---
title: Alloy API Integration on Truto
slug: alloy
category: Compliance
canonical: "https://truto.one/integrations/detail/alloy/"
---

# Alloy API Integration on Truto



**Category:** Compliance  
**Status:** Beta

## MCP-ready AI tools

Truto exposes 138 tools for Alloy that AI agents can call directly.

- **create_a_alloy_account** — Create a new account in alloy (deprecated in favor of the Events API). Returns the created account object including bank_account_token, external_account_id, account_number, account_class, account_name, and account_type. The request body must include at least one of external_account_id or account_number.
- **update_a_alloy_account_by_id** — Update an existing alloy account by id. Returns the updated account object including bank_account_token, external_account_id, account_number, account_class, account_name, routing_number, is_linked_account, and other account attributes. Required: id.
- **list_all_alloy_bank_accounts** — List bank accounts in alloy associated with a given account identifier or token. Returns: bank_account_token, external_account_id, account_number, account_number_last4, account_class, account_name, routing_number, account_type, is_linked_account, link_timestamp, unlink_timestamp, opening_date, closing_date, maturity_date, country_code, currency, cif_number, product_code, product_name,…
- **get_single_alloy_bank_account_by_id** — Get a single bank account in alloy by its bank account token, including historical and entity data. Returns: bank_account_token, external_account_id, account_number, account_number_last4, account_class, account_name, routing_number, account_type, is_linked_account, link_timestamp, unlink_timestamp, opening_date, closing_date, maturity_date, country_code, currency, cif_number, product_code,…
- **list_all_alloy_batches** — Retrieve an Alloy batch by its batch_token. Returns the Batch object including batch_token and associated batch attributes. Required: batch_token.
- **get_single_alloy_batch_by_id** — Get a single Alloy batch by id (batch_token). Returns the Batch object including batch_token and associated batch attributes. Required: id.
- **list_all_alloy_cases** — List cases in alloy. Returns a collection of case objects; each case includes case_token.
- **alloy_cases_list_2** — Get an alloy case by its case_token path parameter. Returns the case object including case_token. Required: case_token.
- **get_single_alloy_case_by_id** — Get a single alloy case by id. Returns the case object including case_token. Required: id.
- **list_all_alloy_case_evidences** — List all evidences for an Alloy case. Returns: id, created_at, updated_at. Required: case_token.
- **create_a_alloy_case_evidence** — Create a new evidence record for an Alloy case. Returns: id, created_at, updated_at. Required: case_token.
- **list_all_alloy_case_works** — List work entries for a specific case in Alloy. Returns: id, created_at, updated_at. Required: case_token.
- **create_a_alloy_case_work** — Create a new work entry for a case in Alloy. Returns: id, created_at, updated_at. Required: case_token.
- **alloy_case_works_bulk_create** — Bulk create work entries across multiple cases in Alloy in a single request. Returns: id, created_at, updated_at.
- **list_all_alloy_evidence_alerts** — List evidence alerts for a specific evaluation within an alloy case. Returns a CaseEvidence alert record including evaluation_token and case_token. Required: case_token, evaluation_token.
- **list_all_alloy_custom_lists** — List all custom lists in alloy. Returns: custom_list_token, name, description.
- **create_a_alloy_custom_list** — Create a new custom list in alloy. Returns: custom_list_token, name, description. Required: name.
- **alloy_custom_lists_list_2** — List versions of a specific custom list in alloy identified by its token. Returns: custom_list_token, name, description. Required: custom_list_token.
- **update_a_alloy_custom_list_by_id** — Update the name or description of an existing custom list in alloy. Returns: custom_list_token, name, description. Required: id.
- **get_single_alloy_custom_list_by_id** — Get a specific custom list in alloy by id. Returns: custom_list_token, name, description. Required: id.
- **create_a_alloy_custom_list_version** — Create a new version of an alloy custom list. Returns the created version including version, notes, changelog, columns, and data entries. Required: custom_list_token, columns, data.
- **list_all_alloy_custom_list_versions** — Retrieve data for a specific version of an alloy custom list by version token. Returns version data including columns, data entries, notes, and changelog. Required: custom_list_token, version.
- **get_single_alloy_custom_list_version_by_id** — Get a specific version of an alloy custom list by id. Returns the version data including version, notes, changelog, columns, and data entries. Required: custom_list_token, id.
- **create_a_alloy_document** — Create a new document in Alloy for an entity. Returns the created document including document_token, entity_token, name, extension, type, and approved status. Required: entity_token, name, extension, type.
- **update_a_alloy_document_by_id** — Update an existing Alloy document by id. Returns the updated document including document_token, name, type, approved, and approval_agent_email. Required: id, entity_token, approved, type, approval_agent_email, name.
- **create_a_alloy_document_note** — Create a note on a specific document in alloy. Returns the created note including note, created_at, updated_at, entity_token, and note_author_agent_email. Required: entity_token, document_token, note, note_author_agent_email.
- **list_all_alloy_entities** — Get information related to an Alloy entity by entity_token. Returns the entity object including entity_token; the remaining fields depend on the entity type (person or business) and are not enumerated in the endpoint source. Required: entity_token.
- **get_single_alloy_entity_by_id** — Get information related to a specific Alloy entity by id. Returns the entity object including entity_token; the remaining fields depend on the entity type (person or business) and are not enumerated in the endpoint source. Required: id.
- **get_single_alloy_entity_group_by_id** — Get a single Entity Group in alloy by its entity token or external identifier. Returns the entity group object including its id and associated attributes. Required: id.
- **create_a_alloy_evaluation** — Run a new evaluation in Alloy against a configured workflow. Returns: evaluation_token, entity_token, application_token, application_version_id, timestamp, status_code, error. The request body accepts dynamic evaluation data whose fields vary by workflow configuration.
- **list_all_alloy_evaluations** — Retrieve an evaluation in Alloy by its evaluation token. Returns: evaluation_token, entity_token, application_token, application_version_id, timestamp. Required: evaluation_token.
- **update_a_alloy_evaluation_by_id** — Update an existing evaluation in Alloy by its id. Returns: evaluation_token, entity_token, application_token, application_version_id, timestamp. Required: id.
- **get_single_alloy_evaluation_by_id** — Get an evaluation in Alloy by its id. Returns: evaluation_token, entity_token, application_token, application_version_id, timestamp. Required: id.
- **list_all_alloy_parameters** — List all parameters available in alloy. Returns a collection of parameter objects including id and attributes; the upstream source does not enumerate specific response fields for this endpoint beyond a 200 OK status.
- **create_a_alloy_event** — Create an event in Alloy by submitting an event type and optional payload data. Returns: request_token, timestamp, description, data. Required: event_type.
- **list_all_alloy_events** — Retrieve an Alloy event by its event_request_token (the token returned when the event was created). Returns: request_token, timestamp, description, data. Required: event_request_token.
- **get_single_alloy_event_by_id** — Get a single Alloy event by its id. Returns: request_token, timestamp, description, data. Required: id.
- **list_all_alloy_groups** — List group information in Alloy for a specific entity. Returns group records including entity_token and group_token. Required: entity_token.
- **get_single_alloy_group_by_id** — Get all information for a specific group in Alloy by id. Returns group details including entity_token and group_token. Required: id.
- **create_a_alloy_group_evaluation** — Create a group evaluation in Alloy for the specified group. Returns the created group evaluation object including its id and attributes. Required: group_token.
- **create_a_alloy_group_note** — Create a new note on a group in Alloy. Returns the created note object including note, created_at, updated_at, and note_author_agent_email. Required: group_token.
- **list_all_alloy_investigations** — List alloy investigations with optional filters and sorting. Returns: investigation_token, investigation_state, investigation_type, investigation_name, entity_tokens, journey_alerts, investigation_assignee_token, should_aggregate_alerts, note, tags, total_alerts, risk_score, created_at, updated_at. Results can be sorted by updated_at, created_at, total_alerts, or risk_score; up to 100 results per…
- **create_a_alloy_investigation** — Create a new alloy investigation. Returns: investigation_token, investigation_state, investigation_type, investigation_name, entity_tokens, journey_alerts, investigation_assignee_token, should_aggregate_alerts, note, tags, total_alerts, risk_score, created_at, updated_at. Required: investigation_state, investigation_type, entity_tokens, journey_alerts.
- **alloy_investigations_list_2** — Get an alloy investigation by its investigation_token. Returns: investigation_token, investigation_state, investigation_type, investigation_name, entity_tokens, journey_alerts, investigation_assignee_token, should_aggregate_alerts, note, tags, total_alerts, risk_score, created_at, updated_at. Required: investigation_token.
- **get_single_alloy_investigation_by_id** — Get a single alloy investigation by id (investigation_token). Returns: investigation_token, investigation_state, investigation_type, investigation_name, entity_tokens, journey_alerts, investigation_assignee_token, should_aggregate_alerts, note, tags, total_alerts, risk_score, created_at, updated_at. Required: id.
- **update_a_alloy_investigation_evidence_by_id** — Update evidences attached to an alloy investigation by patching its notes, journey alerts, and tags. Returns a 200 Success response on success. Required: investigation_token.
- **list_all_alloy_investigation_alerts** — List alloy investigation alerts for a specific investigation and journey application. Returns: investigation_token, journey_application_token. Required: investigation_token, journey_application_token.
- **get_single_alloy_investigation_alert_by_id** — Get a single alloy investigation alert by its journey application token. Returns: investigation_token, journey_application_token. Required: investigation_token, id.
- **update_a_alloy_investigation_promote_by_id** — Promote an alloy investigation by its token, advancing it to a new state. Returns the updated investigation details including investigation_token. Required: investigation_token.
- **create_a_alloy_investigation_note** — Create a note on an alloy investigation. Returns: note, created_at, updated_at, entity_token, note_author_agent_email, data, timestamp, request_token. Required: investigation_token, note, entity_token.
- **update_a_alloy_investigation_review_by_id** — Update the review for an alloy investigation. Returns the investigation details including investigation_token, note, and entity_token. Required: investigation_token.
- **create_a_alloy_journey_application** — Create a new Journey Application in alloy for the specified journey. Returns: request_token, timestamp, description, data, do_await_additional_entities. Required: journey_token, entities.
- **list_all_alloy_journey_applications** — Retrieve a Journey Application in alloy by journey_application_token for the specified journey. Returns: request_token, timestamp, description, data. Required: journey_token, journey_application_token.
- **update_a_alloy_journey_application_by_id** — Update a Journey Application in alloy by id for the specified journey, adding new entities or supplying requested data. Returns: request_token, timestamp, description, data. Required: journey_token, id.
- **get_single_alloy_journey_application_by_id** — Get a Journey Application in alloy by id for the specified journey. Returns: request_token, timestamp, description, data. Required: journey_token, id.
- **list_all_alloy_latests** — Get the latest journey application in Alloy identified by an external application id. Returns: id, created_at, updated_at. Required: external_application_id.
- **update_a_alloy_latest_by_id** — Update the latest journey application in Alloy identified by an external application id. Returns: id, created_at, updated_at. Required: external_application_id.
- **list_all_alloy_journey_schemas** — List the schema for an Alloy journey identified by its journey_token. Returns: request_token, timestamp, description, data. Required: journey_token.
- **list_all_alloy_journey_parameters** — List parameters for a specific journey in Alloy. Returns: request_token, timestamp, description, data. Required: journey_token.
- **create_a_alloy_journey_batch** — Create a journey batch in alloy by submitting a list of entities to be processed against a specified journey. Returns: request_token, timestamp, description, data. Required: journey_token, entities.
- **list_all_alloy_journey_batches** — Retrieve a journey batch in alloy by journey and batch token identifiers. Returns: request_token, timestamp, description, data. Required: journey_token, journey_batch_token.
- **get_single_alloy_journey_batch_by_id** — Get a specific journey batch in alloy by its unique batch identifier. Returns: request_token, timestamp, description, data. Required: journey_token, id.
- **update_a_alloy_application_audit_accese_by_id** — Update audit access for an alloy Journey Application, granting or revoking partial audit access to parent organizations via the alloy-audit-account-slugs header. Returns: request_token, timestamp, description, data. Required: journey_token, journey_application_token. Omit an organization slug from the header in subsequent requests to revoke its access.
- **list_all_alloy_lists** — List all Alloy lists for the account. Returns a collection of list objects including list_token, listName, isBlacklist, isWhitelist, and description.
- **create_a_alloy_list** — Create a new list in Alloy. Returns the created list object including list_token, listName, isBlacklist, isWhitelist, and description.
- **alloy_lists_list_2** — Get a specific Alloy list by its list_token. Returns: list_token, listName, isBlacklist, isWhitelist, description. Required: list_token.
- **update_a_alloy_list_by_id** — Replace an Alloy list's contents by id. Returns the updated list including list_token, listName, isBlacklist, isWhitelist, and description. Required: id.
- **get_single_alloy_list_by_id** — Get entity records belonging to an Alloy list by its list token. Returns: id. Required: id.
- **update_a_alloy_list_meta_by_id** — Update the metadata for an Alloy list identified by its list_token. Returns the updated list metadata including list_token, listName, and description. Required: list_token.
- **create_a_alloy_portfolio_evaluation** — Create a portfolio evaluation in alloy, queuing it asynchronously for processing. Returns the created portfolio evaluation including its id. Required: source.
- **create_a_alloy_portfolio_evaluation_rerun** — Rerun a portfolio evaluation in alloy by submitting it for reprocessing. Returns a 201 response confirming the evaluation has been created as a rerun and queued for processing. Required: portfolio_evaluation_token.
- **list_all_alloy_published_attributes** — List all published attributes in alloy. Returns published attribute objects including data_type, contains_pii, and object_type.
- **create_a_alloy_published_attribute** — Create a new published attribute in alloy. Returns: data_type, contains_pii, object_type. Required: published_attribute_name, data_type, default_value, contains_pii, object_type.
- **alloy_published_attributes_list_2** — Get a specific published attribute in alloy by its published_attribute_token. Returns: data_type, contains_pii, object_type. Required: published_attribute_token.
- **update_a_alloy_published_attribute_by_id** — Update a published attribute in alloy by id. Returns the updated attribute including data_type, contains_pii, object_type, archived, published_attribute_name, and description. Required: id.
- **get_single_alloy_published_attribute_by_id** — Get a specific published attribute in alloy by id. Returns: data_type, contains_pii, object_type. Required: id.
- **list_all_alloy_published_attribute_values** — List values for a published attribute in Alloy. Returns: data_type, contains_pii, object_type. Required: published_attribute_token.
- **create_a_alloy_published_attribute_value** — Create new values for a published attribute in Alloy. Accepts an array of value objects; for entity-type attributes each item requires either external_entity_id or entity_token plus a value, and for transaction-type each item requires transaction_token plus a value. Returns: data_type, contains_pii, object_type. Required: published_attribute_token.
- **create_a_alloy_group_review** — Create a review for an Alloy group. Returns a Review Object including group_token. Required: group_token, agent, reasons, outcome.
- **get_single_alloy_transaction_by_id** — Get a single Alloy transaction by id. Returns the transaction object including transaction_id, amount, currency, status, process_method, source, and destination. Required: id.
- **update_a_alloy_transaction_by_id** — Update an existing Alloy transaction by id. Returns the updated transaction object including transaction_id, amount, currency, status, process_method, source, and destination. Required: id.
- **get_single_alloy_case_evidence_alert_by_id** — Get the alert associated with a specific case evidence in Alloy. Returns: id, attributes. Required: case_token, id.
- **create_a_alloy_custom_list_activation** — Activate a major version of an alloy custom list, making it the live active version. Returns a 201 response on successful activation. Required: custom_list_token, major_version.
- **list_all_alloy_entity_documents** — List documents associated with an alloy entity. Returns the document collection where each item includes id and attributes with document-type-specific fields. Required: entity_token.
- **get_single_alloy_entity_document_by_id** — Get a single alloy entity document by id. Returns: id, attributes. Required: entity_token, id.
- **create_a_alloy_entity_document** — Create a new document for an alloy entity. Returns the created document object including id and attributes with document-type-specific fields. Required: entity_token.
- **update_a_alloy_entity_document_by_id** — Replace an existing alloy entity document by id. Returns the updated document object including id and attributes with document-type-specific fields. Required: entity_token, id.
- **alloy_entity_documents_partial_update** — Partially update an existing alloy entity document by id. Returns the updated document object including id and attributes with document-type-specific fields. Required: entity_token, id.
- **create_a_alloy_entity_merge** — Merge entities in Alloy by submitting a POST request to the entity merge endpoint. No request parameters were found in the available source documentation for this endpoint. Returns an empty 204 response on success.
- **get_single_alloy_person_entity_by_id** — Get a person entity in Alloy by id (entity_token). Returns the entity object including entity_token, name_first, name_last, birth_date, pii_status, addresses, emails, phones, and document fields. Required: id.
- **create_a_alloy_person_entity** — Create a new person entity in Alloy. Returns the created entity object including entity_token, name_first, name_last, birth_date, pii_status, addresses, emails, phones, and document fields.
- **update_a_alloy_person_entity_by_id** — Update an existing person entity in Alloy by id (entity_token). Returns the updated entity object including entity_token, name fields, birth_date, pii_status, addresses, emails, phones, and document fields. Required: id.
- **get_single_alloy_business_entity_by_id** — Get a business entity in alloy by its entity_token. Returns the entity object including entity_token, business_name, external_entity_id, pii_status, addresses, emails, and phones. Required: id.
- **create_a_alloy_business_entity** — Create a new business entity in alloy. Returns the created entity object including entity_token, business_name, external_entity_id, pii_status, addresses, emails, and phones.
- **update_a_alloy_business_entity_by_id** — Update an existing business entity in alloy by its entity_token. Returns the updated entity object including entity_token, business_name, external_entity_id, pii_status, addresses, emails, and phones. Required: id.
- **create_a_alloy_entity_note** — Create a note on an Alloy entity. Returns the created note including note, entity_token, note_author_agent_email, created_at, and updated_at. Required: entity_token, note, note_author_agent_email.
- **get_single_alloy_entity_evaluation_by_id** — Get a single entity evaluation in Alloy by evaluation token. Returns the evaluation object including entity_token and evaluation_token. Required: entity_token, id.
- **list_all_alloy_entity_feedback** — List entity feedback records in Alloy. Returns a 200 OK response; the source does not document any response body fields or query parameters for this endpoint.
- **create_a_alloy_entity_feedback** — Create (insert) entity feedback in Alloy. Returns a 200 OK response confirming successful insertion; the source does not document request body fields or response body fields for this endpoint.
- **update_a_alloy_evaluation_audit_access_by_id** — Update audit access for an Alloy evaluation, granting or revoking partial audit access for parent organization slugs. Returns a 200 response confirming the audit access was updated. Required: evaluation_token.
- **list_all_alloy_event_schemas** — List event schemas in Alloy. Returns schema definitions for all supported event types, including the event_type identifier and event-type-specific field attributes describing the expected data structure for each type.
- **update_a_alloy_investigation_archive_by_id** — Archive an investigation in alloy by supplying its investigation_token. Returns the archived investigation details including investigation_token. Required: investigation_token.
- **update_a_alloy_investigation_unarchive_by_id** — Unarchive an investigation in Alloy by supplying its investigation_token. Returns the updated investigation record including investigation_token. Required: investigation_token.
- **update_a_alloy_investigation_assign_by_id** — Assign an alloy investigation to an agent using the PUT /v1/investigations/assign endpoint. Returns the updated investigation identified by investigation_token. Required: investigation_token, investigation_assignee_token.
- **update_a_alloy_investigation_unassign_by_id** — Unassign the currently assigned agent from an investigation in alloy. Returns the updated investigation details including investigation_token. Required: investigation_token.
- **list_all_alloy_investigation_filters** — List all available filters for Alloy investigations. Returns filter objects including id and filter-specific attributes; the source does not enumerate the full response field set beyond a 200 Success status, so consult the Alloy documentation for the complete field-level breakdown. No required parameters.
- **list_all_alloy_investigation_agents** — List agents assignable to investigations in Alloy. Returns: data, timestamp, request_token.
- **update_a_alloy_investigation_alert_assign_by_id** — Assign an alert to an alloy investigation. Returns: investigation_token, journey_application_token. Required: investigation_token, journey_application_token.
- **update_a_alloy_investigation_alert_unassign_by_id** — Unassign an alert from an investigation in Alloy. Returns a 200 success response when the alert is successfully removed from the investigation. Required: investigation_token, journey_application_token.
- **create_a_alloy_investigation_alert_review** — Submit a manual review for an alert within an alloy investigation. Returns an empty 204 response on success. Required: investigation_token, journey_application_token, manual_review_token.
- **update_a_alloy_investigation_alert_appended_review_by_id** — Update the review for a specific alert within an investigation in Alloy. Submits a review decision for the journey application alert identified by the provided tokens. Required: investigation_token, journey_application_token.
- **list_all_alloy_investigation_types** — List investigation types in alloy. Returns: description, data, timestamp, request_token. Supports filtering via q, and sorting with sortColumn (investigation_type_id, name, use_case, journeys_count) and sortOrder.
- **create_a_alloy_investigation_type** — Create a new investigation type in alloy. Returns: name, use_case, description, data, timestamp, request_token. Required: name, use_case.
- **delete_a_alloy_investigation_type_by_id** — Delete an investigation type in alloy by id. Returns an empty 204 response on success. Required: id.
- **update_a_alloy_investigation_type_archive_by_id** — Archive an investigation type in Alloy by submitting its name. Returns a 200 success response on success. Required: investigation_types.
- **update_a_alloy_investigation_type_unarchive_by_id** — Unarchive an investigation type in alloy, making it available for use again. Returns a 200 success response with no documented body. Required: investigation_types.
- **list_all_alloy_investigation_use_cases** — List available investigation use cases in Alloy. Returns: id, created_at, updated_at. No required parameters.
- **get_single_alloy_journey_application_external_by_id** — Get the latest journey application record by external ID in alloy. Returns: request_token, timestamp, description, data. Required: id.
- **update_a_alloy_journey_application_external_by_id** — Update the latest journey application record by external ID in alloy. Returns: request_token, timestamp, description, data. Required: id.
- **list_all_alloy_journey_entity_applications** — List journey applications for a specific entity in Alloy. Returns records including journey_application_token, entity_token, journey_token, journey_name, type, external_entity_id, evaluation_token, entity_application_token, external_partner_id, and external_application_id. Required: external_entity_id.
- **create_a_alloy_journey_application_rerun** — Rerun a Journey Application in alloy that is in an error state, resubmitting it for re-evaluation. Returns the rerun event object including request_token, timestamp, type, description, and a nested data object containing journey_application_token, evaluation_token, journey_token, and entity_token. Required: journey_token, journey_application_token.
- **create_a_alloy_journey_application_external_rerun** — Rerun the latest journey application in Alloy identified by an external application ID. Returns: request_token, timestamp, description, data. Required: external_application_id.
- **get_single_alloy_journey_application_review_by_id** — Get a specific alloy journey application manual review by id. Returns the review object including request_token, timestamp, type, description, and data. Required: journey_token, journey_application_token, id.
- **create_a_alloy_journey_application_review** — Create a manual review for an alloy journey application. Returns the created review object including request_token, timestamp, type, description, and data. Required: journey_token, journey_application_token.
- **create_a_alloy_journey_application_case_review** — Submit a manual review for a pending-review case in an Alloy journey application, completing it with an outcome and one or more associated reasons. Returns a 201 response on success. Required: journey_token, journey_application_token, case_token. Either reason or reasons must be provided; if both are supplied, reasons takes precedence.
- **update_a_alloy_journey_application_node_by_id** — Update the outcome of an action node in an Alloy journey application. Returns: request_token, timestamp, description, data. Required: journey_token, journey_application_token, id, outcome.
- **list_all_alloy_journey_application_notes** — List notes for a specific alloy journey application. Returns: data, timestamp, description, request_token. Required: journey_token, journey_application_token.
- **create_a_alloy_journey_application_note** — Create a new note on a specific alloy journey application. Returns: note, note_author_agent_email, created_at, updated_at, journey_application_token, data, timestamp, request_token. Required: journey_token, journey_application_token, note_author_agent_email, note.
- **update_a_alloy_journey_application_audit_access_by_id** — Update audit access for a Journey Application in alloy, granting partial audit access to specified parent organization slugs via the `alloy-audit-account-slugs` header. The request body may be empty or omitted. Returns a 200 success response confirming audit access was updated. Required: journey_token, journey_application_token.
- **list_all_alloy_journey_batch_applications** — List applications belonging to a specific alloy journey batch. Returns: journey_application_token, external_partner_id, external_group_id, external_application_id, timestamp, evaluation_token, entity_token, entity_application_token, journey_token, journey_name, external_entity_id, _embedded, _links, request_token, data. Required: journey_token, journey_batch_token.
- **create_a_alloy_list_entity** — Create an entity in an Alloy list identified by list_token. Returns an empty 204 response on success. Required: list_token.
- **create_a_alloy_oauth_token** — Create an Alloy OAuth bearer token using the Client Credentials grant type. Returns access_token, token_type, and expires_in when credentials are sent via the Authorization header, or bearer_token and expires when credentials are sent in the JSON body (backwards-compatibility mode). Required: grant_type.
- **create_a_alloy_oauth_validation** — Validate an OAuth 2.0 bearer token or credentials in Alloy. Returns an empty 204 response on success.
- **list_all_alloy_entity_reviews** — List all Reviews associated with an entity in Alloy. Returns an array of Review objects, each including review_token, entity_token, outcome, reasons, and agent. Required: entity_token.
- **get_single_alloy_entity_review_by_id** — Get a single Review by id for an entity in Alloy. Returns: review_token, entity_token, outcome, reasons, agent. Required: entity_token, id.
- **create_a_alloy_entity_review** — Create a new Review for an entity in Alloy. Returns the created Review including review_token, entity_token, outcome, reasons, and agent. Required: entity_token, agent, reasons, and outcome.
- **create_a_alloy_entity_review_note** — Create a note on an Alloy entity review. Returns the created note object including note, entity_token, note_author_agent_email, created_at, and updated_at. Required: entity_token, review_token, note, and note_author_agent_email.
- **create_a_alloy_group_review_note** — Create a note on a specific group review in Alloy. Returns the created note including note, created_at, updated_at, and note_author_agent_email. Required: group_token, review_token, note, and note_author_agent_email.

## How it works

1. **Link your customer's Alloy account.** Use Truto's frontend SDK; we handle every OAuth and API key flow so you don't need to create the OAuth app.
2. **Authentication is automatic.** Truto refreshes tokens, stores credentials securely, and injects them into every API request.
3. **Call Truto's API to reach Alloy.** The Proxy API is a 1-to-1 mapping of the Alloy API.
4. **Get a unified response format.** Every response uses a single shape, with cursor-based pagination and data in the `result` field.

## Use cases

- **Embed KYC/KYB into customer onboarding** — Let your fintech or banking customers run identity verification, OFAC screening, and business checks natively inside your platform by routing applicant data through Alloy Journeys. No need for them to bolt on a separate compliance stack.
- **Power BaaS and sponsor bank compliance workflows** — For BaaS platforms and middleware providers, offer turnkey Alloy integration so downstream fintechs can submit applications, surface manual reviews, and resolve cases without leaving your control plane.
- **Continuous transaction monitoring for AML** — Stream transaction and event telemetry from your ledger or payments product into Alloy so your customers' compliance teams can detect post-onboarding fraud, money muling, and velocity violations in real time.
- **Sync investigations into your native ops dashboard** — Pull Alloy cases, investigations, and alerts back into your support or operations UI so frontline agents can see KYC blockages and resolve compliance flags without context-switching to the Alloy console.
- **Document collection for step-up verification** — When Alloy flags an application for manual review, your platform can collect IDs, articles of incorporation, or proof-of-address documents and push them directly to the linked Alloy entity for compliance review.

## What you can build

- **Journey-powered onboarding flows** — Submit person and business entities through a configured Alloy Journey and render approve/deny/review outcomes inline using create_a_alloy_journey_application.
- **KYB with linked beneficial owners** — Create business entities and attach UBO person entities so your users can run full Know Your Business verification with director and owner checks in one payload.
- **In-app document upload to Alloy** — Let end users upload IDs and incorporation documents in your UI and forward them to Alloy via create_a_alloy_entity_document for compliance ops to review.
- **Two-way case and investigation sync** — Mirror Alloy investigations, alerts, and assignees into your own ops dashboard and write decisions back using create_a_alloy_investigation_alert_review and case review endpoints.
- **Continuous AML event streaming** — Push transactions and behavioral events into Alloy with create_a_alloy_event to drive ongoing monitoring rules and trigger investigations when thresholds are breached.
- **Programmatic manual review resolution** — Allow your users' analysts to clear or escalate Alloy cases from your UI by posting outcomes and reasons through create_a_alloy_journey_application_case_review.

## FAQs

### How does authentication work for end users connecting their Alloy account?

Truto handles credential capture and storage on your behalf. Your end users authenticate with their Alloy workspace credentials and journey tokens once, and Truto manages the connection lifecycle so you don't have to build a key vault or rotation logic.

### Can we run both KYC and KYB through the same integration?

Yes. The integration exposes both person entities (create_a_alloy_person_entity) and business entities (create_a_alloy_business_entity), and you can link beneficial owners to a business and run them through a single Journey application.

### Does the integration support ongoing transaction monitoring or just onboarding?

Both. In addition to onboarding via Journeys, you can push transactions and events via create_a_alloy_event and update_a_alloy_transaction_by_id to drive Alloy's continuous AML and behavioral monitoring rules.

### Can our users' analysts resolve cases without logging into Alloy?

Yes. You can list and fetch investigations, assign or unassign them to agents, post review outcomes on alerts, and submit case review decisions back to Alloy — enabling a fully embedded case management experience.

### How fresh is the data we pull from Alloy?

Reads are made directly against Alloy's API at request time, so investigation, case, and entity data reflect the current state in Alloy. For high-volume sync patterns, you can poll list endpoints on your own cadence.

### Can we trigger re-evaluations on existing applications or entities?

Yes. The integration supports rerunning Journey applications (create_a_alloy_journey_application_rerun), portfolio re-evaluations, and creating new evaluations on existing entities, so you can re-screen users after rule changes or new data.

## Related reading

- [Truto vs Alloy Automation: Embedded iPaaS vs Unified API Architecture (2026)](https://truto.one/blog/truto-vs-alloy-automation-which-integration-architecture-wins-in-2026/) — Truto vs Alloy Automation for embedded integrations: compare declarative Unified APIs against embedded iPaaS workflows to pick the right integration architecture for your B2B SaaS.
- [Merge vs Nango vs Alloy Automation: 2026 Architecture Comparison](https://truto.one/blog/merge-vs-nango-vs-alloy-automation-2026-architecture-comparison/) — An objective, highly technical breakdown of architectural trade-offs between unified APIs, code-first frameworks, embedded iPaaS platforms like Prismatic and Alloy, and declarative proxy architectures in 2026.
- [Truto vs Alloy Automation: The 2026 Guide to Embedded Integrations](https://truto.one/blog/truto-vs-alloy-automation-the-2026-guide-to-embedded-integrations/) — Compare Truto's zero-code unified API vs Alloy Automation's embedded iPaaS for B2B SaaS integrations. Covers architecture, pricing, and rate limits.
- [Top Alloy Automation Alternatives for AI Agent MCP Connectivity in 2026](https://truto.one/blog/top-alloy-automation-alternatives-for-ai-agent-mcp-connectivity-in-2026/) — Compare 5 Alloy Automation alternatives for AI agent MCP connectivity in 2026. Feature matrix, pricing, and a checklist to match the right platform to your roadmap.
