Guides
Status PageAUDD DigitalAUDD Digital Knowledge BaseSubmit a Ticket
Start typing to search…

⚡ Express Setup

Quick start setup for our multi-layered authentication flow

To access the API securely, all requests must go through a multi-layered authentication process. This ensures only authorised organisations and users can connect, protecting both client data and the platform.

The authentication flow consists of:

  1. IP whitelisting: requests must originate from registered IPs.
  2. mTLS (mutual TLS): the client must present a valid certificate signed by a trusted CA.
  3. Username + password: credentials for the initial user (created by Support).
  4. 2FA (two-factor authentication): required for all users.
  5. API key exchange: used to log in and obtain a JWT (JSON Web Token).
  6. JWT: used to authenticate subsequent API calls.
❗️

Approval Required

The AUDD team will need to provision your initial user account and API key prior to access being provided. This is done through whitelisting your IP address(es) and receiving your CA Certificate registration. Once active, your team can self-manage additional users.

📋 Prerequisites

Contact the AUDD Team via your dedicated Slack channel to request setup. You will need to provide:

  • Your preferred business or organisation name.
  • Contact details.
  • Public IP addresses for whitelisting.
  • Your CA certificate (for mTLS).
  • Whether you need sandbox or production access.

Once supplied, the AUDD Team will provide you with:

  • The initial user credentials (username + password).
  • API key(s) for your environment(s).
  • Confirmation of whitelisted IPs.
  • Confirmation that your CA cert has been added to the Truststore.

🌐 Network Security (IP Whitelisting)

All requests must originate from your registered IPs. Requests from non-whitelisted IPs will return 403 Forbidden.

🔐 Mutual TLS (mTLS)

Create mTLS certs and keys
Open Recipe

Provide Support with your CA certificate. We will add it to our Truststore. Your client must present a certificate signed by that CA when connecting.

If the certificate does not validate, the request is rejected before authentication (fail to connect).

Note that mTLS is only needed when interacting with the API and is not needed to access the Portal.

👤 User Authentication (Username + Password + 2FA)

The initial user (created by the AUDD Team) requires login credentials. On login, you must supply:

  • Username & password.
  • 2FA token (TOTP code).

Once logged in, you can create and manage additional users.

📘

Extra Help

View a more comprehensive guide on setting up 2FA and operating in the API in the guide Authentication and 2FA Management.

Updated about 2 months ago

What’s Next