API overview

The truAPI is the external REST API for TruConsent. Use it for server-side integrations, compliance reporting, asset management, consent queries, and developer setup tasks.

Base URL: https://truapi-dev.truconsent.io

All requests and responses use JSON. Dates are ISO 8601 strings in UTC.

Authentication

Every request must include your organisation identifier in the X-Org-Id header:

X-Org-Id: your-org-slug

The truAPI uses API key authentication:

X-API-Key: your-api-key

Generate API keys from Settings → API Keys in the platform dashboard. See Authentication for full details.

Request conventions

All endpoints are versioned under /api/v1/external/.
Query parameters are optional unless marked required.
POST/PUT bodies must be Content-Type: application/json.

Available endpoint groups

Group	Prefix	Description
Assets	`/api/v1/external/assets`	Create, list, and update assets (apps/websites)
Public data	`/api/v1/external/public`	Read-only: list assets, collection points, consent links
Consent queries	`/api/v1/external/consents`	Query consent records, timelines, withdrawal events
Reports	`/api/v1/external/reports`	Compliance and consent summary reports
Audit	`/api/v1/external/audit`	Immutable audit trail
Identity	`/api/v1/external/identity`	User identity management
Security	`/api/v1/external/security`	API key management
Events	`/api/v1/external/events`	Webhook event logs
Versions	`/api/v1/external/versions`	Collection point version history

Next: Data retrieval →