Skip to main content

AML Change Monitoring - 5 Minutes Tutorial - API Integration

Prerequisites

The following information is required to be able to integrate with Authologic:

  • Developer portal credentials,
  • API Keys.

Developer Portal Credentials

The developer portal address and credentials were provided during onboarding.

Passwords And API Keys

During the onboarding you have received the API keys:

  • API key allowing communication with Authologic.
  • The key used to verify the data sent by Authologic by the callback mechanism.

Integration Overview

Authologic provides a simple and effective way to initialize the AML verification. The API process involves three key steps: initiating the verification through an external system, redirecting the user to the appropriate page, and receiving the verification results.

The entire process is called conversation. The following diagram represents the process logical flow:

  1. Start of the identity verification process. Your server calls the API method called: POST /api/conversations
  2. The response returns information about conversation identifier and status
  3. Authologic calls a callback on your server's side with the result of the verification
Please remember that in many cases gathering information requires additional time. When creating your system, it should be taken into account that the results of the verification process will be available to the user after some time, and thus it is desired to account for asynchronous communication.
Document describes how to track AML changes in the context of a specific user. If you want to learn more about AML product please start here.

Create a Conversation

The AML product describes how to create a user verification that includes one-time check of AML lists. However, in multiple cases you are interested in the changes to the AML list related to the user, so that you know when that person potentially appears on one of the sanction list.

The Authologic API uses the Basic Auth based authentication described, among others, at here(opens in new tab). Username and API key should be used as data. By using the curl tool we use the -u option which is responsible for the use of Basic Auth.

We will modify the example of setting up a conversation that we've used in our tutorial so that Authologic informs you us about any changes to the given AML lists related to this user:

curl -X POST -u my_login "https://sandbox.authologic.com/api/conversations" \
-H "accept: application/vnd.authologic.v1.1+json" \
-H "Content-Type: application/vnd.authologic.v1.1+json" \
-d '{
  "userKey": "7dfb9ded-c38f-49ae-95e2-307283a0b1f6",
  "returnUrl": "https://id.sandbox.authologic.com/c/{conversationId}/thankYou",
  "callbackUrl": "your_callback_url_here",
  "query": {
    "identity": {
      "requireOneOf": [
        [ "PERSON_NAME_FIRSTNAME", "PERSON_NAME_LASTNAME"]
      ]
    },
    "aml": {
      "checks": ["PEP", "SANCTIONS", "ADVERSE_MEDIA", "SIP", "OTHER"],
      "subscription": {}
    }
  }
}'
Due to the necessity of checking data in many external databases, the response time may be longer. Therefore the data may not be immediately available at the time of creation. We strongly recommend using the callback mechanism to receive the AML results along with other requested conversation products.

The difference in the query is adding the fragment: "subscription": {}. The answer is automatically expanded for subscription status, e.g .:

{
  "id": "c12c1adc-3ff0-4d32-b95c-c593135c903e",
  "userKey": "7dfb9ded-c38f-49ae-95e2-307283a0b1f6",
  "url": "https://sandbox.authologic.com/c/c12c1adc-3ff0-4d32-b95c-c593135c903e",
  "status": "CREATED",
  "result": {
    "identity": {
      "status": "IN_PROGRESS",
      "user": {}
    },
    "aml": {
      "status": "IN_PROGRESS",
      "subscription": {
        "active": true
      }
    }
  }
}

After the first check, there will also be an additional lastChanged field containing the date the last content change was detected AML lists provided in the query.

{
  "id": "c12c1adc-3ff0-4d32-b95c-c593135c903e",
  "userKey": "7dfb9ded-c38f-49ae-95e2-307283a0b1f6",
  "url": "https://sandbox.authologic.com/c/c12c1adc-3ff0-4d32-b95c-c593135c903e",
  "status": "FINISHED",
  "result": {
    "identity": {
      "status": "FINISHED",
      "user": {
        "person": {
          "name": {
            "firstName": "Maria",
            "lastName": "Sochacka"
          }
        }
      }
    },
    "aml": {
      "status": "FINISHED",
      "found": ["PEP", "SANCTIONS", "ADVERSE_MEDIA", "SIP", "OTHER"],
      "subscription": {
        "active": true,
        "lastChanged": "2022-08-12T13:42:53.018798Z"
      }
    }
  },
  "info": [
    {
      "country": "PL",
      "method": "PSD2"
    }
  ]
}

Information About Changes

After detecting changes in monitored AML lists, Authologic automatically sends information about it via the callback mechanism, where target = SUBSCRIPTION and event = NEW_DATA. The general structure of callbacks is described in the dedicated callbacks section.

Subscription Cancellation

Authlogic performs AML monitoring until the subscription is canceled. This continues until the DELETE /api/subscriptions/{conversationId}/aml method call. After successfully unsubscribing, the system responds with a header HTTP: 204 No Content.

What's Next

Combining Products

Combining multiple products together in a single request.

Testing

Learn how to test your integration.

Productionize

What to do before going to production.

WebSDK

Embedding the verification process within your website.

Embedding the verification process within your website is completely optional. Using redirection in your process if sufficient and more than enough to start working with Authologic. You can consider it when you would like the process to be a part of the web application.

Additional Information

Bank Transactions Data

Detailed description of the bank transactions data retrieval.

Account Information Retrieval

Description of the bank transactions account data information retrieval.

Statistics Retrieval

Detailed description of the bank transactions statistics retrieval.

Troubleshooting

Callbacks

Not being able to receive callbacks.

Errors

Verification failure reasons.

Statuses

Handling various conversation statuses.

FAQ

Frequently asked questions.

Deprecations

Deprecated features and options list.

Despite our sincere intentions, it is difficult to create perfect technical documentation. If you have an idea on how to improve this documentation, or you have trouble understanding any section, please email us at tech-support@authologic.com
Was this page helpful?
Powered by Authologic Nisaba