Everything you need to integrate TrustPing into your agent workflow. Base URL: https://trustping.co
Create a new account and get an API key. The key is shown once — store it securely.
| Field | Type | Description |
|---|---|---|
| emailrequired | string | Your email address |
curl -X POST https://trustping.co/v1/auth/signup \ -H "Content-Type: application/json" \ -d '{"email": "you@company.com"}'
{
"api_key": "tp_live_a1b2c3d4e5f6g7h8i9j0k1l2m3n4o5p6",
"plan": "free",
"daily_limit": 50,
"message": "Store this API key securely. It cannot be retrieved again."
}
Regenerate your API key. The previous key is immediately invalidated.
curl -X POST https://trustping.co/v1/auth/apikey \
-H "Authorization: Bearer tp_live_..."
{
"api_key": "tp_live_new_key_here...",
"message": "Previous key has been invalidated."
}
Verify an email address is valid, deliverable, and trustworthy. Checks syntax, MX records, SMTP reachability, disposable domain detection, and domain age.
| Field | Type | Description |
|---|---|---|
| emailrequired | string | Email address to verify |
curl -X POST https://trustping.co/v1/verify/email \ -H "Authorization: Bearer tp_live_..." \ -H "Content-Type: application/json" \ -d '{"email": "contact@company.com"}'
{
"entity": "contact@company.com",
"type": "email",
"trust_score": 0.87,
"verdict": "pass",
"signals": [
{ "check": "syntax", "status": "pass", "detail": "Valid email format" },
{ "check": "disposable_domain", "status": "pass", "detail": "Not a known disposable email provider" },
{ "check": "mx_records", "status": "pass", "detail": "Valid MX records found (Google Workspace)" },
{ "check": "smtp_reachable", "status": "pass", "detail": "SMTP server accepts recipient" },
{ "check": "domain_age", "status": "pass", "detail": "Domain has active DNS configuration" }
],
"checked_at": "2026-03-21T00:26:46.014Z",
"cached": false,
"community_checks": 142
}
| Check | Status | Description |
|---|---|---|
| syntax | pass/fail | Email format validation |
| disposable_domain | pass/fail | Checked against ~150 known disposable providers |
| mx_records | pass/fail | Domain has valid MX records |
| smtp_reachable | pass/fail/inconclusive | SMTP server accepts the recipient address |
| domain_age | pass/inconclusive | Domain has active DNS configuration |
Verify a URL is live, safe, and trustworthy. Checks DNS resolution, SSL certificate, HTTP status, redirect chain, Google Safe Browsing, and domain age.
| Field | Type | Description |
|---|---|---|
| urlrequired | string | Full URL to verify (must include http:// or https://) |
curl -X POST https://trustping.co/v1/verify/url \ -H "Authorization: Bearer tp_live_..." \ -H "Content-Type: application/json" \ -d '{"url": "https://stripe.com/pricing"}'
{
"entity": "https://stripe.com/pricing",
"type": "url",
"trust_score": 0.95,
"verdict": "pass",
"signals": [
{ "check": "url_format", "status": "pass", "detail": "Valid URL format" },
{ "check": "dns_resolves", "status": "pass", "detail": "Resolves to 3.228.62.110" },
{ "check": "ssl_valid", "status": "pass", "detail": "Valid SSL certificate, expires 2026-05-21, issued by DigiCert Inc" },
{ "check": "http_status", "status": "pass", "detail": "Returns HTTP 200" },
{ "check": "redirect_chain", "status": "pass", "detail": "No suspicious redirects" },
{ "check": "safe_browsing", "status": "pass", "detail": "Not flagged by Google Safe Browsing" },
{ "check": "domain_age", "status": "pass", "detail": "Domain has active DNS configuration" }
],
"checked_at": "2026-03-21T00:26:46.014Z",
"cached": false,
"community_checks": 89
}
| Check | Status | Description |
|---|---|---|
| url_format | pass/fail | Valid URL with http/https protocol |
| dns_resolves | pass/fail | Hostname resolves to an IP address |
| ssl_valid | pass/fail/warn | SSL certificate is valid and not expired |
| http_status | pass/fail/warn | Returns HTTP 2xx status code |
| redirect_chain | pass/warn | No suspicious redirect patterns |
| safe_browsing | pass/fail | Not flagged by Google Safe Browsing |
| domain_age | pass/inconclusive | Domain has active DNS configuration |
Get a comprehensive trust profile of a domain. Checks WHOIS registration, DNS records, SSL certificate, nameserver quality, Google Safe Browsing, and domain age.
| Field | Type | Description |
|---|---|---|
| domainrequired | string | Domain name to verify (e.g. "google.com") |
curl -X POST https://trustping.co/v1/verify/domain \ -H "Authorization: Bearer tp_live_..." \ -H "Content-Type: application/json" \ -d '{"domain": "google.com"}'
{
"entity": "google.com",
"type": "domain",
"trust_score": 0.95,
"verdict": "pass",
"signals": [
{ "check": "whois_registered", "status": "pass", "detail": "Domain is registered with active DNS" },
{ "check": "dns_records", "status": "pass", "detail": "A, MX, AAAA, TXT records present" },
{ "check": "mx_records", "status": "pass", "detail": "Has MX records (can receive email)" },
{ "check": "nameservers", "status": "info", "detail": "Google Cloud DNS (enterprise-grade)" },
{ "check": "domain_age", "status": "pass", "detail": "Domain has active SOA record" },
{ "check": "ssl_certificate", "status": "pass", "detail": "Valid, issued by Google Trust Services, expires 2026-05-18" },
{ "check": "safe_browsing", "status": "pass", "detail": "Not flagged by Google Safe Browsing" }
],
"checked_at": "2026-03-21T00:26:46.383Z",
"cached": false,
"community_checks": 234
}
| Check | Status | Description |
|---|---|---|
| whois_registered | pass/fail | Domain is registered with active DNS |
| dns_records | pass/fail | A, MX, AAAA, TXT record presence |
| mx_records | pass | Domain can receive email |
| nameservers | info | Nameserver provider and quality |
| domain_age | pass/inconclusive | Domain has active SOA record |
| ssl_certificate | pass/fail/warn | SSL cert validity, issuer, and expiry |
| safe_browsing | pass/fail | Not flagged by Google Safe Browsing |
Get your current usage stats for today, including breakdown by endpoint and remaining quota.
curl https://trustping.co/v1/usage \
-H "Authorization: Bearer tp_live_..."
{
"plan": "free",
"daily_limit": 50,
"used_today": 12,
"remaining_today": 38,
"total_all_time": 347,
"breakdown": {
"email": 5,
"url": 4,
"domain": 3
},
"period_resets_at": "2026-03-22T00:00:00.000Z"
}
Health check endpoint. Use this to verify the API is running.
{
"status": "healthy",
"version": "0.1.0",
"uptime_seconds": 84723
}
All verification and usage endpoints require an API key. Include it in the Authorization header:
Authorization: Bearer tp_live_your_api_key_here
API keys are prefixed with tp_live_ and are 48 characters long. They are hashed on our end — we never store your key in plaintext. If you lose your key, use the /v1/auth/apikey endpoint to generate a new one.
Daily limits are enforced per API key and reset at midnight UTC.
| Plan | Daily limit | Price |
|---|---|---|
| Free | 50 checks | $0 |
| Pro | 5,000 checks | $19/month |
| Scale | 50,000 checks | $49/month |
Rate limit headers are included on every response:
X-RateLimit-Limit: 50 X-RateLimit-Remaining: 38 X-RateLimit-Reset: 2026-03-22T00:00:00.000Z
When you exceed your limit, you'll receive a 429 response with details about when your quota resets.
All errors follow the same JSON structure:
{
"error": {
"code": "UNAUTHORIZED",
"message": "Missing Authorization header. Use: Bearer tp_live_..."
}
}
| Status | Code | Meaning |
|---|---|---|
| 400 | VALIDATION_ERROR | Invalid or missing request body field |
| 401 | UNAUTHORIZED | Missing Authorization header |
| 403 | FORBIDDEN | Invalid API key |
| 404 | NOT_FOUND | Endpoint does not exist |
| 409 | EMAIL_EXISTS | Account with this email already exists |
| 429 | RATE_LIMIT_EXCEEDED | Daily quota exceeded |
| 500 | INTERNAL_ERROR | Something went wrong on our end |
All verification endpoints return the same response structure:
| Field | Type | Description |
|---|---|---|
| entity | string | The email, URL, or domain that was checked |
| type | string | email, url, or domain |
| trust_score | number | 0.0 to 1.0 — higher is more trustworthy |
| verdict | string | pass (≥0.7), warn (≥0.4), or fail (<0.4) |
| signals | array | Individual check results with check name, status, and detail |
| checked_at | string | ISO 8601 timestamp of the check |
| cached | boolean | Whether this result came from cache (1 hour TTL) |
| community_checks | number | How many other agents have checked this entity |