Follow

Overview

 

The TrustedForm REST API is available to all TrustedForm account holders. Publishers using our JavaScript to generate certified leads do not need an account, and will not use this API.

The API is implemented as JSON over HTTPS. The API, which is available at https://app.trustedform.com, requires a TrustedForm account in order to authenticate. All functionality that exists via the TrustedForm UI using a browser is achievable via the API.

Who Should Read This?

This is technical documentation. The target audience is those who intend to integrate another platform with TrustedForm. This documentation contains everything a developer needs to integrate with TrustedForm. Please email support@activeprospect.com if you find inconsistencies or need clarification. We want this documentation to be clear and easy to use and we're happy to get your feedback.

The Examples

This documentation contains an example for every API call. The examples use the ubiquitous curl command, which is widely available on *NIX systems and Mac OS X. If you only work on Microsoft platforms, then curl may not be familiar to you and you may therefore find the examples confusing. But don't despair, curl is also available for Windows, and is easy to
learn. You can download curl here: http://curl.haxx.se/download.html.

We recommend that you know how the curl command works before attempting to understand the examples. But even if you don't, it's still possible to decipher the examples. Here are the curl arguments you need to know:

  • -X — The HTTP method to use, i.e. -X POST to perform an HTTP POST
  • -H — Add a header, i.e. -H 'Content-Type: application/json' to set the request content type to "application/json"
  • -d — Set the HTTP request body, i.e. -d '{"name": "My List", "type": "phone"}' to put a JSON document in the request body
  • -u — Set the HTTP Basic Authentication credentials, i.e. -uAPI:12345 to use the "API" user with API key "12345"

Authentication

Authentication is performed using Basic Authentication. This type of authentication is ubiquitous and secure when used over SSL. All requests to our API must be performed over SSL. The username portion of the Basic Authentication is ignored. The password must be your API key. Requests made without Basic Authentication will receive an HTTP 403 Forbidden response.

Protect your API key the same way that you would protect your password — do not give it to anyone else or embed it in a web page that could be viewed by a third party.

Important implementation note

Some HTTP Client libraries (Jakarta HttpClient, for example), do not send Basic credentials with every request by default. Instead, they send a request without credentials, and if a HTTP 401 is received, they reissue the request with the credentials. Please make the necessary configuration adjustments to ensure that Basic credentials are sent with every HTTP request.

Account in good standing

If your account has been cancelled for non-payment, then every call to the API will return an HTTP 402 Payment Required response. If this happens, you must log into the TrustedForm application and update your payment information.

Implementation Note

Some HTTP Client libraries (Jakarta HttpClient, for example), do not send Basic credentials with every request by default. Instead, they send a request without credentials, and if a HTTP 401 is received, they reissue the request with the credentials. Please make the necessary configuration adjustments to ensure that Basic credentials are sent with every HTTP request.

Was this article helpful?
0 out of 1 found this helpful
Have more questions? Submit a request

Comments

You must be logged in to comment.