Identity verification,
natively for AI agents
The Trulioo MCP server gives your AI agents direct access to global identity verification - KYC, KYB, AML screening, document capture, and age assurance - through a single typed, discoverable interface. No SDKs to integrate, no REST clients to maintain.
Schema-enforced inputs
Every tool uses additionalProperties: false. Hallucinated parameters never reach Trulioo. Agents call the right fields, every time.
Self-correcting errors
All errors return isError: true with structured results. Agents inspect the outcome and self-correct - no raw exceptions, no hanging requests.
Fully discoverable
Agents discover available packages, required fields, and test entities via config_discover_account and config_describe_context before asking for any user input.
Enterprise-grade standards
MCP protocol over stdio and streamable HTTP. OAuth 2.1 resource server. RFC 9728 Protected Resource Metadata. SOC 2-aligned audit trail in hosted mode.
Sandbox as default
Explore every tool, test all flows, and validate agent logic with zero credentials. Live calls require explicit opt-in. Sandbox and live share identical schemas.
PII never leaves the pipe
Biometric scores, document images, and raw matcher tokens are stripped before any result reaches the agent context. Enforced at the schema and sanitization layer.
Standards & protocol compliance
MCP Protocol
2024-11-05 spec. stdio + streamable HTTP transports. tools/resources/prompts discovery.
OAuth 2.1 / RFC 9728
RS256/ES256 JWT bearer tokens. Protected Resource Metadata at /.well-known/oauth-protected-resource.
NIST / eIDAS
IAL1-IAL3 assurance levels. eIDAS LoA High for EID/NFC. ISO 30107-3 for liveness.
SOC 2 aligned
CloudTrail + CloudWatch audit trail in hosted mode. Per-tenant token isolation. Correlation IDs on all requests.
Connect to Trulioo MCP
Two connection modes. Local stdio for development and CI; hosted HTTP for production agents running in cloud environments.
Local MCP (stdio)
The agent runs trulioo-mcp as a subprocess. Communication over stdin/stdout. Works with every MCP client today - no infrastructure needed.
# Apple Silicon curl -L https://github.com/lumina/trulioo-mcp/releases/latest/download/trulioo-mcp-darwin-arm64 \ -o trulioo-mcp && chmod +x trulioo-mcp && sudo mv trulioo-mcp /usr/local/bin/ # Intel Mac curl -L https://github.com/lumina/trulioo-mcp/releases/latest/download/trulioo-mcp-darwin-x86_64 \ -o trulioo-mcp && chmod +x trulioo-mcp && sudo mv trulioo-mcp /usr/local/bin/ trulioo-mcp --version
Edit ~/Library/Application Support/Claude/claude_desktop_config.json
{
"mcpServers": {
"trulioo": {
"command": "trulioo-mcp",
"args": ["--transport", "stdio"],
"env": { "TRULIOO_MODE": "sandbox" }
}
}
}Restart Claude Desktop. Call trulioo_health to confirm.
Start with trulioo_health
The first tool call your agent should always make. Confirms connectivity, authentication state, and sandbox/live mode.
Call trulioo_health and tell me the auth_status and mode. Then call config_discover_account to list available verification packages.
Hosted MCP (streamable HTTP)
A persistent HTTPS endpoint in AWS for agents running in cloud environments. OAuth 2.1 bearer token authentication, per-tenant isolation, and full audit trail. Suitable for production workloads, multi-tenant platforms, and agents that cannot install local binaries.
Early access
The hosted endpoint requires Trulioo self-serve credential issuance. Contact mcp@trulioo.com to get access.
curl -X POST https://auth.your-as.example.com/token \ -d "grant_type=client_credentials&client_id=CLIENT_ID&client_secret=CLIENT_SECRET&scope=verify read"
{
"mcpServers": {
"trulioo": {
"type": "http",
"url": "https://mcp.trulioo.com/mcp",
"headers": { "Authorization": "Bearer YOUR_ACCESS_TOKEN" }
}
}
}{
"servers": {
"trulioo": {
"type": "http",
"url": "https://mcp.trulioo.com/mcp",
"headers": { "Authorization": "Bearer YOUR_ACCESS_TOKEN" }
}
}
}from mcp.client.streamable_http import streamablehttp_client
from mcp import ClientSession
async with streamablehttp_client(
"https://mcp.trulioo.com/mcp",
headers={"Authorization": f"Bearer {access_token}"}
) as (read, write, _):
async with ClientSession(read, write) as session:
await session.initialize()
result = await session.call_tool("trulioo_health", {})curl -s https://mcp.trulioo.com/healthz
# "ok"
curl -s https://mcp.trulioo.com/.well-known/oauth-protected-resource
# {"resource":"https://mcp.trulioo.com","authorization_servers":[...]}Sandbox & testing
Sandbox is the default. No credentials, no real verifications, no consequences. Every tool, every flow, identical schemas to live.
Sandbox
- No credentials required
- Test entities per country/package
- Predictable outcomes (match, nomatch, review)
- Identical schemas to live
Switching to live
TRULIOO_MODE=live TRULIOO_CLIENT_ID=your-client-id TRULIOO_CLIENT_SECRET=your-client-secret
Both vars required. Use a secrets manager - never commit credentials.
Get test entities
In sandbox, config_describe_context(package_id, country_code) returns test_entities - pre-seeded data that produces known outcomes. Use these in kyc_verify and kyb_verify calls to validate agent logic without guessing field values.
Agent skills
Skills are structured guidance files agents load to understand how to work with a specific Trulioo capability. They define the right sequence, the right parameters, and the right interpretation of results - so your agents know exactly what to do without prompting from scratch.
Skills registry at mcp.trulioo.com/.well-known/skills/index.json
MCP clients and orchestration platforms can discover all available skills from the registry. Each skill maps to a specific verification domain and includes the full guidance your agent needs.
curl https://mcp.trulioo.com/.well-known/skills/index.json
Initialization
The startup sequence every agent should run: trulioo_health check, package discovery, and configuration context loading before any verification call.
trulioo_health() # auth_status == "ok"? config_discover_account() # cache available packages config_describe_context() # fields + consents per country
KYC - Person verification
Identity verification with async polling, consent handling, and result interpretation. Covers data field structure, terminal status values, and combined KYC+AML.
kyc_verify(data_fields, country_code, package_id) -> poll kyc_get_status() until is_terminal=true -> kyc_get_record(record_id)
KYB - Business verification
Business due diligence from registration discovery through UBO mapping. Covers jurisdiction-level registration types and monitoring enrollment.
kyb_list_registration_types -> kyb_search -> kyb_verify(ubo=true, aml=true) -> kyb_get_report
AML & sanctions screening
Watchlist and sanctions screening for persons and businesses. Standalone or bundled with KYC/KYB. Includes Hit/Potential Hit/Clear interpretation and escalation guidance.
Clear -> proceed Potential Hit -> flag for manual review Hit -> escalate; human review required
Document verification
SDK-mediated document capture. Agent creates a session and delivers QR/deep-link to the user. No image bytes flow through MCP. Covers EID/NFC, liveness, and age minimum validation.
docv_create_session() -> QR + deep link User captures on device (SDK) -> docv_get_result() -> ACCEPT/DECLINE
Age assurance
Three-rung regulatory ladder: data-only DOB (Rung 1), biometric estimation (Rung 2), document + liveness (Rung 3). Maps COPPA, UK AAS, and GDPR contexts to the right rung.
Rung 1: age_check (DOB lookup) Rung 2: age_estimate_biometric (face) Rung 3: docv + age_minimum validation
Business monitoring
Enroll a verified business for ongoing change monitoring. Alerts on director changes, address changes, sanctions additions, and ownership structure changes. Uses monitoring_enroll, monitoring_get_alert, monitoring_refresh, and monitoring_cancel.
Workflow prompts
Six built-in MCP prompts give agents step-by-step guidance for complete verification scenarios. Discoverable via prompts/list.
| Prompt | Arguments | Use when |
|---|---|---|
kyc_onboarding_workflow | country_code, package_id | User onboarding, identity check |
kyb_due_diligence_workflow | business_name, country_code | B2B onboarding, vendor checks |
aml_investigation_workflow | entity_type | Compliance, sanctions screening |
age_verification_workflow | age_threshold | Age-gated content, gambling |
docv_verification_workflow | country_code, capture_method | Document capture, eID/NFC |
monitoring_enrollment_workflow | entity_name | Ongoing business monitoring |
Tools reference
All tools are typed, validated, and return structured results agents can branch on. Each tool has additionalProperties: false on its input schema and returns structuredContent alongside human-readable text.
KYC Person identity verification
| Tool | Description |
|---|---|
kyc_verify | Verify a person's identity. Accepts include_aml=true for bundled screening and wait_for_completion=true for synchronous result (up to 30s). |
kyc_get_status | Poll an async transaction. Returns is_terminal flag and next_action.suggested_poll_interval_seconds. Terminal values: match, nomatch, review, error. |
kyc_get_record | Fetch final verified record. Parameter: record_id. Includes per-data-source match results. |
{
"country_code": "US",
"package_id": "identity-verification",
"data_fields": {
"PersonInfo": { "FirstGivenName": "Jane", "FirstSurName": "Doe",
"DayOfBirth": 15, "MonthOfBirth": 3, "YearOfBirth": 1985 },
"Location": { "BuildingNumber": "123", "StreetName": "Main St",
"City": "Austin", "StateProvinceCode": "TX", "PostalCode": "78701" }
}
}Call config_describe_context first - exact field names vary by country and package.
DocV Document verification
SDK-mediated. No image bytes, biometric scores, or raw matcher tokens flow through MCP. The agent creates a session; the Trulioo SDK handles all capture on the user's device.
| Tool | Description |
|---|---|
docv_create_session | Create a capture session. Returns QR code, deep-link URL, and shortcode. Configure capture_method (auto/eid/document/liveness), document_types, validation_rules, and optional delivery.webhook_url. |
docv_get_result | Poll until terminal state: ACCEPT, REVIEW, DECLINE, or EXPIRED. |
docv_create_mobile_handoff | Regenerate a 5-minute shortcode when the original expires. |
docv_cancel_session | Cancel an abandoned or superseded session. |
KYB Business verification
| Tool | Description |
|---|---|
kyb_search | Find a business by name. Returns registration number candidates. |
kyb_verify | Full business verification. Accepts ubo_discovery=true and include_aml=true. |
kyb_get_report | Retrieve completed report. Parameter: record_id. |
kyb_list_registration_types | Registration ID types for a country. |
kyb_get_all_registration_types | All registration types across all countries. |
kyb_get_registration_types_by_jurisdiction | Types for a country + jurisdiction (e.g. US state). |
kyb_get_jurisdictions_of_incorporation | Supported jurisdictions for a country. |
kyb_get_partial_result | Intermediate results for long-running verifications. |
AML Watchlist screening
| Tool | Description |
|---|---|
aml_screen | Screen a person (entity_type=person) or business (entity_type=business) against global watchlists, sanctions, and PEP databases. |
Age Age assurance
| Tool | Description |
|---|---|
age_check | Data-only DOB check against a minimum age threshold (Rung 1). |
age_estimate_biometric | Face-based age estimation (Rung 2). Requires TRULIOO_ENABLE_BIOMETRIC_AGE=true. Tool not visible in tools/list until flag is set. |
Monitoring Business monitoring
| Tool | Description |
|---|---|
monitoring_enroll | Enroll a verified business. Requires completed KYB transaction_record_id. |
monitoring_get_enrollment | Enrollment details: frequency, watched fields, status. |
monitoring_get_alert | Latest monitoring alert for an enrollment. |
monitoring_refresh | Trigger an immediate out-of-schedule re-check. |
monitoring_cancel | Cancel monitoring. Irreversible. |
Configuration discovery
| Tool | Description |
|---|---|
trulioo_health | Server liveness, auth_status, mode, and protocol version. Always call first. |
config_discover_account | Available verification packages for this account. Cache the result. |
config_describe_context | Full config context for a package+country: exact field names, required consents, data sources, subdivisions, and test entities (sandbox). Fetches 7 Trulioo config endpoints in one call. |
Resources
Eight stable URIs for retrieving results already obtained via tools, without re-running verification.
| URI | Description |
|---|---|
trulioo://kyc/{id} | KYC transaction record |
trulioo://kyc/docv/{id} | DocV session result |
trulioo://kyc/eid/{id} | EID verification result |
trulioo://kyc/age/{id} | Age assurance result |
trulioo://kyb/{id} | KYB verification report |
trulioo://kyb/monitoring/{id} | Business monitoring enrollment |
trulioo://aml/{id} | AML screening result |
trulioo://config/{pkg}/{cc} | Package+country config context. Cacheable at host level. |
Orchestration patterns
Trulioo MCP is built for how modern AI agent teams actually work - agents composing tools, delegating to specialists, and running verification as a step inside a larger workflow.
Agent as orchestrator
The most common pattern. Your agent handles the conversation, collects data, calls Trulioo tools, and interprets results. Prism is a tool provider; the agent decides when and what to call.
User conversation
-> AI Agent (Claude, GPT-4, etc.)
-> trulioo_health / config_discover_account
-> kyc_verify / kyb_verify / aml_screen
-> structured result (is_terminal, status, record_id)
-> Agent interprets and continues conversationEnterprise agent teams
Prism is designed for multi-agent architectures where verification is one node in a larger orchestration graph. A compliance orchestrator can delegate verification tasks to specialist agents, each with a narrow tool allowlist, then assemble the final compliance record.
Compliance Orchestrator |-- KYC Agent (tools: kyc_verify, kyc_get_status, kyc_get_record) |-- DocV Agent (tools: docv_create_session, docv_get_result) |-- AML Agent (tools: aml_screen) `-- Monitoring Agent (tools: monitoring_enroll, monitoring_get_alert)
Narrow tool allowlists reduce blast radius. A DocV agent cannot call monitoring_cancel. An AML agent cannot create DocV sessions.
Infrastructure-level AI ops
In hosted deployments, a fleet of Claude-based agents operates Prism as infrastructure - running automated deployments with approval gates, investigating incidents, evaluating canary releases with metric gating, and rotating credentials with zero downtime. Prism is simultaneously a tool provider for your agents and a service operated by AI agents.
How it works
A few core design decisions that make Trulioo MCP predictable for agents.
Structured outputs agents can branch on
Every tool returns structuredContent - a JSON object with typed fields alongside the human-readable text. Agents branch on is_terminal, watchlist_state, and status, not on parsed prose.
Errors as results, not exceptions
Auth failure, circuit breaker open, rate limit, upstream 503 - all return isError: true in a valid MCP tool result with a plain-text message. The server never crashes and never leaks a raw stack trace. Agents self-correct.
Circuit breaker per upstream surface
NAPI, DocV, and Monitoring each have an independent circuit breaker. After 5 consecutive failures the breaker opens and returns immediately - no timeout wait. Half-open probe after 30s. Agents get fast, clear feedback when a surface is degraded.
PII sanitization before agent context
Watchlist hit details, adverse media content, and raw datasource strings are sanitized before reaching the agent context. This prevents crafted upstream data from injecting instructions into the model.
Security
Never embed credentials in config files
Use environment variables or a secrets manager. AWS Secrets Manager, HashiCorp Vault, and 1Password Secrets Automation all work. In hosted mode, credentials are injected at ECS task startup and the running process cannot read them directly.
Prompt injection resistance
Enable human confirmation on write operations (kyc_verify, kyb_verify, docv_create_session, monitoring_cancel) when running automated pipelines. For agents without a human in the loop, restrict the tool allowlist to exactly the tools needed - a KYC agent should not have access to monitoring_cancel.
Input validation
All tool input schemas have additionalProperties: false. Inputs are validated before any upstream call. Suspicious response fields (watchlist data, adverse media) are sanitized before entering the agent context.
FAQ
Do I need Trulioo credentials to try this?
No. Sandbox mode is the default and uses built-in demo credentials. No setup needed. Call trulioo_health immediately after install - no environment variables required.
What MCP clients does this work with?
Any client that supports MCP stdio transport: Claude Desktop, Cursor, VS Code (Copilot), Claude Code CLI, OpenCode, and any custom agent using the MCP spec. The hosted HTTP endpoint supports any client that implements streamable HTTP transport.
Will my agents see PII in tool responses?
Biometric scores, document images, and raw matcher tokens are never returned through MCP - enforced at the schema and sanitization layer. Transaction IDs, verification status, and match-level results are returned. PII submitted as input is not echoed back in responses.
What happens when Trulioo is unavailable?
The circuit breaker opens after 5 consecutive failures and returns isError: true immediately - no hanging. Agents receive a plain-text message explaining the state. The breaker probes automatically after 30 seconds.
Are sandbox and live schemas identical?
Yes. Tool names, input schemas, and error codes are identical between sandbox and live. Only the underlying adapters change. You can build and validate your entire agent integration in sandbox before switching to live.
How do I run multiple agents against the same server?
For local stdio, each agent should launch its own subprocess - the binary handles one MCP session per process. For hosted HTTP, multiple agents connect to the same endpoint concurrently; rate limits are per-tenant.
Is there a hosted MCP endpoint today?
The hosted endpoint at mcp.trulioo.com requires Trulioo self-serve credential issuance. Contact mcp@trulioo.com to get access.