AML Without Identity - 5 Minutes Tutorial - API Integration
Prerequisites
The following information is required to be able to integrate with Authologic:
- Developer portal credentials,
- API Keys.
Developer Portal Credentials
The developer portal address and credentials were provided during onboarding.
Passwords And API Keys
During the onboarding you have received the API keys:
- API key allowing communication with Authologic.
- The key used to verify the data sent by Authologic by the callback mechanism.
Integration Overview
The entire process is called conversation. The following diagram represents the process logical flow:
- Start of the identity verification process. Your server calls the API method called: POST /api/conversations
- The response returns information about conversation identifier and status
- Authologic calls a callback on your server's side with the result of the verification
curl tool to show the API operation.
If you have not dealt with it, you can find a short guide on it here(opens in new tab).
Of course, there is nothing to prevent you from using the swagger tool directly, which you will find at the
link: here,
or any other tool, such as Postman or Insomnia.Creating a Conversation
Basic Auth based authentication described, among others, at
here(opens in new tab). Username and API key should be used as data.
By using the curl tool we use the -u option which is responsible for the use of Basic Auth.In order to retrieve information about the user's presence on the AML lists, a conversation must be created. In this
example we will use the aml product. When using the aml product it is necessary to
specify which lists should be checked and provide the data that should be checked. However, in comparison to the AML
process with identity check we will provide the user details in the request that creates the conversation and initializes
the process. Example:
curl -X POST -u my_login "https://sandbox.authologic.com/api/conversations" \
-H "accept: application/vnd.authologic.v1.1+json" \
-H "Content-Type: application/vnd.authologic.v1.1+json" \
-d '{
"userKey": "7dfb9ded-c38f-49ae-95e2-307283a0b1f6",
"returnUrl": "https://id.sandbox.authologic.com/c/{conversationId}/thankYou",
"callbackUrl": "your_callback_url_here",
"query": {
"aml": {
"checks": ["PEP", "SANCTIONS", "ADVERSE_MEDIA", "SIP", "OTHER"],
"user": {
"firstName": "Maria",
"lastName": "Sochacka",
"birthDate": "1964-05-11",
"nationality": "PL",
"nationalId": "72111102379"
}
}
}
}'
Of course, instead of my_login enter your login. You should be prompted for a password - at that point you should
enter the API key (do not confuse it with the password to the customer panel).
In the example above, we have set conversation to check the following lists:
PEP- List of persons in politically exposed positionsSANCTIONS- List of individuals for whom sanctions have been implementedSIP- List of individuals with high risk, typically involved in criminal activities or suspicious activity has been found in the past. May have been involved in court proceedings, had previous criminal allegations, or been involved in financial crimes such as money laundering and terrorist financing.ADVERSE_MEDIA- List of publications related to a personOTHER- List of RCAs and individuals categorized in AML lists different from PEP, SIP or SANCTIONS.
A conversation defined in this way, in response to a query about its status, immediately returns the result, without the
need for interaction with the user. The result will also be sent using the callback mechanism.
Downloading Detailed Information
Having information on which lists the user was found on, it is possible to download a detailed report containing the collected information, e.g.:
curl -u my_login "https://sandbox.authologic.com/api/conversations/c12c1adc-3ff0-4d32-b95c-c593135c903e/aml/PEP" \
-H "accept: application/vnd.authologic.v1.1+json" \
-H "Content-Type: application/vnd.authologic.v1.1+json"
Parameterizing the call of the above method with the name of the AML list PEP, SANCTIONS, SIP, ADVERSE_MEDIA, OTHER,
we get the first page of results for a given list.
The response structure varies depending on the selected AML list. A detailed description of the response structure can be found in the AML product details section.
Example Test Data
We have prepared test data sets on a sandbox environment.
In order to obtain differentiated results, in the field query.aml.user.lastName, one of the following names should be given:
Putin-PEP,SANCTIONS,SIP,ADVERSE_MEDIA,OTHERShoygu-SANCTIONSKwaśniewski-SIPBiden-PEPTrzaskowski-ADVERSE MEDIAKowalski- empty AML listAcme- Results AML not available
If you enter a name that is not on the list, the data associated with the name Putin will appear in the results.
The above data sets are also valid when running the AML change monitoring functionality.
Then, after 2 and 5 minutes after the first data, we simulate changes in the results of AML lists. The related callback
notifications are also sent.