Transcrypts is an Employment and Income Verification platform that enables verifiers to confirm applicant employment history and income through multiple data sources. The platform provides an SDK widget that applicants interact with to authorize and complete verification requests. For inquiries, contact support@transcrypts.com or access the Dashboard.
Verification Methods
The Transcrypts SDK widget supports five verification methods. Each method connects to a different data source to retrieve employment and income information.
Bank Integration
Applicants connect their bank accounts through the widget to verify income. Transaction and deposit history from linked accounts provides proof of income.
Payroll Integration
Applicants connect their payroll provider through the widget. Employment details, salary information, and pay history are retrieved directly from the payroll system.
Social Security Account
Applicants connect to the Social Security Administration (SSA) website through the widget. SSA records provide a verified employment history across all employers that reported wages.
Stored Credentials
Applicants who have previously completed verification through Transcrypts can reuse their stored credentials. This method skips the initial connection step and retrieves data using existing authorized access.
Instant Verification
The verifier provides the applicant’s name, date of birth, and address history. Transcrypts returns results immediately by matching this information against available data sources without requiring applicant interaction.
Supported Environments
Transcrypts operates across two environments:
- Development: For live credential testing; limited to 50 successful Tasks without billing
- Production: For production use; each successful Task incurs charges
All API requests use the base URL https://prod.transcrypts.com/v1/ regardless of environment. The Access secret determines which environment processes each request.
Authentication
API Keys
The Transcrypts API requires valid credentials consisting of:
| Value | Description | Example |
|---|
client_id | Private team identifier | dd21ca23c12142b6a0970b1e0afedf16 |
access_secret | Environment-specific private key | dev-a57b3109f1f4a8b3f2ebbc1c526950f1795464af |
client_id remains constant across environments. The access_secret differs for each environment with prefixes: dev or prod.
Every API request requires:
X-Access-Client-ID: Contains the Client IDX-Access-Secret: Contains the Access secret
API keys provide access to sensitive data. Store these values securely within your application backend.
Protocols
Transcrypts uses REST API frameworks with these specifications:
- Responses in standard JSON format
- HTTPS TLS v1.2+ required (HTTP and earlier TLS versions unsupported)
- Requests must include
Content-Type: application/json header with valid JSON body only
Security
Manage identifier values from Transcrypts Bridge and API endpoints to maximize security. These values associate API and provider events with requests and assist support teams with issue resolution.
Ensure access_token values remain backend-only and never exposed client-side. Store tokens securely and associate them with application users.
Additional Access Tokens
Users with multiple data provider accounts and Links may create multiple access_tokens.
Errors
HTTP Status Codes
2xx: Successful requests4xx: Invalid inputs or state violations5xx: Rare server errors
Response Code Reference
| Code | Title | Description |
|---|
| 200 | OK | Request successful |
| 201 | Created | Resource created successfully |
| 400 | Bad Request | Unacceptable request |
| 401 | Unauthorized | Missing or invalid credentials |
| 403 | Forbidden | Permission denied |
| 404 | Not Found | Resource unavailable |
| 405 | Method Not Allowed | Unsupported request method |
| 406 | Not Acceptable | Server cannot match acceptable values |
| 410 | Gone | Bridge token expired |
| 415 | Unsupported Media Type | Invalid payload format |
| 429 | Too Many Requests | Rate limit exceeded; access_token allows one initial and three refresh requests per 24 hours |
| 50x | Internal Server Error | API error |
code: Error sourcemessage: User-facing issue descriptioninvalid-params: Form field errors with field parameter for UI display
Error Code Types
validation_error: Invalid input format or missing required fieldsexpired_token: Public token expired after 6 hoursincorrect_token: Public or access token cannot be matched in storage
Rate Limiting
The API allows up to 300 requests per minute per Access secret key. Exceeding this limit returns a 429 Too Many Requests error. Contact support@transcrypts.com to request limit increases.