Model Context Protocol

Identity verification,
natively for AI agents

The Trulioo MCP server gives your AI agents direct access to global identity verification - KYC, KYB, AML screening, document capture, and age assurance - through a single typed, discoverable interface. No SDKs to integrate, no REST clients to maintain.

Schema-enforced inputs

Every tool uses additionalProperties: false. Hallucinated parameters never reach Trulioo. Agents call the right fields, every time.

Self-correcting errors

All errors return isError: true with structured results. Agents inspect the outcome and self-correct - no raw exceptions, no hanging requests.

Fully discoverable

Agents discover available packages, required fields, and test entities via config_discover_account and config_describe_context before asking for any user input.

Enterprise-grade standards

MCP protocol over stdio and streamable HTTP. OAuth 2.1 resource server. RFC 9728 Protected Resource Metadata. SOC 2-aligned audit trail in hosted mode.

Sandbox as default

Explore every tool, test all flows, and validate agent logic with zero credentials. Live calls require explicit opt-in. Sandbox and live share identical schemas.

PII never leaves the pipe

Biometric scores, document images, and raw matcher tokens are stripped before any result reaches the agent context. Enforced at the schema and sanitization layer.

Standards & protocol compliance

MCP Protocol

2024-11-05 spec. stdio + streamable HTTP transports. tools/resources/prompts discovery.

OAuth 2.1 / RFC 9728

RS256/ES256 JWT bearer tokens. Protected Resource Metadata at /.well-known/oauth-protected-resource.

NIST / eIDAS

IAL1-IAL3 assurance levels. eIDAS LoA High for EID/NFC. ISO 30107-3 for liveness.

SOC 2 aligned

CloudTrail + CloudWatch audit trail in hosted mode. Per-tenant token isolation. Correlation IDs on all requests.

Connect to Trulioo MCP

Two connection modes. Local stdio for development and CI; hosted HTTP for production agents running in cloud environments.

Local MCP (stdio)

The agent runs trulioo-mcp as a subprocess. Communication over stdin/stdout. Works with every MCP client today - no infrastructure needed.

1 Install the binary
terminal
# Apple Silicon
curl -L https://github.com/lumina/trulioo-mcp/releases/latest/download/trulioo-mcp-darwin-arm64 \
  -o trulioo-mcp && chmod +x trulioo-mcp && sudo mv trulioo-mcp /usr/local/bin/

# Intel Mac
curl -L https://github.com/lumina/trulioo-mcp/releases/latest/download/trulioo-mcp-darwin-x86_64 \
  -o trulioo-mcp && chmod +x trulioo-mcp && sudo mv trulioo-mcp /usr/local/bin/

trulioo-mcp --version
2 Configure your MCP client

Edit ~/Library/Application Support/Claude/claude_desktop_config.json

claude_desktop_config.json
{
  "mcpServers": {
    "trulioo": {
      "command": "trulioo-mcp",
      "args": ["--transport", "stdio"],
      "env": { "TRULIOO_MODE": "sandbox" }
    }
  }
}

Restart Claude Desktop. Call trulioo_health to confirm.

3 Run your first agent call

Start with trulioo_health

The first tool call your agent should always make. Confirms connectivity, authentication state, and sandbox/live mode.

agent prompt
Call trulioo_health and tell me the auth_status and mode.
Then call config_discover_account to list available verification packages.

Hosted MCP (streamable HTTP)

A persistent HTTPS endpoint in AWS for agents running in cloud environments. OAuth 2.1 bearer token authentication, per-tenant isolation, and full audit trail. Suitable for production workloads, multi-tenant platforms, and agents that cannot install local binaries.

Early access

The hosted endpoint requires Trulioo self-serve credential issuance. Contact mcp@trulioo.com to get access.

1 Obtain a bearer token
terminal
curl -X POST https://auth.your-as.example.com/token \
  -d "grant_type=client_credentials&client_id=CLIENT_ID&client_secret=CLIENT_SECRET&scope=verify read"
2 Configure your client for remote HTTP
claude_desktop_config.json
{
  "mcpServers": {
    "trulioo": {
      "type": "http",
      "url": "https://mcp.trulioo.com/mcp",
      "headers": { "Authorization": "Bearer YOUR_ACCESS_TOKEN" }
    }
  }
}
.vscode/mcp.json
{
  "servers": {
    "trulioo": {
      "type": "http",
      "url": "https://mcp.trulioo.com/mcp",
      "headers": { "Authorization": "Bearer YOUR_ACCESS_TOKEN" }
    }
  }
}
python
from mcp.client.streamable_http import streamablehttp_client
from mcp import ClientSession

async with streamablehttp_client(
    "https://mcp.trulioo.com/mcp",
    headers={"Authorization": f"Bearer {access_token}"}
) as (read, write, _):
    async with ClientSession(read, write) as session:
        await session.initialize()
        result = await session.call_tool("trulioo_health", {})
3 Verify connectivity
terminal
curl -s https://mcp.trulioo.com/healthz
# "ok"

curl -s https://mcp.trulioo.com/.well-known/oauth-protected-resource
# {"resource":"https://mcp.trulioo.com","authorization_servers":[...]}

Sandbox & testing

Sandbox is the default. No credentials, no real verifications, no consequences. Every tool, every flow, identical schemas to live.

Sandbox

  • No credentials required
  • Test entities per country/package
  • Predictable outcomes (match, nomatch, review)
  • Identical schemas to live

Switching to live

env
TRULIOO_MODE=live
TRULIOO_CLIENT_ID=your-client-id
TRULIOO_CLIENT_SECRET=your-client-secret

Both vars required. Use a secrets manager - never commit credentials.

Get test entities

In sandbox, config_describe_context(package_id, country_code) returns test_entities - pre-seeded data that produces known outcomes. Use these in kyc_verify and kyb_verify calls to validate agent logic without guessing field values.

Agent skills

Skills are structured guidance files agents load to understand how to work with a specific Trulioo capability. They define the right sequence, the right parameters, and the right interpretation of results - so your agents know exactly what to do without prompting from scratch.

Skills registry at mcp.trulioo.com/.well-known/skills/index.json

MCP clients and orchestration platforms can discover all available skills from the registry. Each skill maps to a specific verification domain and includes the full guidance your agent needs.

terminal
curl https://mcp.trulioo.com/.well-known/skills/index.json
trulioo-onboarding

Initialization

The startup sequence every agent should run: trulioo_health check, package discovery, and configuration context loading before any verification call.

startup sequence
trulioo_health()           # auth_status == "ok"?
config_discover_account()  # cache available packages
config_describe_context()  # fields + consents per country
trulioo-kyc

KYC - Person verification

Identity verification with async polling, consent handling, and result interpretation. Covers data field structure, terminal status values, and combined KYC+AML.

agent loop
kyc_verify(data_fields, country_code, package_id)
  -> poll kyc_get_status() until is_terminal=true
  -> kyc_get_record(record_id)
trulioo-kyb

KYB - Business verification

Business due diligence from registration discovery through UBO mapping. Covers jurisdiction-level registration types and monitoring enrollment.

due diligence sequence
kyb_list_registration_types -> kyb_search
  -> kyb_verify(ubo=true, aml=true)
  -> kyb_get_report
trulioo-aml

AML & sanctions screening

Watchlist and sanctions screening for persons and businesses. Standalone or bundled with KYC/KYB. Includes Hit/Potential Hit/Clear interpretation and escalation guidance.

result states
Clear         -> proceed
Potential Hit -> flag for manual review
Hit           -> escalate; human review required
trulioo-docv

Document verification

SDK-mediated document capture. Agent creates a session and delivers QR/deep-link to the user. No image bytes flow through MCP. Covers EID/NFC, liveness, and age minimum validation.

session flow
docv_create_session() -> QR + deep link
  User captures on device (SDK)
  -> docv_get_result() -> ACCEPT/DECLINE
trulioo-age

Age assurance

Three-rung regulatory ladder: data-only DOB (Rung 1), biometric estimation (Rung 2), document + liveness (Rung 3). Maps COPPA, UK AAS, and GDPR contexts to the right rung.

ladder
Rung 1: age_check (DOB lookup)
Rung 2: age_estimate_biometric (face)
Rung 3: docv + age_minimum validation
trulioo-kyb via monitoring_enrollment_workflow

Business monitoring

Enroll a verified business for ongoing change monitoring. Alerts on director changes, address changes, sanctions additions, and ownership structure changes. Uses monitoring_enroll, monitoring_get_alert, monitoring_refresh, and monitoring_cancel.

Workflow prompts

Six built-in MCP prompts give agents step-by-step guidance for complete verification scenarios. Discoverable via prompts/list.

PromptArgumentsUse when
kyc_onboarding_workflowcountry_code, package_idUser onboarding, identity check
kyb_due_diligence_workflowbusiness_name, country_codeB2B onboarding, vendor checks
aml_investigation_workflowentity_typeCompliance, sanctions screening
age_verification_workflowage_thresholdAge-gated content, gambling
docv_verification_workflowcountry_code, capture_methodDocument capture, eID/NFC
monitoring_enrollment_workflowentity_nameOngoing business monitoring

Tools reference

All tools are typed, validated, and return structured results agents can branch on. Each tool has additionalProperties: false on its input schema and returns structuredContent alongside human-readable text.

KYC Person identity verification

ToolDescription
kyc_verifyVerify a person's identity. Accepts include_aml=true for bundled screening and wait_for_completion=true for synchronous result (up to 30s).
kyc_get_statusPoll an async transaction. Returns is_terminal flag and next_action.suggested_poll_interval_seconds. Terminal values: match, nomatch, review, error.
kyc_get_recordFetch final verified record. Parameter: record_id. Includes per-data-source match results.
kyc_verify - input structure
{
  "country_code": "US",
  "package_id": "identity-verification",
  "data_fields": {
    "PersonInfo": { "FirstGivenName": "Jane", "FirstSurName": "Doe",
                    "DayOfBirth": 15, "MonthOfBirth": 3, "YearOfBirth": 1985 },
    "Location":   { "BuildingNumber": "123", "StreetName": "Main St",
                    "City": "Austin", "StateProvinceCode": "TX", "PostalCode": "78701" }
  }
}

Call config_describe_context first - exact field names vary by country and package.

DocV Document verification

SDK-mediated. No image bytes, biometric scores, or raw matcher tokens flow through MCP. The agent creates a session; the Trulioo SDK handles all capture on the user's device.

ToolDescription
docv_create_sessionCreate a capture session. Returns QR code, deep-link URL, and shortcode. Configure capture_method (auto/eid/document/liveness), document_types, validation_rules, and optional delivery.webhook_url.
docv_get_resultPoll until terminal state: ACCEPT, REVIEW, DECLINE, or EXPIRED.
docv_create_mobile_handoffRegenerate a 5-minute shortcode when the original expires.
docv_cancel_sessionCancel an abandoned or superseded session.

KYB Business verification

ToolDescription
kyb_searchFind a business by name. Returns registration number candidates.
kyb_verifyFull business verification. Accepts ubo_discovery=true and include_aml=true.
kyb_get_reportRetrieve completed report. Parameter: record_id.
kyb_list_registration_typesRegistration ID types for a country.
kyb_get_all_registration_typesAll registration types across all countries.
kyb_get_registration_types_by_jurisdictionTypes for a country + jurisdiction (e.g. US state).
kyb_get_jurisdictions_of_incorporationSupported jurisdictions for a country.
kyb_get_partial_resultIntermediate results for long-running verifications.

AML Watchlist screening

ToolDescription
aml_screenScreen a person (entity_type=person) or business (entity_type=business) against global watchlists, sanctions, and PEP databases.

Age Age assurance

ToolDescription
age_checkData-only DOB check against a minimum age threshold (Rung 1).
age_estimate_biometricFace-based age estimation (Rung 2). Requires TRULIOO_ENABLE_BIOMETRIC_AGE=true. Tool not visible in tools/list until flag is set.

Monitoring Business monitoring

ToolDescription
monitoring_enrollEnroll a verified business. Requires completed KYB transaction_record_id.
monitoring_get_enrollmentEnrollment details: frequency, watched fields, status.
monitoring_get_alertLatest monitoring alert for an enrollment.
monitoring_refreshTrigger an immediate out-of-schedule re-check.
monitoring_cancelCancel monitoring. Irreversible.

Configuration discovery

ToolDescription
trulioo_healthServer liveness, auth_status, mode, and protocol version. Always call first.
config_discover_accountAvailable verification packages for this account. Cache the result.
config_describe_contextFull config context for a package+country: exact field names, required consents, data sources, subdivisions, and test entities (sandbox). Fetches 7 Trulioo config endpoints in one call.

Resources

Eight stable URIs for retrieving results already obtained via tools, without re-running verification.

URIDescription
trulioo://kyc/{id}KYC transaction record
trulioo://kyc/docv/{id}DocV session result
trulioo://kyc/eid/{id}EID verification result
trulioo://kyc/age/{id}Age assurance result
trulioo://kyb/{id}KYB verification report
trulioo://kyb/monitoring/{id}Business monitoring enrollment
trulioo://aml/{id}AML screening result
trulioo://config/{pkg}/{cc}Package+country config context. Cacheable at host level.

Orchestration patterns

Trulioo MCP is built for how modern AI agent teams actually work - agents composing tools, delegating to specialists, and running verification as a step inside a larger workflow.

Agent as orchestrator

The most common pattern. Your agent handles the conversation, collects data, calls Trulioo tools, and interprets results. Prism is a tool provider; the agent decides when and what to call.

flow
User conversation
  -> AI Agent (Claude, GPT-4, etc.)
      -> trulioo_health / config_discover_account
      -> kyc_verify / kyb_verify / aml_screen
      -> structured result (is_terminal, status, record_id)
  -> Agent interprets and continues conversation

Enterprise agent teams

Prism is designed for multi-agent architectures where verification is one node in a larger orchestration graph. A compliance orchestrator can delegate verification tasks to specialist agents, each with a narrow tool allowlist, then assemble the final compliance record.

multi-agent pattern
Compliance Orchestrator
  |-- KYC Agent       (tools: kyc_verify, kyc_get_status, kyc_get_record)
  |-- DocV Agent      (tools: docv_create_session, docv_get_result)
  |-- AML Agent       (tools: aml_screen)
  `-- Monitoring Agent (tools: monitoring_enroll, monitoring_get_alert)

Narrow tool allowlists reduce blast radius. A DocV agent cannot call monitoring_cancel. An AML agent cannot create DocV sessions.

Infrastructure-level AI ops

In hosted deployments, a fleet of Claude-based agents operates Prism as infrastructure - running automated deployments with approval gates, investigating incidents, evaluating canary releases with metric gating, and rotating credentials with zero downtime. Prism is simultaneously a tool provider for your agents and a service operated by AI agents.

How it works

A few core design decisions that make Trulioo MCP predictable for agents.

Structured outputs agents can branch on

Every tool returns structuredContent - a JSON object with typed fields alongside the human-readable text. Agents branch on is_terminal, watchlist_state, and status, not on parsed prose.

Errors as results, not exceptions

Auth failure, circuit breaker open, rate limit, upstream 503 - all return isError: true in a valid MCP tool result with a plain-text message. The server never crashes and never leaks a raw stack trace. Agents self-correct.

Circuit breaker per upstream surface

NAPI, DocV, and Monitoring each have an independent circuit breaker. After 5 consecutive failures the breaker opens and returns immediately - no timeout wait. Half-open probe after 30s. Agents get fast, clear feedback when a surface is degraded.

PII sanitization before agent context

Watchlist hit details, adverse media content, and raw datasource strings are sanitized before reaching the agent context. This prevents crafted upstream data from injecting instructions into the model.

Security

Never embed credentials in config files

Use environment variables or a secrets manager. AWS Secrets Manager, HashiCorp Vault, and 1Password Secrets Automation all work. In hosted mode, credentials are injected at ECS task startup and the running process cannot read them directly.

Prompt injection resistance

Enable human confirmation on write operations (kyc_verify, kyb_verify, docv_create_session, monitoring_cancel) when running automated pipelines. For agents without a human in the loop, restrict the tool allowlist to exactly the tools needed - a KYC agent should not have access to monitoring_cancel.

Input validation

All tool input schemas have additionalProperties: false. Inputs are validated before any upstream call. Suspicious response fields (watchlist data, adverse media) are sanitized before entering the agent context.

FAQ

Do I need Trulioo credentials to try this?

No. Sandbox mode is the default and uses built-in demo credentials. No setup needed. Call trulioo_health immediately after install - no environment variables required.

What MCP clients does this work with?

Any client that supports MCP stdio transport: Claude Desktop, Cursor, VS Code (Copilot), Claude Code CLI, OpenCode, and any custom agent using the MCP spec. The hosted HTTP endpoint supports any client that implements streamable HTTP transport.

Will my agents see PII in tool responses?

Biometric scores, document images, and raw matcher tokens are never returned through MCP - enforced at the schema and sanitization layer. Transaction IDs, verification status, and match-level results are returned. PII submitted as input is not echoed back in responses.

What happens when Trulioo is unavailable?

The circuit breaker opens after 5 consecutive failures and returns isError: true immediately - no hanging. Agents receive a plain-text message explaining the state. The breaker probes automatically after 30 seconds.

Are sandbox and live schemas identical?

Yes. Tool names, input schemas, and error codes are identical between sandbox and live. Only the underlying adapters change. You can build and validate your entire agent integration in sandbox before switching to live.

How do I run multiple agents against the same server?

For local stdio, each agent should launch its own subprocess - the binary handles one MCP session per process. For hosted HTTP, multiple agents connect to the same endpoint concurrently; rate limits are per-tenant.

Is there a hosted MCP endpoint today?

The hosted endpoint at mcp.trulioo.com requires Trulioo self-serve credential issuance. Contact mcp@trulioo.com to get access.