Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Submitting your project for review post integration
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Submitting your project for review post integration
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Ensure that your Minimum SDK version is at least API level 24 or above. In case your android project compiles for API level below 24, you can include the following line in your AndroidManifest.xml file to avoid any compilation issues :
<uses-sdk tools:overrideLibrary="com.truecaller.android.sdk"/>
Using this would ensure that the SDK works normally for API level 24 & above, and would be disabled for API level < 24. Note: Please make sure that you put the necessary API level checks before accessing the SDK methods in case of compiling for API level < 24
2.1) Add the Truecaller SDK which contains OAuth functionality to your app-level build.gradle file
dependencies {
...
implementation "com.truecaller.android.sdk:truecaller-sdk:3.0.0"
}
2.2) Also, add the following lines of code in your gradle file, if not already present
android{
compileOptions{
sourceCompatibility JavaVersion.VERSION_1_8
targetCompatibility JavaVersion.VERSION_1_8
}
}
Add mavenCentral() in your project level build.gradle file :
allprojects{
repositories{
...
mavenCentral()
...
}
Also check your AGP and distribution URL version AGP : 7.4.2 (minimum) distributionUrl=https\://services.gradle.org/distributions/gradle-7.5-bin.zip (minimum).
Configure Client ID :
a.) Open your strings.xml file. Example path: /app/src/main/res/values/strings.xml and add a new string with the name "clientID" and value as your "clientID"
b.) Open your AndroidManifest.xml and add a meta-data element to the application element
<application android:label="@string/app_name" ...>
...
<meta-data android:name="com.truecaller.android.sdk.ClientId" android:value="@string/clientID"/>
...
Ensure that your Minimum SDK version is at least API level 24 or above. In case your android project compiles for API level below 24, you can include the following line in your AndroidManifest.xml file to avoid any compilation issues :
<uses-sdk tools:overrideLibrary="com.truecaller.android.sdk"/>
Using this would ensure that the SDK works normally for API level 24 & above, and would be disabled for API level < 24. Note: Please make sure that you put the necessary API level checks before accessing the SDK methods in case of compiling for API level < 24
2.1) Add the Truecaller SDK which contains OAuth functionality to your app-level build.gradle file
dependencies {
...
implementation "com.truecaller.android.sdk:truecaller-sdk:3.0.0"
}
2.2) Also, add the following lines of code in your gradle file, if not already present
android{
compileOptions{
sourceCompatibility JavaVersion.VERSION_1_8
targetCompatibility JavaVersion.VERSION_1_8
}
}
Add mavenCentral() in your project level build.gradle file :
allprojects{
repositories{
...
mavenCentral()
...
}
Also check your AGP and distribution URL version AGP : 7.4.2 (minimum) distributionUrl=https\://services.gradle.org/distributions/gradle-7.5-bin.zip (minimum).
Configure Client ID :
a.) Open your strings.xml file. Example path: /app/src/main/res/values/strings.xml and add a new string with the name "clientID" and value as your "clientID"
b.) Open your AndroidManifest.xml and add a meta-data element to the application element
<application android:label="@string/app_name" ...>
...
<meta-data android:name="com.truecaller.android.sdk.ClientId" android:value="@string/clientID"/>
...
Truecaller SDK is a mobile number verification service, without the need for any OTP whatsoever.
The right way to implement Truecaller SDK in your mobile app, is to invoke mobile number verification via Truecaller at touch points, where you have your users to sign-up/ login/ checkout by verifying their mobile numbers.
Let us now see an example to understand how to effectively use Truecaller SDK at such touch points in your user journey
When mobile apps onboard their users, there are multiple ways in which they address the onboarding process.
For example, one could address it as Get Started, Join Us, Login, Sign up, etc., shown as a button to the users, clicking which leads to the mobile number based identity verification of users.
Here is such an example from CentroStore - our very own in-house sample app:
Building for Various Touch points
a. Invoking user signup/ login/ verification via Truecaller at app onboarding
Example: CentroStore - our very own in-house sample app
When mobile apps onboard their users, there are multiple ways in which they address the onboarding process. For example, one could address it as Get Started, Join Us, Login, Sign up, etc., shown as a button to the users, clicking which leads to the mobile number-based identity verification of users. Here is such an example from CetroStore.
b. Directly invoking verification via Truecaller
Example : CentroStore - our very own in-house sample app
CentroStore has mobile number as the primary identifier for its users. So as soon as users lands on their mobile number login/ signup screen, it invokes Verification via Truecaller, and onboards it’s users within seconds in just 1-tap.
c. Performing user verification at checkout
Example : CentroStore - our very own in-house sample app
CentroStore also allows users to browse through it’s app and check for bus ETAs, without needing to sign-up or log-in. However, when users wish to purchase the ticket or travel pass, it requires users to verify their mobile number.
Now that we have gone through and understood how to implement Verification via Truecaller, let’s get started with the SDK integration.
Truecaller SDK is a mobile number verification service, without the need for any OTP whatsoever.
The right way to implement Truecaller SDK in your mobile app, is to invoke mobile number verification via Truecaller at touch points, where you have your users to sign-up/ login/ checkout by verifying their mobile numbers.
Let us now see an example to understand how to effectively use Truecaller SDK at such touch points in your user journey
When mobile apps onboard their users, there are multiple ways in which they address the onboarding process.
For example, one could address it as Get Started, Join Us, Login, Sign up, etc., shown as a button to the users, clicking which leads to the mobile number based identity verification of users.
Here is such an example from CentroStore - our very own in-house sample app:
Building for Various Touch points
a. Invoking user signup/ login/ verification via Truecaller at app onboarding
Example: CentroStore - our very own in-house sample app
When mobile apps onboard their users, there are multiple ways in which they address the onboarding process. For example, one could address it as Get Started, Join Us, Login, Sign up, etc., shown as a button to the users, clicking which leads to the mobile number-based identity verification of users. Here is such an example from CetroStore.
b. Directly invoking verification via Truecaller
Example : CentroStore - our very own in-house sample app
CentroStore has mobile number as the primary identifier for its users. So as soon as users lands on their mobile number login/ signup screen, it invokes Verification via Truecaller, and onboards it’s users within seconds in just 1-tap.
c. Performing user verification at checkout
Example : CentroStore - our very own in-house sample app
CentroStore also allows users to browse through it’s app and check for bus ETAs, without needing to sign-up or log-in. However, when users wish to purchase the ticket or travel pass, it requires users to verify their mobile number.
Now that we have gone through and understood how to implement Verification via Truecaller, let’s get started with the SDK integration.
Step by step guide to integrate Truecaller OAuth SDK with your android project.
In order to proceed with the integration, please refer to so as to understand various user flows and touch points in the user journey where Truecaller can be enabled.
Register on the to create your business account and manage OAuth projects.
Once you have created your account, create your OAuth project & generate credentials by following the steps
Once you have generated the credentials, you can easily, in a few simple steps integrate the Truecaller SDK by referring to our step-by-step guide in the subsequent sections.
Post integration completion, submit your project for review and go live.
Step by step guide to integrate Truecaller OAuth SDK with your android project.
In order to proceed with the integration, please refer to so as to understand various user flows and touch points in the user journey where Truecaller can be enabled.
Register on the to create your business account and manage OAuth projects.
Once you have created your account, create your OAuth project & generate credentials by following the steps
Once you have generated the credentials, you can easily, in a few simple steps integrate the Truecaller SDK by referring to our step-by-step guide in the subsequent sections.
Post integration completion, submit your project for review and go live.
You can trigger the Truecaller profile verification dialog anywhere in your app flow by calling the following method
In case isOAuthFlowUsable() method returns false, implying that Truecaller app is not present on the device, you can take the user to your app screen and continue with the verification flow for non-Truecaller users.
You can trigger the Truecaller profile verification dialog anywhere in your app flow by calling the following method
In case isOAuthFlowUsable() method returns false, implying that Truecaller app is not present on the device, you can take the user to your app screen and continue with the verification flow for non-Truecaller users.
Set a unique state parameter & store it in the current session to use it later in the onSuccess() callback method of the TcOAuthCallback to match if the state received from the authorization server is the same as set here to prevent request forgery attacks.
One good choice for a state token is a string of around 32 characters constructed using a high-quality random-number generator as we did above. Another approach could be a hash generated by signing some of your session state variables with a key that is kept secret on your back-end.
Truecaller OAuth SDK already verifies the request-response correlation before forwarding it to the your app.
Set the list of scopes to be requested.
Generate a unique code verifier & store it in the current session since it would be required later to generate the access token. It can be generated using the utility class CodeVerifierUtil provided in the SDK.
This utility method generates a random code verifier string using SecureRandom as the source of entropy with 64 as the default entropy quantity.
Set the corresponding code challenge using the code verifier generated in the previous step. This can be generated using the utility class CodeVerifierUtil provided in the SDK.
This utility method produces a code challenge from the supplied code verifier using SHA-256 as the challenge method and Base64 as encoding if the system supports it (all Android devices should ideally support SHA-256 and Base64), but in rare case if the device doesn’t, then this method would return null meaning that you can’t proceed further. Please ensure to have a null safe check for such cases.
Set a unique state parameter & store it in the current session to use it later in the onSuccess() callback method of the TcOAuthCallback to match if the state received from the authorization server is the same as set here to prevent request forgery attacks.
One good choice for a state token is a string of around 32 characters constructed using a high-quality random-number generator as we did above. Another approach could be a hash generated by signing some of your session state variables with a key that is kept secret on your back-end.
Truecaller OAuth SDK already verifies the request-response correlation before forwarding it to the your app.
Set the list of scopes to be requested.
Generate a unique code verifier & store it in the current session since it would be required later to generate the access token. It can be generated using the utility class CodeVerifierUtil provided in the SDK.
This utility method generates a random code verifier string using SecureRandom as the source of entropy with 64 as the default entropy quantity.
Set the corresponding code challenge using the code verifier generated in the previous step. This can be generated using the utility class CodeVerifierUtil provided in the SDK.
This utility method produces a code challenge from the supplied code verifier using SHA-256 as the challenge method and Base64 as encoding if the system supports it (all Android devices should ideally support SHA-256 and Base64), but in rare case if the device doesn’t, then this method would return null meaning that you can’t proceed further. Please ensure to have a null safe check for such cases.
Truecaller SDK enables you to verify your user's mobile number in a seamless way. For users who have the Truecaller app present on their smartphones and are already registered Truecaller users, they get verified in a 1-tap flow (supported globally), without the need of any manual input.
For users who don't have the Truecaller app present on their smartphones, the SDK enables user verification by means of a drop call, which is triggered to the user's number in the background to complete the verification flow (currently supported only for India).
To understand various possible user scenarios in the user's verification flow, let's try to take the example of CentroStore. CetroStore is using Truecaller SDK for verifying the numbers of all their users.
Scenario 1
a) New user on CentroStore app and
b) Truecaller app present on user's smartphone
Scenario 2
a) Existing user on CentroStore app, and
b) Truecaller app present on smartphone
Scenario 3
a) New user on CentroStore app, and
b) Truecaller app NOT present on a smartphone, and user's mobile number NOT already verified on smartphone
Scenario 4
a) Existing user on CentroStore app, and
b) Truecaller app NOT present on smartphone and user's mobile number NOT verified on smartphone
Truecaller SDK enables you to verify your user's mobile number in a seamless way. For users who have the Truecaller app present on their smartphones and are already registered Truecaller users, they get verified in a 1-tap flow (supported globally), without the need of any manual input.
For users who don't have the Truecaller app present on their smartphones, the SDK enables user verification by means of a drop call, which is triggered to the user's number in the background to complete the verification flow (currently supported only for India).
To understand various possible user scenarios in the user's verification flow, let's try to take the example of CentroStore. CetroStore is using Truecaller SDK for verifying the numbers of all their users.
Scenario 1
a) New user on CentroStore app and
b) Truecaller app present on user's smartphone
Scenario 2
a) Existing user on CentroStore app, and
b) Truecaller app present on smartphone
Scenario 3
a) New user on CentroStore app, and
b) Truecaller app NOT present on a smartphone, and user's mobile number NOT already verified on smartphone
Scenario 4
a) Existing user on CentroStore app, and
b) Truecaller app NOT present on smartphone and user's mobile number NOT verified on smartphone
In your Activity/Fragment where you want to integrate the Truecaller OAuth flow, either make the component implement the interface TcOAuthCallback or create an instance of it which you would require to initialize TcSdkOptions in the next step.
The interface has 2 functions which need to be overridden -
onFailure() method will be called in case of an error. You would get the error details like the error code and error message through tcOAuthError returned with this method.
onSuccess() method will be called when the user gives consent to authorize your app by tapping on the primary button on the Truecaller’s consent screen, and subsequently, an authorization code will be successfully generated and received. This method would return tcOAuthData which contains information like :
authorizationCode - which you can utilize to fetch the user’s access token
scopesGranted - list of scopes granted by the user
state - state parameter returned by the authorisation server. If the state set by your application is the same as the state returned by the authorisation server, it’s safe to proceed further. If state parameters are different, someone else has initiated the request and it could be a case of request forgery.
Override the onActivityResult() method of the component used in step 1 and call the onActivityResultObtained() method if the requestCode matches to TcSdk.SHARE_PROFILE_REQUEST_CODE.
In your Activity/Fragment where you want to integrate the Truecaller OAuth flow, either make the component implement the interface TcOAuthCallback or create an instance of it which you would require to initialize TcSdkOptions in the next step.
The interface has 2 functions which need to be overridden -
onFailure() method will be called in case of an error. You would get the error details like the error code and error message through tcOAuthError returned with this method.
onSuccess() method will be called when the user gives consent to authorize your app by tapping on the primary button on the Truecaller’s consent screen, and subsequently, an authorization code will be successfully generated and received. This method would return tcOAuthData which contains information like :
authorizationCode - which you can utilize to fetch the user’s access token
scopesGranted - list of scopes granted by the user
state - state parameter returned by the authorisation server. If the state set by your application is the same as the state returned by the authorisation server, it’s safe to proceed further. If state parameters are different, someone else has initiated the request and it could be a case of request forgery.
Override the onActivityResult() method of the component used in step 1 and call the onActivityResultObtained() method if the requestCode matches to TcSdk.SHARE_PROFILE_REQUEST_CODE.
Make a network call to fetch the userInfo using access token from step 14. The response would be corresponding to the scopes granted by the user.
GET
https://oauth-account-noneu.truecaller.com/v1/userinfo
Headers
200: OK
{
“sub”: “13627101294235520", “given_name”: “xyz”, “family_name”: “xyz”, “phone_number”: “91xxxxxxxxxx", “email”: “pqr@gmail.com”, “picture”: “https://www.truecaller.com/xyz”, “gender”: “male/female”, “phone_number_country_code”: “IN”, “phone_number_verified”: true, ˇ“address”: { “locality”: “Bangalore”, “postal_code”: “5xxxxx" } }
401: Unauthorized If authentication type is not bearer token
404: Not Found Profile information is not present for the user
500: Internal Server Error Failed to validate token due to server error
401: Unauthorized Token in invalid/ expired
422: Unprocessable Entity openid scope missing in initial request
500: Internal Server Error Unexpected error at server side
Sample cURL request :
Make a network call to fetch the userInfo using access token from step 14. The response would be corresponding to the scopes granted by the user.
GET
https://oauth-account-noneu.truecaller.com/v1/userinfo
Headers
200: OK
{
“sub”: “13627101294235520", “given_name”: “xyz”, “family_name”: “xyz”, “phone_number”: “91xxxxxxxxxx", “email”: “pqr@gmail.com”, “picture”: “https://www.truecaller.com/xyz”, “gender”: “male/female”, “phone_number_country_code”: “IN”, “phone_number_verified”: true, ˇ“address”: { “locality”: “Bangalore”, “postal_code”: “5xxxxx" } }
401: Unauthorized If authentication type is not bearer token
404: Not Found Profile information is not present for the user
500: Internal Server Error Failed to validate token due to server error
401: Unauthorized Token in invalid/ expired
422: Unprocessable Entity openid scope missing in initial request
500: Internal Server Error Unexpected error at server side
Sample cURL request :
Authorization*
"Bearer <ACCESS_TOKEN>"
Insert access token from the previous step - fetching user token
Authorization*
"Bearer <ACCESS_TOKEN>"
Insert access token from the previous step - fetching user token
To complete the verification you need to create a TrueProfile instance by passing the user's first and last name as defined above.
Please note that the first name and last name values to be passed in the above method call need to follow below mentioned rules :
The strings need to contains at least 1 alphabet, and cannot be completely comprised of numbers or special characters.
String length should be less than 128 characters.
First name is a mandatory field, last name can be empty ( but non nullable ).
Once you receive a callback in your VerificationCallback instance with the callbackType TYPE_MISSED_CALL_RECEIVED
or TYPE_IM_OTP_RECEIVED
, you can complete the verification process by calling the following method from within your activity :
Please note that Truecaller SDK 3.1.0 is not by default enabled for the IM OTP flow. This new update is currently under early access. In case you want to enable it for your app, please drop in a request at developersupport@truecaller.com
Using the “state” from step 10, “code verifier” from step 12, and the “authorization code” from step 9, you need to make a network call to Truecaller’s backend so as to fetch the access token :
POST
https://oauth-account-noneu.truecaller.com/v1/token
Headers
Content-Type*
application/x-www-form-urlencoded
String
Request Body
grant_type
"authorization_code"
// hardcoded value
String
client_id
<YOUR_CLIENT_ID>
code
<USER_AUTHORISATION_CODE>
Authorisation code from TcOAuthData callback from step 9
code_verifier
<YOUR_CODE_VERIFIER>
From step 12
200: OK Success
{ "access_token": "some-access-token", "expires_in": 3600, "token_type": "Bearer" }
400: Bad Request - If grant type is not supported 403: Forbidden - If client id is invalid 500: Internal Server Error - Unexpected error on the server side 400: Bad Request - Some of the parameters are empty in the request 403: Forbidden Valid grant type but not allowed for the client 403: Forbidden Invalid auth code provided 403: Forbidden Invalid/expired auth code in provided 403: Forbidden Invalid/expired code verifier is provided 429: Too Many Requests If the number of requests exceeds the allowed limit 503: Service Unavailable Resource unavailable due to server-side issue
Sample cURL request :
Using the “state” from step 10, “code verifier” from step 12, and the “authorization code” from step 9, you need to make a network call to Truecaller’s backend so as to fetch the access token :
POST
https://oauth-account-noneu.truecaller.com/v1/token
Headers
Content-Type*
application/x-www-form-urlencoded
String
Request Body
grant_type
"authorization_code"
// hardcoded value
String
client_id
<YOUR_CLIENT_ID>
code
<USER_AUTHORISATION_CODE>
Authorisation code from TcOAuthData callback from step 9
code_verifier
<YOUR_CODE_VERIFIER>
From step 12
200: OK Success
{ "access_token": "some-access-token", "expires_in": 3600, "token_type": "Bearer" }
400: Bad Request - If grant type is not supported 403: Forbidden - If client id is invalid 500: Internal Server Error - Unexpected error on the server side 400: Bad Request - Some of the parameters are empty in the request 403: Forbidden Valid grant type but not allowed for the client 403: Forbidden Invalid auth code provided 403: Forbidden Invalid/expired auth code in provided 403: Forbidden Invalid/expired code verifier is provided 429: Too Many Requests If the number of requests exceeds the allowed limit 503: Service Unavailable Resource unavailable due to server-side issue
Sample cURL request :
This section defines the steps that can be used to trigger verification of non Truecaller app users which will be powered via Truecaller's drop call based verification flow
In order to verify both the Truecaller users (via OAuth Flow) and the non-Truecaller users (via manual verification), follow these steps :
Enable the Non Truecaller user verification capability for your app, by going to your project on the Truecaller developer portal and navigating to the bottom section.
Configure sdkOptions in the TcSdkOptions Builder and supply a value of TcSdkOptions.OPTION_VERIFY_ALL_USERS to it like below.
Configure permissions required by the SDK :
Once you receive a callback in the TcOAuthCallback#onVerificationRequired()
, you can initiate the verification for the user by calling the following method:
Here -
the first parameter is the country code of the mobile number for which the verification needs to be triggered
the second parameter (PHONE_NUMBER_STRING) is the mobile number to be verified. Please ensure proper validations are in place so as to send correct phone number string to the above method, otherwise an exception would be thrown
the third parameter is an instance of VerificationCallback as defined here
the fourth parameter is an instance of FragmentActivity
Please note that Truecaller OAuth SDK v3.0.0 currently supports the verification for non-Truecaller users for Indian numbers only
Once you initiate the verification via TcSdk.getInstance().requestVerification()
method, you will receive either a callback in your VerificationCallback
instance with a specific requestType
as described below
onRequestSuccess() method is called under any of the following scenarios -
When the OTP via Truecaller IM is successfully initiated for the input mobile number. In this case, you will get the callbackType as VerificationCallback.TYPE_IM_OTP_INITIATED
When the OTP via Truecaller IM is successfully detected on that device by the SDK present in your app. In this case, you will get the callbackType as VerificationCallback.TYPE_IM_OTP_RECEIVED
When drop call is successfully initiated for the input mobile number. In this case, you will get the callbackType as VerificationCallback.TYPE_MISSED_CALL_INITIATED
When drop call is successfully detected on that device by the SDK present in your app. In this case, you will get the callbackType as VerificationCallback.TYPE_MISSED_CALL_RECEIVED
When the verification is successful for a particular number. In this case, you will get the callbackType as VerificationCallback.TYPE_VERIFICATION_COMPLETE
When the user is already verified on that particular device before. In this case, you will get the callbackType as VerificationCallback.TYPE_PROFILE_VERIFIED_BEFORE
When callbackType is VerificationCallback.TYPE_MISSED_CALL_INITIATED
, you will receive an additional parameter for the time to live i.e TTL (in seconds) which is passed as String extra in the VerificationDataBundle
of onRequestSuccess()
.
This value determines amount of time left to complete the verification. You can use this value to show a waiting message to your user before they can try for another attempt.
Once the TTL expires, you can either auto-retry the verification by calling the requestVerification() method automatically with the same input parameters OR you can also take the user back to the number input screen to enter a different number for verification.
When the callbackType is VerificationCallback.TYPE_ALREADY_VERIFIED_BEFORE
or VerificationCallback.TYPE_VERIFICATION_COMPLETE
, it means that the user verification via Truecaller SDK is complete. In these cases, the SDK will share an additional access token with your application, which you may then use to validate the response at your server end. To fetch the access token, you may use the following code snippet :
Post fetching the access token, you may perform the server side validation by referring to the steps mentioned in the later part of the documentation here
onRequestFailure() method will be called when some error has occurred while verifying the provided mobile number. You will receive the appropriate error message from TrueException using TrueException#getExceptionMessage().For details of different possible error types you may encounter, please refer to the TrueException
To ensure the authenticity of interactions between your app and Truecaller, you need to generate a client ID from the Truecaller developer portal by following the steps below:
Go to https://sdk-console-noneu.truecaller.com/login and register your account.
Once registered, log in to your account and click on the "create project” button.
Enter the project name and select the business category from the dropdown menu. This will create a new project.
On the project screen, click the “add credential” button and select the platform as Android from the dropdown menu.
On the credential section, enter the package name and the SHA1.
Your package name corresponds to the applicationId in your app level build.gradle
file.
You can get to know the SHA1 for your different app builds by following these steps :
Open your project in android studio
Open terminal
Type command ./gradlew signingReport
Once done you should be able to see the SHA1 fingerprint of your different build configurations [ debug /release ] in the terminal window within the android studio.
Once you input your app details and create the app, you will be able to see a unique "ClientID" for your app which you need to include in your project to authorise all verification requests.
To ensure the authenticity of interactions between your app and Truecaller, you need to generate a client ID from the Truecaller developer portal by following the steps below:
Go to https://sdk-console-noneu.truecaller.com/login and register your account.
Once registered, log in to your account and click on the "create project” button.
Enter the project name and select the business category from the dropdown menu. This will create a new project.
On the project screen, click the “add credential” button and select the platform as Android from the dropdown menu.
On the credential section, enter the package name and the SHA1.
Your package name corresponds to the applicationId in your app level build.gradle
file.
You can get to know the SHA1 for your different app builds by following these steps :
Open your project in android studio
Open terminal
Type command ./gradlew signingReport
Once done you should be able to see the SHA1 fingerprint of your different build configurations [ debug /release ] in the terminal window within the android studio.
Once you input your app details and create the app, you will be able to see a unique "ClientID" for your app which you need to include in your project to authorise all verification requests.
Handling error responses for cases of verifying non-Truecaller users
Handling error responses for cases of verifying non-Truecaller users
Create a TcSdkOptions object by using the tcOAuthCallback from the previous step and provide the context. Supply the appropriate customization settings to the relevant methods of TcSdkOptions and use the instance of tcSdkOptions to initialize the TcSdk in the next step.
In case you do not wish to provide any customization settings and fall back to the default SDK settings, you may simply call -
Initialize TcSdk using the tcSdkOptions from the previous step :
Note: Truecaller OAuth SDK needs to be initialized only once in the component and the same instance can be accessed without the need to initialize it again, via TcSdk.getInstance()
Ideally, you should call the init() method when the component is getting created/initialized to avoid calling it multiple times.
Once the SDK is initialized, check whether the OAuth functionality is usable or not by calling :
If isUsable is True, you can proceed with further steps, otherwise, you’d have to fall back to some other mechanism ( your fallback verification flow ). Calling other SDK methods when isUsable is False would result in an exception, so please ensure to call this soon after initializing the SDK, and proceed to further steps only if this method returns True.
Quick guide on how to properly track and instrument funnel for the verification flow of users via Truecaller on your app
For proper tracking of the verification funnel via Truecaller SDK on your app, we recommend you to implement tracking events for the following states :
When you are using the SDK for verification of Truecaller users only:
Total users coming to your verification flow
Number of cases when the Truecaller app is present on your smartphone
Number of profile verification requests made by your app ( when TcSdk.getInstance().isOAuthFlowUsable
method is invoked )
Number of users who proceed with this flow and click Continue on the Truecaller dialog [ for these cases, you receive a success callback with TcOAuthData response in onSuccess() callback method ]
Number of cases where you received any error, where you receive an error callback with TcOAuthError response in onFailure() callback method. For details on specific error codes, please refer
When you are using the SDK for verification of non-Truecaller users also ( via drop call):
Total users coming to your verification flow.
Number of cases, when the Truecaller app is present on your smartphone and users, get verified via the Truecaller 1-tap flow (as described in the above section)
Number of verification requests made by your app for a non-Truecaller user ( when TruecallerSDK.getInstance().requestVerification()
method is invoked ).
Number of cases where the user is getting verified for the very first time on the current smartphone and you receive a success callback - onRequestSuccess() method ( Please refer ) - a.) When the callback type you receive is VerificationCallback.TYPE_MISSED_CALL_INITIATED
. This implies that a drop call has been triggered to the user's mobile number b.) When the callback type you receive is VerificationCallback.TYPE_MISSED_CALL_RECEIVED
. This implies that a drop call has been received on the user's mobile number on that smartphone c.) Further to the above step, you complete the user verification by invoking TcSdk.getInstance().verifyMissedCall(profile, verificationCallback)
When the callback type you receive is either VerificationCallback.TYPE_VERIFICATION_COMPLETE
. This implies that the verification is complete for the user d.) Number of cases where the user is already verified previously on the current smartphone and gets verified directly. In such cases, you receive the success callback - onRequestSuccess() method with callback type as VerificationCallback.TYPE_PROFILE_VERIFIED_BEFORE
.
Quick guide on how to properly track and instrument funnel for the verification flow of users via Truecaller on your app
For proper tracking of the verification funnel via Truecaller SDK on your app, we recommend you to implement tracking events for the following states :
When you are using the SDK for verification of Truecaller users only:
Total users coming to your verification flow
Number of cases when the Truecaller app is present on your smartphone
Number of profile verification requests made by your app ( when TcSdk.getInstance().isOAuthFlowUsable
method is invoked )
Number of users who proceed with this flow and click Continue on the Truecaller dialog [ for these cases, you receive a success callback with TcOAuthData response in onSuccess() callback method ]
Number of cases where you received any error, where you receive an error callback with TcOAuthError response in onFailure() callback method. For details on specific error codes, please refer
When you are using the SDK for verification of non-Truecaller users also ( via drop call):
Total users coming to your verification flow.
Number of cases, when the Truecaller app is present on your smartphone and users, get verified via the Truecaller 1-tap flow (as described in the above section)
Number of verification requests made by your app for a non-Truecaller user ( when TruecallerSDK.getInstance().requestVerification()
method is invoked ).
Number of cases where the user is getting verified for the very first time on the current smartphone and you receive a success callback - onRequestSuccess() method ( Please refer ) - a.) When the callback type you receive is VerificationCallback.TYPE_MISSED_CALL_INITIATED
. This implies that a drop call has been triggered to the user's mobile number b.) When the callback type you receive is VerificationCallback.TYPE_MISSED_CALL_RECEIVED
. This implies that a drop call has been received on the user's mobile number on that smartphone c.) Further to the above step, you complete the user verification by invoking TcSdk.getInstance().verifyMissedCall(profile, verificationCallback)
When the callback type you receive is either VerificationCallback.TYPE_VERIFICATION_COMPLETE
. This implies that the verification is complete for the user d.) Number of cases where the user is already verified previously on the current smartphone and gets verified directly. In such cases, you receive the success callback - onRequestSuccess() method with callback type as VerificationCallback.TYPE_PROFILE_VERIFIED_BEFORE
.
Common scenarios to check for in you app verification flow for non-Truecaller users
If the user does not have the Truecaller app present on their device or they chose to verify using a different number than the one already verified on Truecaller app currently, they can be taken to this flow in which we provision the verification of the user by sending missed call using our infrastructure.
User verifying via Truecaller's missed call mechanism for the very first time
Proceed to the flow where the user needs to input their mobile number. Give the necessary permissions ( as described ) and proceed with the verification. You would receive a missed call on the device which gets automatically detected by the SDK. Post this, you need to pass the user's first name and last name to the SDK to complete the verification
User already verified with the same credentials previously on the smartphone
Once a user's verification is completed successfully on a particular device, and they re-attempt to verify on the same app using the same credentials ( same smartphone, same mobile number ), Truecaller SDK is able to identify the user and we can tell you it's the same user. In this case, no additional missed call / OTP is needed to re-verify the user. The SDK will directly tell the status of the repeat user, and in this case returns the first name and last name of the user back to you in response.
Common scenarios to check for in you app verification flow for non-Truecaller users
If the user does not have the Truecaller app present on their device or they chose to verify using a different number than the one already verified on Truecaller app currently, they can be taken to this flow in which we provision the verification of the user by sending missed call using our infrastructure.
User verifying via Truecaller's missed call mechanism for the very first time
Proceed to the flow where the user needs to input their mobile number. Give the necessary permissions ( as described ) and proceed with the verification. You would receive a missed call on the device which gets automatically detected by the SDK. Post this, you need to pass the user's first name and last name to the SDK to complete the verification
User already verified with the same credentials previously on the smartphone
Once a user's verification is completed successfully on a particular device, and they re-attempt to verify on the same app using the same credentials ( same smartphone, same mobile number ), Truecaller SDK is able to identify the user and we can tell you it's the same user. In this case, no additional missed call / OTP is needed to re-verify the user. The SDK will directly tell the status of the repeat user, and in this case returns the first name and last name of the user back to you in response.
4
"Desired permissions are missing"
When the requisite permissions are missing or not granted while making the verification request
6
“Sim state is not ready”
When the SIM state on the device is not ready
7
“Airplane mode is ON”
When the device is on airplane mode, hence causing missed call to not go through
2
"Phone number limit reached”
When the used mobile number has exceeded the maximum number of allowed verification attempts within a span of 24 hours from the time the first verification attempt was made
2
“Request id limit reached”
When the used device exceeds the maximum number of allowed verification attempts in a span of 24h
2
“Invalid partner credentials.
When the partner key ( app key ) you have configured in your project is incorrect. Visit here for more info
2
“Something went wrong: Failed to create installation.”
In case of Truecaller internal service error
2
“Invalid phone number”
When the input mobile number is not a valid mobile number
2
“Profile has not been created yet”
When the user has been successfully verified, but for some reason their profile is not created which could be due to incorrect profile data while creating TrueProfile() in verifyMissedCall method or due to network issues
5
“Invalid Name”
When the string entered in the profile builder method doesn’t follow the validation checks :
{
min 1 char, max 128, at least 1 alphabet required with optional numeric and special chars,
cannot be all numeric or all special characters, but can be all alphabets
}
Refer here for more info
4
"Desired permissions are missing"
When the requisite permissions are missing or not granted while making the verification request
6
“Sim state is not ready”
When the SIM state on the device is not ready
7
“Airplane mode is ON”
When the device is on airplane mode, hence causing missed call to not go through
2
"Phone number limit reached”
When the used mobile number has exceeded the maximum number of allowed verification attempts within a span of 24 hours from the time the first verification attempt was made
2
“Request id limit reached”
When the used device exceeds the maximum number of allowed verification attempts in a span of 24h
2
“Invalid partner credentials.
When the partner key ( app key ) you have configured in your project is incorrect. Visit here for more info
2
“Something went wrong: Failed to create installation.”
In case of Truecaller internal service error
2
“Invalid phone number”
When the input mobile number is not a valid mobile number
2
“Profile has not been created yet”
When the user has been successfully verified, but for some reason their profile is not created which could be due to incorrect profile data while creating TrueProfile() in verifyMissedCall method or due to network issues
5
“Invalid Name”
When the string entered in the profile builder method doesn’t follow the validation checks :
{
min 1 char, max 128, at least 1 alphabet required with optional numeric and special chars,
cannot be all numeric or all special characters, but can be all alphabets
}
Refer here for more info
Quick guide on getting your test setup ready to test the common verification scenarios as described in previous sections
Pre-Requisites
We suggest you to keep handy at-least 2 android smartphones with active SIM connections. Ensure that both the smartphones have your test app installed (Integrated with Truecaller SDK)
2 different smartphones are required so that in case you get verified on one of the smartphones, you can use the second smartphone to check for the fresh verification scenarios.
Steps to follow for testing user scenarios :
User State
App Scenario
Steps
Existing Truecaller user
Install Truecaller on smartphone 'A'
Complete profile creation step on Truecaller app
Launch your application and initiate the Truecaller verification flow
Truecaller profile consent screen should appear
Tapping on Continue button should verify the user
Non Truecaller User
User getting verified for the first time on smartphone
Take smartphone 'A'
Uninstall Truecaller app from the smartphone
Launch your application and initiate the verification flow
User is asked for phone number in your application
On entering the phone number, call logs & phone permissions are asked ( if not already granted )
Allow the permissions to enable receiving a drop call
User is manually asked to enter name ( if it's a new user on your app )
On entering the name, SDK verifies the user
Non Truecaller User
User already verified on the smartphone and tried to re-verify
( Please ensure that you try this step only after you have performed the above step )
Take smartphone 'A'
Launch your application and logout from the app
Initiate the verification flow
User is asked for phone number in your application
On entering the phone number, call logs and phone permissions are asked ( if not already granted )
User should get verified directly without any drop call being initiated and received on the smartphone
Non Truecaller User
User already verified on the smartphone, uninstalls and re-installs the application on the device
( Please ensure that you try this step only after you have performed the 2nd step )
Take smartphone 'A'
Uninstall your application from the smartphone
Launch your application and initiate the verification flow
User is asked for phone number in your application
On entering the phone number, call logs and phone permissions are asked ( if not already granted )
User should get verified directly without any drop call being initiated and received on the smartphone
Wi-Fi or mobile internet should also be enabled on both the smartphones
Quick guide on getting your test setup ready to test the common verification scenarios as described in previous sections
Pre-Requisites
We suggest you to keep handy at-least 2 android smartphones with active SIM connections. Ensure that both the smartphones have your test app installed (Integrated with Truecaller SDK)
2 different smartphones are required so that in case you get verified on one of the smartphones, you can use the second smartphone to check for the fresh verification scenarios.
Steps to follow for testing user scenarios :
User State
App Scenario
Steps
Existing Truecaller user
Install Truecaller on smartphone 'A'
Complete profile creation step on Truecaller app
Launch your application and initiate the Truecaller verification flow
Truecaller profile consent screen should appear
Tapping on Continue button should verify the user
Non Truecaller User
User getting verified for the first time on smartphone
Take smartphone 'A'
Uninstall Truecaller app from the smartphone
Launch your application and initiate the verification flow
User is asked for phone number in your application
On entering the phone number, call logs & phone permissions are asked ( if not already granted )
Allow the permissions to enable receiving a drop call
User is manually asked to enter name ( if it's a new user on your app )
On entering the name, SDK verifies the user
Non Truecaller User
User already verified on the smartphone and tried to re-verify
( Please ensure that you try this step only after you have performed the above step )
Take smartphone 'A'
Launch your application and logout from the app
Initiate the verification flow
User is asked for phone number in your application
On entering the phone number, call logs and phone permissions are asked ( if not already granted )
User should get verified directly without any drop call being initiated and received on the smartphone
Non Truecaller User
User already verified on the smartphone, uninstalls and re-installs the application on the device
( Please ensure that you try this step only after you have performed the 2nd step )
Take smartphone 'A'
Uninstall your application from the smartphone
Launch your application and initiate the verification flow
User is asked for phone number in your application
On entering the phone number, call logs and phone permissions are asked ( if not already granted )
User should get verified directly without any drop call being initiated and received on the smartphone
Wi-Fi or mobile internet should also be enabled on both the smartphones
Once you receive a callback in your VerificationCallback instance with the callbackType TYPE_MISSED_CALL_RECEIVED
, you can complete the verification process by calling the following method from within your activity :
Copy
You need to create a TrueProfile instance by passing the user's first and last name as defined above.
Please note that the first name and last name values to be passed in the above method call need to follow below mentioned rules :
The strings need to contains at least 1 alphabet, and cannot be completely comprised of numbers or special characters.
String length should be less than 128 characters.
First name is a mandatory field, last name can be empty ( but non nullable ).
Failure/ Error responses
The "onFailure" callback method that you just implemented in the previous step helps you to handle all the possible failure cases when the user couldn't be verified successfully via the Truecaller flow.
Below are some of the possible failure scenarios and the corresponding error response that you receive for each of the cases :
"Something went wrong"
0
"Device is not supported"
16
"Truecaller user has an invalid account state"
10
"Invalid partner or partner information is missing"
12
"Conflicting request code possible in onActivityResult()"
6
"Truecaller app closed unexpectedly"
7
"Truecaller app is not installed/loggedin"
5
"User denied by pressing the footer button"
11
"User denied by dismissing consent screen"
14
"User denied while loading"
2
"Truecaller sdk is old and not compatible"
6
Please note that when you encounter any of the error scenarios and get the control in the "onFailure()" method, you should redirect the user to your alternate verification flow.
Exceptions
In case you face any of the following run time exceptions, please follow the recommended steps as mentioned below :
"No compatible client available. Please change your scope"
As the exception suggests, you are trying to call an SDK method even though no client is available to handle it. This usually happens if you have initialized the SDK using ONLY_TC_USERS scope option i.e to verify only the Truecaller users, and you are not calling isOAuthFlowUsable() method before calling an SDK method. To resolve this, call isOAuthFlowUsable() before calling any SDK method if you are using VERIFY_TC_USERS scope option.
"Please call init() on TruecallerSDK first"
This exception suggests that you are trying to call an SDK method before the SDK has been initialised. To resolve it, check for all possible user flows in your app which could lead to calling an SDK method directly before it has been initialised.
"Add client id in your manifest"
This exception suggests that you are trying to call SDK initialization/build method without having your clientID mentioned in your manifest as meta-data.
"OAuth scopes cannot be null or empty"
This exception suggests that you are trying to call SDK method - getAuthorisationCode before setting up the OAuth scopes.
"OAuth state cannot be null or empty"
This exception suggests that you are trying to call SDK method - getAuthorisationCode before setting up the OAuth state.
“Code challenge cannot be null or empty”
This exception suggests that you are trying to call SDK method - getAuthorisationCode before setting up the Code challenge.
Failure/ Error responses
The "onFailure" callback method that you just implemented in the previous step helps you to handle all the possible failure cases when the user couldn't be verified successfully via the Truecaller flow.
Below are some of the possible failure scenarios and the corresponding error response that you receive for each of the cases :
"Something went wrong"
0
"Device is not supported"
16
"Truecaller user has an invalid account state"
10
"Invalid partner or partner information is missing"
12
"Conflicting request code possible in onActivityResult()"
6
"Truecaller app closed unexpectedly"
7
"Truecaller app is not installed/loggedin"
5
"User denied by pressing the footer button"
11
"User denied by dismissing consent screen"
14
"User denied while loading"
2
"Truecaller sdk is old and not compatible"
6
Please note that when you encounter any of the error scenarios and get the control in the "onFailure()" method, you should redirect the user to your alternate verification flow.
Exceptions
In case you face any of the following run time exceptions, please follow the recommended steps as mentioned below :
"No compatible client available. Please change your scope"
As the exception suggests, you are trying to call an SDK method even though no client is available to handle it. This usually happens if you have initialized the SDK using ONLY_TC_USERS scope option i.e to verify only the Truecaller users, and you are not calling isOAuthFlowUsable() method before calling an SDK method. To resolve this, call isOAuthFlowUsable() before calling any SDK method if you are using VERIFY_TC_USERS scope option.
"Please call init() on TruecallerSDK first"
This exception suggests that you are trying to call an SDK method before the SDK has been initialised. To resolve it, check for all possible user flows in your app which could lead to calling an SDK method directly before it has been initialised.
"Add client id in your manifest"
This exception suggests that you are trying to call SDK initialization/build method without having your clientID mentioned in your manifest as meta-data.
"OAuth scopes cannot be null or empty"
This exception suggests that you are trying to call SDK method - getAuthorisationCode before setting up the OAuth scopes.
"OAuth state cannot be null or empty"
This exception suggests that you are trying to call SDK method - getAuthorisationCode before setting up the OAuth state.
“Code challenge cannot be null or empty”
This exception suggests that you are trying to call SDK method - getAuthorisationCode before setting up the Code challenge.
Common scenarios to check for in you app verification flow for existing Truecaller users
Truecaller app present and registration completed on Truecaller app
Ensure that the Truecaller app is present on your device and you have completed the profile creation step on Truecaller app. Open your app and initiate the Truecaller verification flow. The user should see the Truecaller profile dialog. Click on continue to complete the verification flow and ensure that the verification is completed.
Truecaller app present but registration not completed on Truecaller app
Ensure that the Truecaller app is present on your device but you have not completed the profile creation step on Truecaller app. Open your app and initiate the Truecaller verification flow. The user should not see the Truecaller profile dialog, and you would receive the control in onFailureProfileShared() with the specific error code.
Truecaller app not present on the device
Remove the Truecaller app from your device. Open your app and try to initiate the Truecaller verification flow. The user should not see the Truecaller profile dialog and should be taken to either your alternate verification flow or in case you are using Truecaller SDK's functionality of verifying non-Truecaller users, user should be redirected to that flow.
Network not available on device
Ensure that the Truecaller app is present on your device and you have completed the profile creation step on Truecaller app. Turn off the mobile data and WiFi on your device. Open your app and initiate the Truecaller verification flow. You would see the Truecaller profile dialog. Click on continue button on the dialog, you would receive control in onFailureProfileShared() method with a specific error code.
Client ID should be working fine ( onFailure() Error Type 12)
For complete details on this part, please refer here.
User wishes to proceed with another number OR does not want to share their Truecaller profile
Initiate the Truecaller verification flow in your app to invoke the Truecaller profile dialog. Click on system back or Use another mobile number button on the dialog to dismiss the dialog. In such a scenario, user should be taken to either your alternate verification flow or in case you are using Truecaller SDK's functionality of verifying non-Truecaller users, user should be redirected to that flow.
We also recommend that you go through the FAQ section to go through some of the commonly asked questions.
Common scenarios to check for in you app verification flow for existing Truecaller users
Truecaller app present and registration completed on Truecaller app
Ensure that the Truecaller app is present on your device and you have completed the profile creation step on Truecaller app. Open your app and initiate the Truecaller verification flow. The user should see the Truecaller profile dialog. Click on continue to complete the verification flow and ensure that the verification is completed.
Truecaller app present but registration not completed on Truecaller app
Ensure that the Truecaller app is present on your device but you have not completed the profile creation step on Truecaller app. Open your app and initiate the Truecaller verification flow. The user should not see the Truecaller profile dialog, and you would receive the control in onFailureProfileShared() with the specific error code.
Truecaller app not present on the device
Remove the Truecaller app from your device. Open your app and try to initiate the Truecaller verification flow. The user should not see the Truecaller profile dialog and should be taken to either your alternate verification flow or in case you are using Truecaller SDK's functionality of verifying non-Truecaller users, user should be redirected to that flow.
Network not available on device
Ensure that the Truecaller app is present on your device and you have completed the profile creation step on Truecaller app. Turn off the mobile data and WiFi on your device. Open your app and initiate the Truecaller verification flow. You would see the Truecaller profile dialog. Click on continue button on the dialog, you would receive control in onFailureProfileShared() method with a specific error code.
Client ID should be working fine ( onFailure() Error Type 12)
For complete details on this part, please refer here.
User wishes to proceed with another number OR does not want to share their Truecaller profile
Initiate the Truecaller verification flow in your app to invoke the Truecaller profile dialog. Click on system back or Use another mobile number button on the dialog to dismiss the dialog. In such a scenario, user should be taken to either your alternate verification flow or in case you are using Truecaller SDK's functionality of verifying non-Truecaller users, user should be redirected to that flow.
We also recommend that you go through the FAQ section to go through some of the commonly asked questions.
This section is only relevant for apps who are using the Truecaller SDK for verifying non-Truecaller user as well and seek phone permissions from the users
If you are using the functionality of verifying non Truecaller users also via the SDK, your app would need specific phone permissions as has been described in this section. If you are using the Truecaller SDK for verification of existing Truecaller users only ( 1-tap flow ), you can skip this section.
As you upload the new app build to PlayStore with user verification feature via Truecaller SDK and the requisite permissions, you might be asked to fill an app permission declaration form.
We are sharing some tips on how to appropriately justify the need for these permissions for your verification flow :
#1: In one sentence, please describe the core functionality of your app. To be defined by you as a publisher of your app
#2: What is the core functionality in your app requiring the Call Log and / or SMS permissions? Mobile number verification to onboard users on <your_app>
This is in-line with Google’s allowed usage of this permission for account verification via phone call, as stated here: https://support.google.com/googleplay/android-developer/answer/9047303 Flow: a)Enter mobile number b)Request READ_CALL_LOG permission c)Initiate drop call from 3rd party service to respective number d)Drop call hits user’s device and is rejected automatically via above permission to complete verification
#3: Do any of the following disallowed use cases apply to your app’s core functionality request for Call Log or SMS permissions? NO
#4: Do any of the following other use cases apply to your app’s core functionality request for Call Log or SMS permissions? OTP & Account verification via Phone Call (select this from the given list of options)
#5: Is your app’s use of Call Log or SMS permissions to provide functionality required by law or regulation? No
#6: Other We use drop call based verification of users’ mobile number for account creation or logging into their <your app name> accounts. Such method of mobile number verification results in better verification success rates in our key markets like India, etc.
Android guidelines for asking app permissions from user https://developer.android.com/training/permissions/requesting
This section is only relevant for apps who are using the Truecaller SDK for verifying non-Truecaller user as well and seek phone permissions from the users
If you are using the functionality of verifying non Truecaller users also via the SDK, your app would need specific phone permissions as has been described in this section. If you are using the Truecaller SDK for verification of existing Truecaller users only ( 1-tap flow ), you can skip this section.
As you upload the new app build to PlayStore with user verification feature via Truecaller SDK and the requisite permissions, you might be asked to fill an app permission declaration form.
We are sharing some tips on how to appropriately justify the need for these permissions for your verification flow :
#1: In one sentence, please describe the core functionality of your app. To be defined by you as a publisher of your app
#2: What is the core functionality in your app requiring the Call Log and / or SMS permissions? Mobile number verification to onboard users on <your_app>
This is in-line with Google’s allowed usage of this permission for account verification via phone call, as stated here: https://support.google.com/googleplay/android-developer/answer/9047303 Flow: a)Enter mobile number b)Request READ_CALL_LOG permission c)Initiate drop call from 3rd party service to respective number d)Drop call hits user’s device and is rejected automatically via above permission to complete verification
#3: Do any of the following disallowed use cases apply to your app’s core functionality request for Call Log or SMS permissions? NO
#4: Do any of the following other use cases apply to your app’s core functionality request for Call Log or SMS permissions? OTP & Account verification via Phone Call (select this from the given list of options)
#5: Is your app’s use of Call Log or SMS permissions to provide functionality required by law or regulation? No
#6: Other We use drop call based verification of users’ mobile number for account creation or logging into their <your app name> accounts. Such method of mobile number verification results in better verification success rates in our key markets like India, etc.
Android guidelines for asking app permissions from user https://developer.android.com/training/permissions/requesting
Create a TcSdkOptions object by using the tcOAuthCallback from the previous step and provide the context. Supply the appropriate customization settings to the relevant methods of TcSdkOptions and use the instance of tcSdkOptions to initialize the TcSdk in the next step.
In case you do not wish to provide any customization settings and fall back to the default SDK settings, you may simply call -
Initialize TcSdk using the tcSdkOptions from the previous step :
Note: Truecaller OAuth SDK needs to be initialized only once in the component and the same instance can be accessed without the need to initialize it again, via TcSdk.getInstance()
Ideally, you should call the init() method when the component is getting created/initialized to avoid calling it multiple times.
Once the SDK is initialized, check whether the OAuth functionality is usable or not by calling :
If isUsable is True, you can proceed with further steps, otherwise, you’d have to fall back to some other mechanism ( your fallback verification flow ). Calling other SDK methods when isUsable is False would result in an exception, so please ensure to call this soon after initializing the SDK, and proceed to further steps only if this method returns True.
Once the SDK shares the accessToken for any user verified via drop call based verification flow, you can verify the authenticity of the access token by making API call from your server to Truecaller's server. The following endpoint will return phone number and country code for the given access token.
API Endpoint:
REQUEST :
Method : GET
Header Parameters:
Parameter Name
Required
Description
Example
clientId
yes
Client ID
zHTqS70ca9d3e016946f19a65b01dRR5e56460
Request Path Parameters:
Parameter Name
Required
Description
Example
accessToken
yes
token granted for the partner for the respective user number that initiated login
"71d8367e-39f7-4de5-a3a3-2066431b9ca8"
RESPONSE:
200 OK - If access token is valid
404 Not Found - If your credentials are not valid
404 Not Found - If access token is invalid
500 Internal Error - for any other internal error
Once the SDK shares the accessToken for any user verified via drop call based verification flow, you can verify the authenticity of the access token by making API call from your server to Truecaller's server. The following endpoint will return phone number and country code for the given access token.
API Endpoint:
REQUEST :
Method : GET
Header Parameters:
Parameter Name
Required
Description
Example
clientId
yes
Client ID
zHTqS70ca9d3e016946f19a65b01dRR5e56460
Request Path Parameters:
Parameter Name
Required
Description
Example
accessToken
yes
token granted for the partner for the respective user number that initiated login
"71d8367e-39f7-4de5-a3a3-2066431b9ca8"
RESPONSE:
200 OK - If access token is valid
404 Not Found - If your credentials are not valid
404 Not Found - If access token is invalid
500 Internal Error - for any other internal error
While you start integrating Truecaller SDK, as the very first step, it is important to work on designing the right user flow, so that you can achieve desired results.
Truecaller SDK is a mobile number verification service, without the need for any OTP whatsoever.
The right way to implement Truecaller SDK in your mobile app, is to invoke mobile number verification via Truecaller at touch points, where you have your users to sign-up/ login/ checkout by verifying their mobile numbers.
Let us now see an example to understand how to effectively use Truecaller SDK at such touch points in your user journey.
When mobile apps onboard their users, there are multiple ways in which they address the onboarding process. For example, one could address it as Get Started, Join Us, Login, Sign up, etc., shown as a button to the users, clicking which leads to the mobile number based identity verification of users.
Here is such an example from NoBrokerHood - India’s leading visitor management platform:
Building for Various Touch points
a. Invoking user signup/ login/ verification via Truecaller at app onboarding Example : NoBroker - India’s leading realty app
When mobile apps onboard their users, there are multiple ways in which they address the onboarding process. For example, one could address it as Get Started, Join Us, Login, Sign up, etc., shown as a button to the users, clicking which leads to the mobile number based identity verification of users. Here is such an example from NoBroker:
b. Directly invoking verification via Truecaller Example : Vyapar - India's fastest growing Invoice & Billing app for small businesses
Vyapar has mobile number as the primary identifier for its users. So as soon as users lands on their mobile number login/ signup screen, it invokes Verification via Truecaller, and onboards it’s users within seconds in just 1-tap.
c. Performing user verification at checkout Example : Chalo - available in 25+ cities, tracks buses live and tells you what time your bus will reach your stop
Chalo allows users to browse through it’s app and check for bus ETAs, without needing to sign-up or log-in. However, when users wish to purchase the ticket or travel pass, it requires users to verify their mobile number.
Now that we have gone through and understood how to implement Verification via Truecaller, let’s get started with the SDK integration.
This section defines the steps that can be used to trigger verification of non Truecaller app users which will be powered via Truecaller's drop call based verification flow
In order to verify both the Truecaller users (via OAuth Flow) and the non-Truecaller users (via manual verification), follow these steps :
Enable the Non Truecaller user verification capability for your app, by going to your project on the Truecaller developer portal and navigating to the bottom section.
Configure sdkOptions in the TcSdkOptions Builder and supply a value of TcSdkOptions.OPTION_VERIFY_ALL_USERS to it like below.
Configure permissions required by the SDK :
Once you receive a callback in the TcOAuthCallback#onVerificationRequired()
, you can initiate the verification for the user by calling the following method:
Here -
the first parameter is the country code of the mobile number for which the verification needs to be triggered
the second parameter (PHONE_NUMBER_STRING) is the mobile number to be verified. Please ensure proper validations are in place so as to send correct phone number string to the above method, otherwise an exception would be thrown
the third parameter is an instance of VerificationCallback as defined here
the fourth parameter is an instance of FragmentActivity
Please note that Truecaller OAuth SDK v3.0.0 currently supports the verification for non-Truecaller users for Indian numbers only
Once you initiate the verification via TcSdk.getInstance().requestVerification()
method, you will receive either a callback in your VerificationCallback
instance with a specific requestType
as described below
onRequestSuccess() method is called under any of the following scenarios -
When drop call is successfully initiated for the input mobile number. In this case, you will get the callbackType as VerificationCallback.TYPE_MISSED_CALL_INITIATED
When drop call is successfully detected on that device by the SDK present in your app. In this case, you will get the callbackType as VerificationCallback.TYPE_MISSED_CALL_RECEIVED
When the verification is successful for a particular number. In this case, you will get the callbackType as VerificationCallback.TYPE_VERIFICATION_COMPLETE
When the user is already verified on that particular device before. In this case, you will get the callbackType as VerificationCallback.TYPE_PROFILE_VERIFIED_BEFORE
When callbackType is VerificationCallback.TYPE_MISSED_CALL_INITIATED
, you will receive an additional parameter for the time to live i.e TTL (in seconds) which is passed as String extra in the VerificationDataBundle
of onRequestSuccess()
.
This value determines amount of time left to complete the verification. You can use this value to show a waiting message to your user before they can try for another attempt.
Once the TTL expires, you can either auto-retry the verification by calling the requestVerification() method automatically with the same input parameters OR you can also take the user back to the number input screen to enter a different number for verification.
When the callbackType is VerificationCallback.TYPE_ALREADY_VERIFIED_BEFORE
or VerificationCallback.TYPE_VERIFICATION_COMPLETE
, it means that the user verification via Truecaller SDK is complete. In these cases, the SDK will share an additional access token with your application, which you may then use to validate the response at your server end. To fetch the access token, you may use the following code snippet :
Post fetching the access token, you may perform the server side validation by referring to the steps mentioned in the later part of the documentation here
onRequestFailure() method will be called when some error has occurred while verifying the provided mobile number. You will receive the appropriate error message from TrueException using TrueException#getExceptionMessage().For details of different possible error types you may encounter, please refer to the TrueException
6. Create a TruecallerSdkScope object by using the appropriate configurational settings and use it to initialise the TruecallerSDK in your android activity's onCreate method :
Copy
You will find complete details on the configuration options in the TruecallerSdkScope object as described above, and all the possible available values in the immediate next section of this documentation .
Please note, sdkOptions enables you to configure the verification capability of Truecaller SDK. If you want to use the SDK for verification of Truecaller users only, you should provide the scope value as TruecallerSdkScope.SDK_OPTION_WITHOUT_OTP
Truecaller SDK needs to be initialised only once and the same instance can be accessed at any place within your app, without the need to initialise it again, via TruecallerSDK.getInstance()
Initialising the SDK at more than one place can lead to undesired behaviour
Once you initialise the TruecallerSDK using the init() method, if you are using the SDK for verification of only Truecaller users ( by setting the sdkOptions scope as TruecallerSdkScope.SDK_OPTION_WITHOUT_OTP ), you can check if the Truecaller app is present on the user's device or not by using the following method
Copy
You can trigger the Truecaller profile verification dialog anywhere in your app flow by calling the following method
Copy
You can trigger the Truecaller profile verification dialog anywhere in your app flow by calling the following method
Copy
4. Open your strings.xml file. Example path: /app/src/main/res/values/strings.xml and add a new string with the name "partnerKey" and value as your "appKey"
5. Open your AndroidManifest.xml and add a meta-data element to the application element
Copy
Using the SDK with your Android Studio Project
Truecaller SDK does not require any additional app permissions if you are using the SDK for verification of only Truecaller users.
To enable verification flow for non-Truecaller users as well, the SDK needs specific android permissions to enable the drop call based background verification flow. For details, please refer
If you haven't already completed for your app, we recommend you to complete that first before proceeding with the integration and also refer to the .
7. Add the following condition in the onActivityResult method TruecallerSDK.getInstance().onActivityResultObtained( this,requestCode, resultCode, data)
Copy
Note : In case you passed Fragment in the getUserProfile() method [ point #6 ], override the onActivityResult() method in your corresponding Fragment
8. In your selected Activity/Fragment, either make the component implement ITrueCallback or create an instance of it :
Copy
onSuccessProfileShared() method will be called in either of the following two scenarios : a.) When the user has agreed to share his profile information with your app by clicking on the "Continue" button on the Truecaller dialog b.) When a non Truecaller user is already verified previously on the same device. This would only happen when the TruecallerSdkScope#SDK_OPTION_WITH_OTP
is selected while initialising the SDK to provision for the verification of non-Truecaller users also.
Write all the relevant logic in the above callback methods to handle the scenarios appropriately.
Truecaller SDK enables you to verify your user's mobile number in a seamless way. For users who have Truecaller app present on their smartphones and are already registered Truecaller users, they get verified in a 1-tap flow (supported globally), without the need of any manual input. For users who don't have Truecaller app present on their smartphones, the SDK enables user verification by means of drop call, which is triggered to the user's number in background to complete the verification flow (currently supported only for India).
To understand various possible user scenarios in the user's verification flow, let's try to take example of NoBrokerHood, India's leading realty app. NoBrokerHood is using Truecaller SDK for verifying numbers of all their users.
Scenario 1
a) New user on NoBrokerHood app, and
b) Truecaller app present on user's smartphone.
Scenario 2
a) Existing user on NoBrokerHood app, and
b) Truecaller app present on smartphone.
Scenario 3
a) New user on NoBrokerHood app, and
b) Truecaller app NOT present on smartphone, and user's mobile number NOT already verified on smartphone.
Scenario 4
a) Existing user on NoBrokerHood app, and
b) Truecaller app NOT present on smartphone and user's mobile number NOT verified on smartphone.
Scenario 5
a) Existing user on NoBrokerHood app, and
b) Truecaller app NOT present on smartphone and user's mobile number ALREADY verified on smartphone.
Truecaller SDK provides you with capabilities to configure the following :
If you are already using Truecaller SDK with pop-up variant of the verification screen, you can upgrade to the bottom sheet layout by simply making changes to the configuration options in your TruecallerSdkScope object. Refer to the below section for details on all the customisation capabilities and the possible values you may set.
Contextual text prefix [ .loginTextPrefix() ] To provide appropriate context of verification to the Truecaller user, use one of the below mentioned TruecallerSdkScope values to show the corresponding message to the user.
Contextual text suffix [ .loginTextSuffix() ] To provide appropriate context of verification to the Truecaller user and set the suffix string
Button text options [ .ctaTextPrefix() ] To set the prefix on the CTA button
Button shape [ .buttonShapeOptions() ] To chose the shape of the CTA button
Footer CTA text [ .footerType() ] To configure the text of the additional footer CTA present at the bottom
Privacy policy text [ .privacyPolicyUrl() ] To add your privacy policy link on the verification screen ( optional ), you can configure the respective hyperlink as mentioned below
Copy
Terms of service text [ .termsOfServiceUrl() ] To add your terms of service link on the verification screen ( optional ), you can configure the respective hyperlink as mentioned below
Copy
Language To customise the profile dialog in any of the supported Indian languages To do so, add the following lines before calling the "getUserProfile()" method as mentioned in the previous step
Copy
Currently supported languages :
NOTE : In case the input locale is not supported, the profile will by default be shown in English language.
Here, sdkCallback is an interface that you need to define in your app where you would get the success or failure callbacks. You will find details about the implementation in this .
If you want to use the SDK for verification of Truecaller users as well as non-Truecaller users powered by Truecaller's drop call / OTP ( for implementation details, refer section ), you should provide the scope value as TruecallerSdkScope.SDK_OPTION_WITH_OTP
In case isUsable() method returns false, implying that Truecaller app is not present on the device, you can take the user to your app screen and continue with the OR choose to use your own verification flow [ Refer image below ].
onFailureProfileShared() method will be called when some error occurs or if an invalid request for verification is made. You'll get the respective error code as per the details mentioned .
onVerificationRequired() method will only be called whenTruecallerSdkScope#SDK_OPTION_WITH_OTP
is selected. This will be called when the user is not a Truecaller app user. Also, you'll get a only when TC app is installed and user is logged in. For other cases, it would be null. This optional TrueError can be used to determine the user action that led to initiating manual verification. So using this TrueError, you can get to whether the user pressed on the footer CTA on the verification screen OR the system back button.
Text to use
TruecallerSdkScope value
To get started
TruecallerSdkScope.LOGIN_TEXT_PREFIX_TO_GET_STARTED
To continue
TruecallerSdkScope.LOGIN_TEXT_PREFIX_TO_CONTINUE
To place order
TruecallerSdkScope.LOGIN_TEXT_PREFIX_TO_PLACE_ORDER
To complete your order
TruecallerSdkScope.LOGIN_TEXT_PREFIX_TO_COMPLETE_YOUR_PURCHASE
To checkout
TruecallerSdkScope.LOGIN_TEXT_PREFIX_TO_CHECKOUT
To complete your booking
TruecallerSdkScope.LOGIN_TEXT_PREFIX_TO_COMPLETE_YOUR_BOOKING
To proceed with your booking
TruecallerSdkScope.LOGIN_TEXT_PREFIX_TO_PROCEED_WITH_YOUR_BOOKING
To continue with your booking
TruecallerSdkScope.LOGIN_TEXT_PREFIX_TO_CONTINUE_WITH_YOUR_BOOKING
To get details
TruecallerSdkScope.LOGIN_TEXT_PREFIX_TO_GET_DETAILS
To view more
TruecallerSdkScope.LOGIN_TEXT_PREFIX_TO_VIEW_MORE
To continue reading
TruecallerSdkScope.LOGIN_TEXT_PREFIX_TO_CONTINUE_READING
To proceed
TruecallerSdkScope.LOGIN_TEXT_PREFIX_TO_PROCEED
For new updates
TruecallerSdkScope.LOGIN_TEXT_PREFIX_FOR_NEW_UPDATES
To get updates
TruecallerSdkScope.LOGIN_TEXT_PREFIX_TO_GET_UPDATES
To subscribe
TruecallerSdkScope.LOGIN_TEXT_PREFIX_TO_SUBSCRIBE
To subscribe and get updates
TruecallerSdkScope.LOGIN_TEXT_PREFIX_TO_SUBSCRIBE_AND_GET_UPDATES
Suffix string
TruecallerSdkScope value
please login
TruecallerSdkScope.LOGIN_TEXT_SUFFIX_PLEASE_LOGIN
please signup
TruecallerSdkScope.LOGIN_TEXT_SUFFIX_PLEASE_SIGNUP
please login/ signup
TruecallerSdkScope.LOGIN_TEXT_SUFFIX_PLEASE_LOGIN_SIGNUP
please register
TruecallerSdkScope.LOGIN_TEXT_SUFFIX_PLEASE_REGISTER
please sign in
TruecallerSdkScope.LOGIN_TEXT_SUFFIX_PLEASE_SIGN_IN
please verify mobile number
TruecallerSdkScope.LOGIN_TEXT_SUFFIX_PLEASE_VERIFY_MOBILE_NO
Button text to use
TruecallerSdkScope value
Use
TruecallerSdkScope.CTA_TEXT_PREFIX_USE
Continue with
TruecallerSdkScope.CTA_TEXT_PREFIX_CONTINUE_WITH
Proceed with
TruecallerSdkScope.CTA_TEXT_PREFIX_PROCEED_WITH
Button shape
TruecallerSdkScope value
Round
TruecallerSdkScope.BUTTON_SHAPE_ROUNDED
Rectangle
TruecallerSdkScope.BUTTON_SHAPE_RECTANGLE
Footer CTA string
TruecallerSdkScope value
Use another number
TruecallerSdkScope.FOOTER_TYPE_CONTINUE
Use another method
TruecallerSdkScope.FOOTER_TYPE_ANOTHER_METHOD
Enter details manually
TruecallerSdkScope.FOOTER_TYPE_MANUALLY
Later
TruecallerSdkScope.FOOTER_TYPE_LATER
Language
locale value to use
english
en
hindi
hi
marathi
mr
telugu
te
malayalam
ml
urdu
ur
punjabi
pa
tamil
ta
bengali
bn
kannada
kn
swahili
sw
arabic
ar
In order to clear the resources taken up by SDK, you can use the method TruecallerSDK.clear();
You can call this method when the activity/fragment in which you have initialised the SDK is getting killed/destroyed.
For example :
Copy
Once you receive a callback in your VerificationCallback
instance with the requestCode TYPE_MISSED_CALL_RECEIVED
or TYPE_OTP_RECEIVED , you can complete the verification process by calling the following method from within your activity :
Copy
You need to create a TrueProfile instance by passing the user's first and last name as defined above.
Please note that the first name and last name values to be passed in the above method call need to follow below mentioned rules :
The strings need to contains at least 1 alphabet, and cannot be completely comprised of numbers or special characters
String length should be less than 128 characters
First name is a mandatory field, last name can be empty ( but non nullable )
Depending on whether the verification medium is drop call or OTP, you need to call one of the following methods respectively:
DropcallOTPCopy
You need to call this method once you have received callback with requestCode as TYPE_MISSED_CALL_RECEIVED
in your VerificationCallback
instance
After you call the above method, you will receive a callback in your VerificationCallback
instance with requestCode as TYPE_VERIFICATION_COMPLETE,
which completes your verification process.
Whenever you get the verification callback with requestType as TYPE_VERIFICATION_COMPLETE,
you would get an accessToken as a parameter in the verificationDataBundle. You can use this access token to validate the authenticity of the verification flow by making an API call from your server to Truecaller's server. For details on this part, please refer here.
Advanced steps for validating the request-response correlation:
Every request sent via a Truecaller app that supports Truecaller SDK has a unique identifier. This identifier is bundled into the response for assuring a correlation between a request and a response. If you want you can check this correlation yourself by:
1. You can use your own custom request identifier via the TrueClient with TruecallerSDK.getInstance().setRequestNonce(customHash);
Note : The customHash must be a base64 URL safe string with a minimum character length of 8 and maximum of 64 characters
2. In ITrueCallback.onSuccesProfileShared(TrueProfile)
verify that the previously generated identifier matches the one in TrueProfile.requestNonce.
IMPORTANT: Truecaller SDK already verifies the request-response correlation before forwarding it to the your app.
This section defines the steps that can be used to trigger verification of non Truecaller app users which will be powered via Truecaller's drop call based verification flow
In order to verify non Truecaller users, the SDK requires the below mentioned permissions -
Copy
Once you receive a callback in the ITrueCallback#onVerificationRequired(),
you can initiate the verification for the user by calling the following method:
Copy
Here -
the first parameter is the country code of the mobile number for which the verification needs to be triggered
the second parameter (PHONE_NUMBER_STRING) is the mobile number to be verified. Please ensure proper validations are in place so as to send correct phone number string to the above method, otherwise an exception would be thrown
the third parameter is an instance of VerificationCallback
as defined here
the fourth parameter is an instance of FragmentActivity
Please note that Truecaller SDK v2.8.0 currently supports the verification for non-Truecaller users for Indian numbers only.
Once you initiate the verification via TruecallerSDK.getInstance().requestVerification()
method, you will receive either a callback in your VerificationCallback
instance with a specificrequestType
as described below
Copy
onRequestSuccess() method is called under any of the following scenarios -
When drop call is successfully initiated for the input mobile number. In this case, you will get the requestCode as VerificationCallback.TYPE_MISSED_CALL_INITIATED
When drop call is successfully detected on that device by the SDK present in your app. In this case, you will get the requestCode as VerificationCallback.TYPE_MISSED_CALL_RECEIVED
When the verification is successful for a particular number. In this case, you will get the requestCode as VerificationCallback.TYPE_VERIFICATION_COMPLETE
When the user is already verified on that particular device before. In this case, you will get the requestCode as VerificationCallback.TYPE_PROFILE_VERIFIED_BEFORE
When requestCode is VerificationCallback.TYPE_MISSED_CALL_INITIATED
, you will receive an additional parameter for the time to live i.e TTL (in seconds) which is passed as String extra in the VerificationDataBundle
of onRequestSuccess()
. This value determines amount of time left to complete the verification. You can use this value to show a waiting message to your user before they can try for another attempt. Once the TTL expires, you can either auto-retry the verification by calling the requestVerification() method automatically with the same input parameters OR you can also take the user back to the number input screen to enter a different number for verification.
NOTE: Truecaller SDK v2.5.0 & above won't throw timeout exceptions for missed call, so please use the TTL as stated above to control the time out scenario.
When the requestCode is VerificationCallback.TYPE_ALREADY_VERIFIED_BEFORE or VerificationCallback.TYPE_VERIFICATION_COMPLETE, it means that the user verification via Truecaller SDK is complete. In these cases, the SDK will share an additional access token with your application, which you may then use to validate the response at your server end. To fetch the access token, you may use the following code snippet :
//For when the control goes to TYPE_ALREADY_VERIFIED_BEFORE extras.getProfile().accessToken
//For when the control goes to TYPE_VERIFICATION_COMPLETE extras.getString(VerificationDataBundle.KEY_ACCESS_TOKEN)
Post fetching the access token, you may perform the server side validation by referring to the steps mentioned in the later part of the documentation here.
onRequestFailure() method will be called when some error has occurred while verifying the provided mobile number. You will receive the appropriate error message from TrueException using TrueException#getExceptionMessage().
For details of different possible error types you may encounter, please refer to the next section.
Failure/ Error responses
The "onFailureProfileShared" callback method that you just implemented in the previous step helps you to handle all the possible failure cases when the user couldn't be verified successfully via the Truecaller flow.
Below are some of the possible failure scenarios and the corresponding error response that you receive for each of the cases :
Error Code
What it means
1
Network Failure
2
User pressed back
3
Incorrect Partner Key
4 & 10
User not Verified on Truecaller*
5
Truecaller App Internal Error
13
User pressed back while verification in process
14
User pressed footer CTA (" USE ANOTHER NUMBER")
15
To handle ActivityNotFound Exception, in case Truecaller app fails to initiate
*Error Type 4 and Error Type 10 could arise in different conditions depending on whether the user has not registered on Truecaller app on their smartphone or if the user has deactivated their Truecaller profile at any point of time from the app.
Apart from the above mentioned error cases, there are few other error scenarios that you may encounter under rare circumstances. For complete and exhaustive list of all the error cases, you can refer to TrueError.class within the SDK.
Please note that when you encounter any of the error scenarios and get the control in the "onFailureProfileShared()" method, you should redirect the user to your alternate verification flow.
Exceptions
In case you face any of the following run time exceptions, please follow the recommended steps as mentioned below :
"No compatible client available. Please change your scope"
As the exception suggests, you are trying to call an SDK method even though no client is available to handle it. This usually happens if you have initialised the SDK using WITHOUT_OTP scope option i.e to verify only the Truecaller users, and you are not calling isUsable()
method before calling an SDK method. To resolve this, call isUsable()
before calling any SDK method if you are using WITHOUT_OTP scope option
"Please call init() on TruecallerSDK first"
This exception suggests that you are trying to call an SDK method before the SDK has been initialised. To resolve it, check for all possible user flows in your app which could lead to calling an SDK method directly before it has been initialised.
Recommended Steps for validating the authenticity of SDK response at your server side:
Truecaller SDK already verifies the authenticity of the response before forwarding it to your app. However, if you wish to additionally check the authenticity of the response at your end, you can do so.
In the response for TrueProfile we return -
Payload, which is a Base64 encoding of the json object containing all profile info
Signature, which contains the payload's signature . Signature is generated by applying signing algorithm with our private key
Signature Algorithm in the response header
To verify the payload, our public key for a given algorithm can be fetched using this API: https://api4.truecaller.com/v1/key.
Using the payload, the signature and the public key, you can verify that the content sent is authentic through the following flow:
a. Apply verification, which means apply our public key to the signature (with given algorithm) and comparing result with payload
b. If verified, you would know that response comes from Truecaller's backend and is authentic. The profile can then be used as base64 decoding of the payload.
For details on the verification flow and sample code snippets in different programming languages, please refer this link
In order to add another layer of security, you can also put a check to identify if the payload that is passed on to your server was initially generated for your app (package name) itself. The payload that you receive in the success response has a field with a key as “verifier”. Here, you need to generate HMAC SHA256 of your package name, using your appKey (partner key) as a secret. (The appKey mentioned here is the one that you generate from our developer portal). The output that you get from above should match the verifier value received in the payload. In case it doesn't, which means that the payload that was generated was tampered.
Common scenarios to check for in you app verification flow for non-Truecaller users
If the user does not have the Truecaller app present on their device or they chose to verify using a different number than the one already verified on Truecaller app currently, they can be taken to this flow in which we provision the verification of the user by sending missed call using our infrastructure.
User verifying via Truecaller's missed call mechanism for the very first time
Proceed to the flow where the user needs to input their mobile number. Give the necessary permissions ( as described here ) and proceed with the verification. You would receive a missed call on the device which gets automatically detected by the SDK. Post this, you need to pass the user's first name and last name to the SDK to complete the verification
User verifying via OTP mechanism ( if users deny phone permissions, as described here )
In case the user denies the needed permission in the above step, the means of verification would fallback to SMS based OTP instead of missed call. In that case, you can chose to implement your own fallback OTP infrastructure or opt for Truecaller's fallback SMS based OTP infrastructure. If you have opted for your own SMS infrastructure, you can chose to proceed as per your own flow. In case you have opted for Truecaller's SMS based OTP infrastructure, when you request for a verification for the user's number, Truecaller sends an SMS to the user containing the OTP. Once the OTP is keyed in by the user or automatically read ( using the SDKs SMS retriever functionality ), you need to pass the user's first name and last name along with the OTP to the Truecaller SDK method to complete the verification flow.
User already verified with the same credentials previously on the smartphone
Once a user's verification is completed successfully on a particular device, and they re-attempt to verify on the same app using the same credentials ( same smartphone, same mobile number ), Truecaller SDK is able to identify the user and we can tell you it's the same user. In this case, no additional missed call / OTP is needed to re-verify the user. The SDK will directly tell the status of the repeat user, and in this case returns the first name and last name of the user back to you in response.
Quick guide on how to properly track and instrument funnel for the verification flow of users via Truecaller on your app:
For proper tracking of the verification funnel via Truecaller SDK on your app, we recommend you to implement tracking events for the following states :
When you are using the SDK for verification of Truecaller users only ( 1-tap Verification without OTP ) :
Total users coming to your verification flow
Number of cases when the Truecaller app is present on your smartphone
Number of profile verification requests made by your app ( when TruecallerSDK.getInstance().getUserProfile() method is invoked )
Number of users who proceed with this flow and click Continue on the Truecaller dialog [ for these cases, you receive a success callback with TrueProfile response in onSuccessProfileShared() callback method ]
Number of cases where you received any error, where you receive an error callback with TrueError response in onFailureProfileShared() callback method. For details on specific error codes, please refer here.
When you are using the SDK for verification of non-Truecaller users also ( via drop call / fallback OTP ) :
Total users coming to your verification flow
Number of cases when the Truecaller app is present on your smartphone and users get verified via the Truecaller 1-tap flow ( as described in the above section )
Number of verification requests made by your app for a non-Truecaller user ( when TruecallerSDK.getInstance().requestVerification() method is invoked )
Number of cases where the user is getting verified for the very first time on the current smartphone and you receive a success callback - onRequestSuccess() method ( Please refer here ) -
When the callback type you receive is either VerificationCallback.TYPE_MISSED_CALL_INITIATED or VerificationCallback.TYPE_OTP_INITIATED. This implies that a drop call / SMS has been triggered to the user's mobile number.
When the callback type you receive is either VerificationCallback.TYPE_MISSED_CALL_RECEIVED or VerificationCallback.TYPE_OTP_RECEIVED. This implies that a drop call / SMS has been received on the user's mobile number on that smartphone. Please note that for getting the TYPE_OTP_RECEIVED callback, your app needs to have the Google SMS retriever hash code configured on Truecaller's developer portal ( while creating your partner key ) so that the SDK can auto read the incoming SMS and share the OTP with you in this particular callback method.
Further to the above step, when you complete the user verification by invoking either TruecallerSDK.getInstance().verifyOtp() or TruecallerSDK.getInstance().verifyMissedCall() corresponding to the verification medium being used
When the callback type you receive is either VerificationCallback.TYPE_VERIFICATION_COMPLETE. This implies that the verification in complete for the user
Number of cases where the user is already verified previously on the current smartphone and gets verified directly. In such cases, you receive the success callback - onRequestSuccess() method with callback type as VerificationCallback.TYPE_PROFILE_VERIFIED_BEFORE
Common scenarios to check for in you app verification flow for existing Truecaller users:
Truecaller app present and registration completed on Truecaller app
Ensure that the Truecaller app is present on your device and you have completed the profile creation step on Truecaller app. Open your app and initiate the Truecaller verification flow. The user should see the Truecaller profile dialog. Click on continue to complete the verification flow and ensure that the verification is completed.
Truecaller app present but registration not completed on Truecaller app
Ensure that the Truecaller app is present on your device but you have not completed the profile creation step on Truecaller app. Open your app and initiate the Truecaller verification flow. The user should not see the Truecaller profile dialog, and you would receive the control in onFailureProfileShared() with the specific error code.
Truecaller app not present on the device
Remove the Truecaller app from your device. Open your app and try to initiate the Truecaller verification flow. The user should not see the Truecaller profile dialog and should be taken to either your alternate verification flow or in case you are using Truecaller SDK's functionality of verifying non-Truecaller users, user should be redirected to that flow.
Network not available on device
Ensure that the Truecaller app is present on your device and you have completed the profile creation step on Truecaller app. Turn off the mobile data and WiFi on your device. Open your app and initiate the Truecaller verification flow. You would see the Truecaller profile dialog. Click on continue button on the dialog, you would receive control in onFailureProfileShared() method with a specific error code.
Partner key should be working fine ( onFailureProfileShared() Error Type 3 )
For complete details on this part, please refer here
User wishes to proceed with another number OR does not want to share their Truecaller profile
Initiate the Truecaller verification flow in your app to invoke the Truecaller profile dialog. Click on system back or Use another mobile number button on the dialog to dismiss the dialog. In such a scenario, user should be taken to either your alternate verification flow or in case you are using Truecaller SDK's functionality of verifying non-Truecaller users, user should be redirected to that flow.
We also recommend that you go through the FAQ section to go through some of the commonly asked questions
Once the SDK shares the accessToken for any user verified via drop call / OTP based verificaiton flow, you can verify the authenticity of the access token by making API call from your server to Truecaller's server. The following endpoint will return phone number and country code for the given access token.
API Endpoint:
Copy
REQUEST :
Method : GET
Header Parameters:
Parameter Name
Required
Description
Example
appKey
yes
App Key ( Partner Key )
zHTqS70ca9d3e988946f19a65a01dRR5e56460
Request Path Parameters:
Parameter Name
Required
Description
Example
accessToken
yes
token granted for the partner for the respective user number that initiated login
"71d8367e-39f7-4de5-a3a3-2066431b9ca8"
RESPONSE:
200 OK - If access token is valid
Copy
404 Not Found - If your credentials are not valid
Copy
404 Not Found - If access token is invalid
Copy
500 Internal Error - for any other internal error
Copy
To ensure the authenticity of interactions between your app and Truecaller, you need to generate an app key [ partner key ] from Truecaller developer account by adding your app name, package name and app SHA-1.
To generate a new app key for your Android app, go to the 'MANAGE APPS' section on the developer account dashboard and click on 'CREATE APP'. Select 'Android' in the App type and continue to enter your app details.
You package name corresponds to the applicationId in your app level build.gradle file.
You can get to know the SHA1 for your different app builds by following these steps :
Open your project in android studio
Click on gradle menu on the right side and expand it
Click on android and then signing report
You should be able to see the SHA1 fingerprint of your different build configurations [ debug /release ] in the terminal window within android studio.
Once you input your app details and create the app, you will be able to see a unique "appKey" for your app which you need to include in your project to authorise all verification requests.
Different app builds ( debug / release ) have different SHA1 fingerprints and hence would have different & unique app keys, as a single app key corresponds to a particular combination of package name and SHA1. You need to manage your debug / release builds by creating separate keys.
Handling error responses for cases of verifying non-Truecaller users
4
"Desired permissions are missing"
When the requisite permissions are missing or not granted while making the verification request
6
“Sim state is not ready”
When the SIM state on the device is not ready
7
“Airplane mode is ON”
When the device is on airplane mode, hence causing missed call to not go through
2
"Phone number limit reached”
When the used mobile number has exceeded the maximum number of allowed verification attempts within a span of 24 hours from the time the first verification attempt was made
2
“Request id limit reached”
When the used device exceeds the maximum number of allowed verification attempts in a span of 24h
2
“Invalid partner credentials.”
When the partner key ( app key ) you have configured in your project is incorrect. Visit or basis the build in which you are facing the issue on
2
“Something went wrong: Failed to create installation.”
In case of Truecaller internal service error
2
“Invalid phone number”
When the input mobile number is not a valid mobile number
2
“Profile has not been created yet”
When the user has been successfully verified, but for some reason their profile is not created which could be due to incorrect profile data while creating TrueProfile() in verifyMissedCall method or due to network issues
Changelog for Truecaller android SDK versions 2.8.0 and below :
2.8.0
New errors codes introduced in TrueException for "simState", "airplaneMode" and "permissions". Details here
Developers need to take care of the required permissions requesting logic at their own end since SDK won't be making permissions any longer from this version onwards
Default verification medium would be Drop Call for all verification attempts made
Developers can set a request nonce to the non-tc flow using the existing SDK method - TruecallerSDK.getInstance().setRequestNonce("SOME_REQUEST_NONCE"). The partners will receive this request nonce from the callback interface for different callback types :
TYPE_MISSED_CALL_INITIATED, TYPE_VERIFICATION_COMPLETE - Can be received from VerificationDataBundle as
bundle?.getString(VerificationDataBundle.KEY_REQUEST_NONCE)
2. TYPE_PROFILE_VERIFIED_BEFORE - Can be received from VerificationDataBundle as
bundle?.profile?.requestNonce
2.7.0
Minimum supported version updated to 5.1 Android version
Minimum kotlin version supported 1.6.10
Removed all the sensitive checks colliding with google play’s data privacy policies
Project moved to MavenCentral
2.6.0
To handle requestCode collision new check on the client side onActivityResult method is introduced.
Handled request code collision in SDK
Fix SDK Android 11 compatibility
Added business profile indicator
2.5.0
Provided new SDK clear() method on client side
Fixed memory leaks.
Handle ActivityNotFoundException by providing a try-catch block and throwing a new TrueError code with Type = 15.
2.4.0
Passing TrueError in onVerificationRequired() method of the SDK
Exposed verification TTL to verification callback on client side
Fixing default values for CTA color/text color
Ellipsize text input fields in SDK
2.3.0
Updated proguard rule
Fixed phone number caching in non Truecaller user verification flow
Minor bug fixes
2.2.0
Added support for Arabic and Assamese
2.1.0
Ability to set Dark/Light theme from SDK introduced.
3.1.0
Added support for IM-OTP as a mode of verification in the non-tc flow with auto-read functionality. (This functionality is under EAP currently)
Updated AGP to 8.3
Minor bug fixes
3.0.0
The first public version of Truecaller OAuth SDK
In case you are using the app signing feature of google play store, when you upload your release build to the google play store, it assigns a new SHA1 fingerprint to your app - which might lead to UNAUTHORISED_PARTNER_KEY error for your app, since the appKey used by you in your app config was generated for a different SHA1, and hence won't work for the new SHA1.
In this scenario, you need to go to the "app integrity section" of the Google play console, where you would see 2 SHA1 keys (a) Upload Certificate SHA1 and (b) App Signing Certificate SHA1.
You need to note down the "App Signing Certificate SHA1" from the console, and generate a new Truecaller partner key ( app key ) for your play store build. Configure this key for your play store build in your project, and upload the build on play store for your users.
Quick guide on getting your test setup ready to test the common verification scenarios as described in previous sections:
Pre-Requisites
We suggest you to keep handy at-least 2 android smartphones with active SIM connections. Ensure that both the smartphones have your test app installed (Integrated with Truecaller SDK)
2 different smartphones are required so that in case you get verified on one of the smartphones, you can use the second smartphone to check for the fresh verification scenarios.
Wi-Fi or mobile internet should also be enabled on both the smartphones
Steps to follow for testing user scenarios :
User State
App Scenario
Steps
Existing Truecaller user
Install Truecaller on smartphone 'A'
Complete profile creation step on Truecaller app
Launch your application and initiate the Truecaller verification flow
Truecaller profile consent screen should appear
Tapping on Continue button should verify the user
Non Truecaller User
User getting verified for the first time on smartphone
Take smartphone 'A'
Uninstall Truecaller app from the smartphone
Launch your application and initiate the verification flow
User is asked for phone number in your application
On entering the phone number, call logs & phone permissions are asked ( if not already granted )
Allow the permissions to enable receiving a drop call
User is manually asked to enter name ( if it's a new user on your app )
On entering the name, SDK verifies the user
Non Truecaller User
User already verified on the smartphone and tried to re-verify
( Please ensure that you try this step only after you have performed the above step )
Take smartphone 'A'
Launch your application and logout from the app
Initiate the verification flow
User is asked for phone number in your application
On entering the phone number, call logs and phone permissions are asked ( if not already granted )
User should get verified directly without any drop call being initiated and received on the smartphone
Non Truecaller User
User already verified on the smartphone, uninstalls and re-installs the application on the device
( Please ensure that you try this step only after you have performed the 2nd step )
Take smartphone 'A'
Uninstall your application from the smartphone
Launch your application and initiate the verification flow
User is asked for phone number in your application
On entering the phone number, call logs and phone permissions are asked ( if not already granted )
User should get verified directly without any drop call being initiated and received on the smartphone
Truecaller SDK versions lower than v2.7.0 use device ID and SIM serial identifiers for the non-Truecaller user verification flow ( drop call based verification ). With the v2.7.0 release, we have removed dependency on these attributes. As per the recent Google play store app policy changes, apps shouldn’t use these identifiers in conjunction with the phone number. Google Play sends your app a warning in case your app ( including any integrated 3rd party libraries ) is using these identifiers.
If you are using Truecaller SDK version less than v2.7.0, we recommend you to update the same to 2.70 and above. Once you upgrade the SDK version, the above mentioned issue around play store publishing would be resolved.
The latest SDK version is completely in line to google play’s new data privacy policies and hence has been listed on the google play SDK index as well. Only policy compliant SDKs are listed on the SDK index.
Note : For the primary 1-tap flow to function via the Truecaller SDK, users need to have the Truecaller app installed and logged in on their devices. As the Truecaller app is supported only for android API level 22 (Android 5.1) and above, the SDK has also been upgraded to support the same.
For you to upgrade to the latest SDK version, you may refer to the change log here.
In order to clear the resources taken up by the SDK, you may use the following method
TcSdk.clear()
Ideally, you should call this method when the component in which you initialized the SDK is getting killed/destroyed.
For instance, if you have initialized the SDK in the onCreate() method of the activity lifecycle, then you need to call clear it in the onDestroy() method of the activity lifecycle.
In order to clear the resources taken up by the SDK, you may use the following method
TcSdk.clear()
Ideally, you should call this method when the component in which you initialized the SDK is getting killed/destroyed.
For instance, if you have initialized the SDK in the onCreate() method of the activity lifecycle, then you need to call clear it in the onDestroy() method of the activity lifecycle.
Truecaller SDK provides you with capabilities to configure the following:
Refer to the below section for details on all the customization capabilities and the possible values you may set:
Contextual header [ .heading() ]
To provide the appropriate context of verification to the Truecaller user, use one of the below mentioned TruecallerSdkScope values to show the corresponding message to the user
Log in to
TcSdkOptions.SDK_CONSENT_HEADING_LOG_IN_TO
Sign up with
TcSdkOptions.SDK_CONSENT_HEADING_SIGNUP_WITH
Sign in to
TcSdkOptions.SDK_CONSENT_HEADING_SIGN_IN_TO
Verify number with
TcSdkOptions.SDK_CONSENT_HEADING_VERIFY_NUMBER_WITH
Register with
TcSdkOptions.SDK_CONSENT_HEADING_REGISTER_WITH
Get started with
TcSdkOptions.SDK_CONSENT_HEADING_GET_STARTED_WITH
Proceed with
TcSdkOptions.SDK_CONSENT_HEADING_PROCEED_WITH
Verify with
TcSdkOptions.SDK_CONSENT_HEADING_VERIFY_WITH
Verify profile with
TcSdkOptions.SDK_CONSENT_HEADING_VERIFY_PROFILE_WITH
Verify your profile with
TcSdkOptions.SDK_CONSENT_HEADING_VERIFY_YOUR_PROFILE_WITH
Verify your phone number with
TcSdkOptions.SDK_CONSENT_HEADING_VERIFY_PHONE_NO_WITH
Verify your number with
TcSdkOptions.SDK_CONSENT_HEADING_VERIFY_YOUR_NO_WITH
Continue with
TcSdkOptions.SDK_CONSENT_HEADING_CONTINUE_WITH
Complete order with
TcSdkOptions.SDK_CONSENT_HEADING_COMPLETE_ORDER_WITH
Place order with
TcSdkOptions.SDK_CONSENT_HEADING_PLACE_ORDER_WITH
Complete booking with
TcSdkOptions.SDK_CONSENT_HEADING_COMPLETE_BOOKING_WITH
Checkout with
TcSdkOptions.SDK_CONSENT_HEADING_CHECKOUT_WITH
Manage Details with
TcSdkOptions.SDK_CONSENT_HEADING_MANAGE_DETAILS_WITH
Manage your details with
TcSdkOptions.SDK_CONSENT_HEADING_MANAGE_YOUR_DETAILS_WITH
Login to <<APP_NAME>> with one tap
TcSdkOptions.SDK_CONSENT_HEADING_LOGIN_TO_WITH_ONE_TAP
Subscribe to
TcSdkOptions.SDK_CONSENT_HEADING_SUBSCRIBE_TO
Get updates from
TcSdkOptions.SDK_CONSENT_HEADING_GET_UPDATES_FROM
Continue reading on
TcSdkOptions.SDK_CONSENT_HEADING_CONTINUE_READING_ON
Get new updates from
TcSdkOptions.SDK_CONSENT_HEADING_GET_NEW_UPDATES_FROM
Log in/ Signup with
TcSdkOptions.SDK_CONSENT_HEADING_LOGIN_SIGNUP_WITH
Button text options [ .ctaTextPrefix() ]
To set the prefix on the CTA button
Continue
TcSdkOptions.CTA_TEXT_CONTINUE
Proceed
TcSdkOptions.CTA_TEXT_PROCEED
Accept
TcSdkOptions.CTA_TEXT_ACCEPT
Confirm
TcSdkOptions.CTA_TEXT_COFIRM
Button shape [ .buttonShapeOptions() ]
To chose the shape of the CTA button
Round
TcSdkOptions.BUTTON_SHAPE_ROUNDED
Rectangle
TcSdkOptions.BUTTON_SHAPE_RECTANGLE
Footer CTA text [ .footerType() ]
To configure the text of the additional footer CTA present at the bottom
Use another number
TcSdkOptions.FOOTER_TYPE_CONTINUE
Use another method
TcSdkOptions.FOOTER_TYPE_ANOTHER_METHOD
Enter details manually
TcSdkOptions.FOOTER_TYPE_MANUALLY
Later
TcSdkOptions.FOOTER_TYPE_LATER
Privacy policy :
To add your privacy policy link on the verification screen, you can configure the respective hyperlink from your developer account
Terms of service: To add your terms of service link on the verification screen, you can configure the respective hyperlink from your developer account
Language You can optionally customize the consent screen in any of the supported languages. To do so, add the following line :
Copy
Currently supported languages:
english
en
hindi
hi
marathi
mr
telugu
te
malayalam
ml
urdu
ur
punjabi
pa
tamil
ta
bengali
bn
kannada
kn
swahili
sw
arabic
ar
Truecaller SDK provides you with capabilities to configure the following:
Refer to the below section for details on all the customization capabilities and the possible values you may set:
Contextual header [ .heading() ]
To provide the appropriate context of verification to the Truecaller user, use one of the below mentioned TruecallerSdkScope values to show the corresponding message to the user
Log in to
TcSdkOptions.SDK_CONSENT_HEADING_LOG_IN_TO
Sign up with
TcSdkOptions.SDK_CONSENT_HEADING_SIGNUP_WITH
Sign in to
TcSdkOptions.SDK_CONSENT_HEADING_SIGN_IN_TO
Verify number with
TcSdkOptions.SDK_CONSENT_HEADING_VERIFY_NUMBER_WITH
Register with
TcSdkOptions.SDK_CONSENT_HEADING_REGISTER_WITH
Get started with
TcSdkOptions.SDK_CONSENT_HEADING_GET_STARTED_WITH
Proceed with
TcSdkOptions.SDK_CONSENT_HEADING_PROCEED_WITH
Verify with
TcSdkOptions.SDK_CONSENT_HEADING_VERIFY_WITH
Verify profile with
TcSdkOptions.SDK_CONSENT_HEADING_VERIFY_PROFILE_WITH
Verify your profile with
TcSdkOptions.SDK_CONSENT_HEADING_VERIFY_YOUR_PROFILE_WITH
Verify your phone number with
TcSdkOptions.SDK_CONSENT_HEADING_VERIFY_PHONE_NO_WITH
Verify your number with
TcSdkOptions.SDK_CONSENT_HEADING_VERIFY_YOUR_NO_WITH
Continue with
TcSdkOptions.SDK_CONSENT_HEADING_CONTINUE_WITH
Complete order with
TcSdkOptions.SDK_CONSENT_HEADING_COMPLETE_ORDER_WITH
Place order with
TcSdkOptions.SDK_CONSENT_HEADING_PLACE_ORDER_WITH
Complete booking with
TcSdkOptions.SDK_CONSENT_HEADING_COMPLETE_BOOKING_WITH
Checkout with
TcSdkOptions.SDK_CONSENT_HEADING_CHECKOUT_WITH
Manage Details with
TcSdkOptions.SDK_CONSENT_HEADING_MANAGE_DETAILS_WITH
Manage your details with
TcSdkOptions.SDK_CONSENT_HEADING_MANAGE_YOUR_DETAILS_WITH
Login to <<APP_NAME>> with one tap
TcSdkOptions.SDK_CONSENT_HEADING_LOGIN_TO_WITH_ONE_TAP
Subscribe to
TcSdkOptions.SDK_CONSENT_HEADING_SUBSCRIBE_TO
Get updates from
TcSdkOptions.SDK_CONSENT_HEADING_GET_UPDATES_FROM
Continue reading on
TcSdkOptions.SDK_CONSENT_HEADING_CONTINUE_READING_ON
Get new updates from
TcSdkOptions.SDK_CONSENT_HEADING_GET_NEW_UPDATES_FROM
Log in/ Signup with
TcSdkOptions.SDK_CONSENT_HEADING_LOGIN_SIGNUP_WITH
Button text options [ .ctaTextPrefix() ]
To set the prefix on the CTA button
Continue
TcSdkOptions.CTA_TEXT_CONTINUE
Proceed
TcSdkOptions.CTA_TEXT_PROCEED
Accept
TcSdkOptions.CTA_TEXT_ACCEPT
Confirm
TcSdkOptions.CTA_TEXT_COFIRM
Button shape [ .buttonShapeOptions() ]
To chose the shape of the CTA button
Round
TcSdkOptions.BUTTON_SHAPE_ROUNDED
Rectangle
TcSdkOptions.BUTTON_SHAPE_RECTANGLE
Footer CTA text [ .footerType() ]
To configure the text of the additional footer CTA present at the bottom
Use another number
TcSdkOptions.FOOTER_TYPE_CONTINUE
Use another method
TcSdkOptions.FOOTER_TYPE_ANOTHER_METHOD
Enter details manually
TcSdkOptions.FOOTER_TYPE_MANUALLY
Later
TcSdkOptions.FOOTER_TYPE_LATER
Privacy policy :
To add your privacy policy link on the verification screen, you can configure the respective hyperlink from your developer account
Terms of service: To add your terms of service link on the verification screen, you can configure the respective hyperlink from your developer account
Language You can optionally customize the consent screen in any of the supported languages. To do so, add the following line :
Copy
Currently supported languages:
english
en
hindi
hi
marathi
mr
telugu
te
malayalam
ml
urdu
ur
punjabi
pa
tamil
ta
bengali
bn
kannada
kn
swahili
sw
arabic
ar
1. Ensure that your Minimum SDK version is at least API level 22 or above ( Android 5.1 ). In case your android project compiles for API level below 22, you can include the following line in your AndroidManifest.xml file to avoid any compilation issues :
Copy
Using this would ensure that the sdk works normally for API level 22 & above, and would be disabled for API level < 22 Please make sure that you put the necessary API level checks before accessing the SDK methods in case compiling for API level < 22
2. Add the following dependency in your app level build.gradle file :
Copy
Also, add the following lines of code in your gradle file, if not already present
Copy
Add mavenCentral() in your project level build.gradle file :
Copy
Please note that Truecaller SDK already contains consumer proguard rules, so it will be appended automatically to your app's proguard rules and you do not need to have any additional proguard rules to be added for the SDK to function.
This section is only relevant for apps who are using the Truecaller SDK for verifying non-Truecaller user as well and seek phone permissions from the users
If you are using the functionality of verifying non Truecaller users also via the SDK, your app would need specific phone permissions as has been described in this section. If you are using the Truecaller SDK for verification of existing Truecaller users only ( 1-tap flow ), you can skip this section.
As you upload the new app build to PlayStore with user verification feature via Truecaller SDK and the requisite permissions, you might be asked to fill an app permission declaration form.
We are sharing some tips on how to appropriately justify the need for these permissions for your verification flow :
#1: In one sentence, please describe the core functionality of your app. To be defined by you as a publisher of your app
#2: What is the core functionality in your app requiring the Call Log and / or SMS permissions? Mobile number verification to onboard users on <your_app>
This is in-line with Google’s allowed usage of this permission for account verification via phone call, as stated here: https://support.google.com/googleplay/android-developer/answer/9047303 Flow: a)Enter mobile number b)Request READ_CALL_LOG permission c)Initiate drop call from 3rd party service to respective number d)Drop call hits user’s device and is rejected automatically via above permission to complete verification
#3: Do any of the following disallowed use cases apply to your app’s core functionality request for Call Log or SMS permissions? NO
#4: Do any of the following other use cases apply to your app’s core functionality request for Call Log or SMS permissions? OTP & Account verification via Phone Call (select this from the given list of options)
#5: Is your app’s use of Call Log or SMS permissions to provide functionality required by law or regulation? No
#6: Other We use drop call based verification of users’ mobile number for account creation or logging into their <your app name> accounts. Such method of mobile number verification results in better verification success rates in our key markets like India, etc.
Android guidelines for asking app permissions from user https://developer.android.com/training/permissions/requesting