Learn about managing your Truv credentials and API keys.
Overview
Truv credentials allow you to work with provider data from connected users. API keys are important values to keep secure and safe. Learn how to create new keys, delete outdated keys, and rotate their use.
Dashboard keys
The Truv Dashboard allows you to create and manage API keys. This section is for integrations that create Orders in the dashboard. Follow the steps below for rotating your credentials.
Dashboard steps
- Create a new key.
Create a new key in Truv Dashboard.
- Delete the old key.
Delete unnecessary access_token values to minimize exposure to attacks. Pending state transactions with the original key continue to process.
Truv API keys
The Truv API also allows you to create and delete credentials. For embedded solutions or Orders using the API, follow the steps below.
Truv API steps
- Create a new key.
Generate a new key in Truv Dashboard.
Tip
Create a sandbox key to test the integration before updating keys in production.
- Update the key in all applicable locations.
Find all locations for updating keys by searching for the X-Access-Secret request header in your code.
- Delete the previous key.
The outdated access keys are no longer needed and can be removed to reduce risk.
Warning
Deleting keys cannot be undone. Confirm all steps before deleting former keys.
Confirm all previous keys are rotated out and the new key is successful in your integration. The trash bin icon deletes the key. Pending state transactions with the original key continue to process.