Skip to content
truConsent truConsent

Generate API key and allowed domains

You need an API key and your organization ID before making any API calls or integrating an SDK. Both are available in the platform dashboard — no code required.

Step 1 — Open API Settings

Section titled “Step 1 — Open API Settings”
  1. Sign in to https://platform-dev.truconsent.io.
  2. Go to Settings → API Settings.

Step 2 — Generate an API key

Section titled “Step 2 — Generate an API key”

truConsent API keys have two scopes:

ScopeUsed for
AdminManagement API calls — fetching assets, collection points, and other configuration data during setup
ConsentRuntime consent operations — recording and reading consent from your app or SDK
  1. Click Generate API Key.
  2. Select Admin scope — copy the key immediately. You will use this only during setup to fetch asset and collection point IDs.
  3. Generate a second key, select Consent scope — this is the key you embed in client-side SDKs and server-side consent calls.

Step 3 — Copy your org ID

Section titled “Step 3 — Copy your org ID”

Your organization ID is displayed on the same API Settings page under Organization ID. Copy it — you will pass it as X-Org-Id on every API request.

See Find your org ID for more detail.

Step 4 — Add allowed domains

Section titled “Step 4 — Add allowed domains”

Under Allowed Domains, add every origin that will make consent API calls. Examples:

  • localhost:5173 — local development
  • app.yourdomain.com — production web app
  • com.example.myapp — mobile bundle identifier

Requests from domains not on this list are rejected with 403 Forbidden.

Result

Section titled “Result”

You now have:

Admin API key:   your-admin-api-key    (backend / setup only — do not embed in client apps)
Consent API key: your-consent-api-key  (embed in SDKs and client-side consent calls)
Organization ID: your-organization-id

Store the admin key securely on your backend. Do not commit either key to source control.