Your organization is set up on the Validation Gateway by ICP as part of onboarding. Once that’s done, you sign in to the portal with your email and password (with a one-time passcode if 2FA is enabled), and everything below is self-service.
Who can do what
The portal has two client roles:| Role | Can do |
|---|---|
| Org Root User | Full control of your organization: create/revoke API keys, register and manage devices, manage team members. |
| Org User | Read-only access: view keys, devices, methods, transactions, and analytics. |
What’s in the portal
Your organization owns these resources, each on its own screen:| Area | Screen | What it’s for |
|---|---|---|
| Overview | Summary | Verification analytics, method breakdown, KPIs. |
| Transactions | History of every verification (journey), with status and date filters. | |
| Operations | Methods | The verification methods enabled for your organization. |
| API Keys | Create and manage the credentials your SDK authenticates with. | |
| Devices | Register and manage the devices running the SDK. | |
| Finance | Balance & Metering | Wallet balance and per-method usage. |
| Access Control | Users | Manage your team members. |
Getting to SDK credentials
The one path every developer needs:Create an API key
Go to Operations → API Keys, create a key, and capture the key ID and key secret. The secret is shown once. See API keys.
Scope it to methods
Pick which of your organization’s enabled methods the key may call.
Wire it into your integration
Embed the key ID in the SDK and keep the secret in your backend’s secret manager — the SDK never receives it directly. See Authentication.
What you need before writing code
Base URL
The Validation Gateway API base URL for your environment.
API key ID
The non-secret identifier embedded in the SDK config.
API key secret
Stored in your backend’s secret manager; used only to sign JWTs.
Enabled methods
The verification methods available to your organization.