level and applies to all API keys for that org unit. We will automatically delete any images uploaded to our API for post-capture processing, as well as the extracted details after a predetermined period of time. This value can have a minimum of 1 hour, and a maximum of 30 days. Default value is 30 days. |
| Manual Image Deletion Permission | All processed images will be automatically deleted based on the Capture Auto Delete Interval you defined above. Let us know if you also need to manually delete captures (via captures.delete). |
Webhook configuration
Webhooks are not associated with specific API keys, but rather with your org unit as a whole. Multiple webhooks associated with your org unit means that all of those webhooks will receive the same events.
| Item | Description | Example |
|---|---|---|
| Webhook URL | The location (staging or production, depending on the org unit) where we will send the webhook. This URL must be secure and over HTTPS. | https://api.true-epic-co.com/webhooks/lens |
| API Events to Send | You may choose to receive all or some of the five webhook events, depending on if they are pertinent or useful to your development needs. The URL will receive a webhook for all actions performed for every photo or video. All events are returned by default. | all (default) |
Account Management Reference
Here is a helpful reference of how Lens accounts are structured. You can use this to understand what can be configured and how each object relates to each other.
Account structure
Each object can contain multiple child objects, even keys.
Org
↳ Org Unit
↳ App
↳ Key
Configuration options
| Org | Org Unit | App |
|---|---|---|
Namestring | Namestring | Namestring |
CountryTwo-letter ISO-3166 country code | PlatformOne of: ios, android, web, server, other | |
EnvironmentOne of: test,production | iOS:iOS App IDstring | |
API: API Capture Retention Periodnumber | Android: Android Packagestring | |
API: Webhook URLstring | Android: Android Certificate Digestsarray (string), can contain multiple | |
web: Originarray (string), can contain multiple |
Key Scopes
Here are the key scopes for each platform. We can change your key scopes at any point, just let us know.
| Scope | Permission description | iOS/Android | API |
|---|---|---|---|
enrollments.create | Enroll that SDK instance on that device | ✔️ | |
captures.create | Upload photos and videos to the API to be processed | ✔️ | |
captures.read | Request details on photos and videos in process or that have not yet been deleted | ✔️ | |
captures.update | Update custom data on photos and videos in process or that have not yet been deleted | ✔️ | |
captures.delete | Manually delete processed photos and videos, prior to auto-deletion once the Caption Retention Period passes | not default |
Get keys or make changes
Connect with your Truepic representative over email or Slack. We can accommodate all of your requests such as processing accounts, updating information, generating keys, and more. You will receive your keys through secure transfer.
All account details can be updated without invalidating existing keys or issuing new ones. However, we may not be able to re-send you your existing key once we have issued it to you, so please be sure to keep track of them. If you lost it, we can issue you new ones, with or without invalidating the existing ones.
Updated about 1 month ago