{"activeVersionTag":"latest","latestAvailableVersionTag":"latest","collection":{"info":{"_postman_id":"cdfe3f9f-06c8-4f51-adf5-67b368b33bd4","name":"RiskNarrative API","description":"RiskNarrative, a platform which brings fraud detection, identity verification, eKYC and AML compliance into a single easy-to-configure environment. An overview of the platform can be found on [https://risk.lexisnexis.co.uk/products/risknarrative](https://null). This API guide explains how to acquire credentials for the services, how to configure the services to enforce the necessary checks, what our team will do to support y our activities and how each of the services works.\n\nThe API is a RESTful interface allowing the services to be integrated with all common web programming languages and clients.\n\n# Overview\n\nAt RiskNarrative we receive customers data, either text or an image, and perform checks to confirm the identity, acquire further details of the customer and/or spot potentially fraudulent activity.  \nThere are various checks we can run which are all set up with our customers through consultation.\n\nTo start these checks RiskNarrative have two main API endpoints:\n\n**Run Journey** – Run Journey is the RiskNarrative endpoint for single applications. This endpoint will run a journey that checks the incoming application and provide a decision solely based on that application. Within that application there can only be one entity such as a person or a company. It will not process multiple entities. Run Journey is predominantly used in scenarios where you want to perform a one-off standalone check such as a PEP/Sanctions or electronic identity check, dependant on your configuration.\n\n**Run Strategy** – Run Strategy is the account endpoint for RiskNarrative. The Run Strategy allows you to run a full onboarding strategy for multiple entities such as persons or companies and financial transactions. The Run Strategy endpoint allows you to group multiple entities under the one account, for example business onboarding where you have a business and persons associated to the account. It will also allow you to link a financial account and financial transactions under an account to allow you to perform transaction monitoring and payment screening. This endpoint works well for customers who are looking for a full onboarding strategy that consists of multiple different entity types.\n\nWhen the agreed checks up are setup, we place them into what we call a **Journey**.  \nA customer may have more than one journey depending on their data or business strategy.\n\nAs a developer you will need to call the relevant journey or strategy to start the checks. We will show you an example of a typical customer journey set up and how their business process will interact with that journey.\n\n**What exactly is a Journey?**\n\nA journey is made up of 4 parts:\n\n- The first part is a **scorecard** which is optional and consists of rules that can be set up to determine what happens next, for example if the applicant is matched to the customers own watch list then instantly decline.\n    \n- The second step of the journey is where you configure the **apps** which are checks against external services. Examples could be a UK supplier of credit data or a supplier of PEP and sanctions data. Multiple apps can be included or left out entirely.\n    \n- The third step is where the **ruleset** is configured. This is where the results of the data checks in step 2 above can be scored in accordance with the risk appetite of the customer, for example ID Verification. We will score the fact that the name & address can be verified against the chosen data sources but also score the fact that the name has been matched to a Sanction file.\n    \n- The last step is the **decision matrix** which is where we create a decision list based on the potential scores set up in the previous step. A simple example may be if the score is a negative, then the decision is an 'Alert', if the score is between 0 and 99 then the decision is 'Partial' and if the score is 100+ then the decision is 'Pass'. These values are all customer configurable. These values returned will be key to what the next step is in the customer journey that you develop. For example in many cases, if we cannot verify the identity in the first run through the journey, the customer will then ask for a document to verify identity, that then can pass through another journey.\n    \n\n# Getting Started\n\nOnce signed up to the platform, RiskNarrative will provide the following to get you started:\n\n- A username and password for test and production environments\n    \n- An ID for either a test journey or test strategy on the test environment to allow you to run a simple check and receive a response\n    \n\nThis API guide allows you to generate service calls in a number of languages and also provides a Postman collection of the services below.\n\n_Note that most of the attributes sent and received are self explanatory. Only attributes requiring further explanation are included in this guide._\n\n# Integration patterns\n\nThe diagrams below show examples of how client systems integrate with the API to carry out common onboarding tasks\n\n- [Simple consumer onboarding](https://files.risknarrative.cloud/api/API%20Pattern%20-%20Consumer%20Onboarding-20230713-081144.png)\n    \n- [Onboarding using guided capture](https://files.risknarrative.cloud/api/API%20Pattern%20-%20Onboarding%20with%20Guided%20Capture-20230713-081218.png)\n    \n- [Corporate Onboarding](https://files.risknarrative.cloud/api/API%20Pattern%20-%20Corporate%20Onboarding-20230713-081201.png)\n    \n\n# References\n\nWhen making an API call to RiskNarrative there is some key references that can be used in either a Run Journey or Run Strategy call:\n\n**Customer Reference** – The customer reference is a reference that is displayed in the RiskNarrative UI. This reference can be used to help users’ cross reference between the RiskNarrative platform and your own internal systems. RiskNarrative will only use this reference as a display in the UI.\n\n**Client Application Reference (CAR)** – Client Application Reference is a key reference within the RiskNarrative platform. You can provide a reference value for the CAR but if you do not RiskNarrative will auto-populate a value. This reference is what links the entity in an API call to future API calls. So, you can retire and re-run the same entity.\n\nIn a run journey call this is field clientApplicationReference  \nIn a run strategy call this is field clientReference\n\n**Account Reference** – When using Run Strategy you create an account and this account requires a reference to allow multiple entities to be added to the account. Providing the account reference on subsequent API calls will link the entities together under one account. You can provide a reference value for the Account Reference but if you do not RiskNarrative will auto-populate a value. The Account Reference is a key reference to link all entities under the same account and account status.\n\nWhen you receive a response from the Run Journey and Run Strategy APIs there is some other key references of which to take note of.\n\n**Run ID** – This is a RiskNarrative reference and is used to obtain data returned from any 3rd party app calls with in the API call. This ID is of use when investigating the responses from a 3rd party app call, such as when an unexpected response is received or an error.\n\n**UID** – This is the RiskNarrative reference for the entity in the API call. If there are multiple entities in the Run Strategy call, there will be a UID for each entity. The UID can be used in other post or get calls such as to obtain managed screen info. You will also find the UID in most webhook responses.\n\n# Support\n\nAs part of your onboarding onto the RiskNarrative platform, you will have dedicated support from our experienced Professional Services team. Please raise any queries regarding your technical integration or configuration with your key contact who can assist. Once you have gone live with RiskNarrative, you will be supported by our Customer Success team to ensure you receive the most value from the platform.\n\n# Summary of Error Messages\n\n| Message | Header | Code | Error Code |\n| --- | --- | --- | --- |\n| You are not licenced to use this module. | Not Licenced | \\- | 83100 |\n| You don’t have permission to access {Entities}. | Access Denied | \\- | 8200 |\n| You don’t have permission to access this resource. | Access Denied | \\- | 8100 |\n| You don’t have sufficient permission on {Entities} to perform this action. | Invalid Action | \\- | 8210 |\n| You are not licenced to use this product. | Not Licenced | \\- | 8300 |\n| The user {User} does not have sufficient permission on {Entities} to undertake this action. | Invalid Action | \\- | 8220 |\n| This action is not supported for this {Entity} | Action Not Supported | \\- | 6100 |\n| The {Entity} could not be found or you do not have access. | Not found | \\- | 4100 |\n| Business not found. | \\- | \\- | 41000 |\n| You are not licenced to use this {Entity} type. | Not Licenced | \\- | 8310 |\n| The enquiry status is invalid for viewing in this resource | Invalid Status | \\- | 4240 |\n| You do not have sufficient permission to view the enquiry in it’s. | Invalid Action | \\- | 4230 |\n| Invalid token supplied for this request. | Invalid Access Token | \\- | 5110 |\n| Monitor not started | \\- | \\- | 2300 |\n| Sorry, we have encountered an error, please contact your system administrator. | Sorry, we have encountered an error! | GENERIC_ERROR | 2200 |\n| Data load failed | Service Error | DATA_LOAD_FAILED | 4500 |\n| This link is no longer valid. | Invalid link | \\- | 4220 |\n| There was a critical database error. | Database Error | \\- | 2100 |\n| This {Entity} is not accessible. | Action Not Supported | \\- | 6101 |\n| Missing required field '{field}' | Missing Required Field | \\- | 4310 |\n| Failed to update credentials for organisation {OrgId} and application {AppId}. | Failed to update credentials | \\- | 2000 |\n| The identity provider is not supported by your organisation. | Access Denied | \\- | 8600 |\n| We could not verify your account with the identify provider. | Invalid Action | \\- | 8602 |\n| Generic server error | Generic server error | \\- | 22000 |\n| Code clean up required | Code clean up required | \\- | 10 |\n| You did not log out of your last session. | Multiple Sessions | \\- | 8410 |\n| Access denied. | Access denied. | \\- | 8400 |\n| Access denied. | Access denied. | \\- | 8420 |\n| Unauthorized | Unauthorized | \\- | 401 |\n| The identity provider user credentials do not match. | Access Denied | \\- | 8601 |\n| Organisation not recognised. | Organisation not recognised. | \\- | 8500 |\n| Status of this {Entity} cannot be changed | Invalid Action | \\- | 2400 |\n| You do not have a RiskNarrative user account. | No user account | \\- | 8001 |\n| Multiple SAML messaged found. | Invalid SSO Request. | \\- | 8604 |\n| No SAML message found. | Invalid SSO Request. | \\- | 8603 |\n| The {Entity} has been deleted. | Deleted | \\- | 4101 |\n| User not found. | Access denied. | \\- | 8401 |\n| '{field}' missing for {entity}{name}. | Missing Field | \\- | 4312 |\n| The {field} '{value}' already exists for another {entity}. | Duplicate Field | \\- | 4311 |\n| You don’t have permission to edit this resource from your position in the {Entities} hierarchy. | Access Denied | \\- | 8101 |\n| Access to this {Entity} is forbidden. | Forbidden | \\- | 403 |\n| {field} not expected in this request | Not Expected | \\- | 4311 |\n| NOT IN USE | NOT IN USE | \\- | 10001 |\n| This link has expired or has been typed incorrectly. | Invalid Request | \\- | 5111 |\n| This {Entity} is not supported. | Not supported | \\- | 6101 |\n| Bad Request. | Bad Request | \\- | 400 |\n| Not Found. | Not Found | \\- | 404 |\n\n# Authentication\n\nThe API uses Basic Auth over HTTPS. You can pass your credentials as a Base64-encoded header or as parameters in a webservice client such as Postman. RiskNarrative will provide these credentials on signing up to the platform.\n\nThe client credentials are concatenated with a colon (:) and base64-encoded before being sent in the Authorization header.\n\n```\ncurl {BASEURI} -u '{USERNAME}:{PASSWORD}'\nGET / HTTP/1.1\nHost: {HOST}\nAuthorization: Basic \n\n ```\n\n# Environments\n\nTesting should take place in the PreProduction environment before moving to the Production environment\n\n| Domain | Purpose | Outgoing IP Addresses |\n| --- | --- | --- |\n| [https://pp.trunarrative.cloud](https://pp.trunarrative.cloud) | Testing | 35.177.158.89  <br>35.178.90.97 |\n| [https://trunarrative.cloud](https://trunarrative.cloud) | Live (UK Instance) | 35.176.129.51  <br>35.176.214.248 |\n| [https://us.trunarrative.cloud](https://us.trunarrative.cloud) | Live (US Instance) | 3.13.7.156  <br>3.139.41.185 |\n| [https://eu.trunarrative.cloud](https://eu.trunarrative.cloud) | Live (EU Instance) | 52.58.49.166  <br>18.156.158.162 |\n| [https://apac.trunarrative.cloud](https://apac.trunarrative.cloud) | Live (APAC Instance) | 52.77.109.65  <br>52.76.190.225 |\n| [https://au.trunarrative.cloud](https://au.trunarrative.cloud) | Live (AU Instance) | 3.104.216.117  <br>52.64.212.131 |\n\nPlease be advised Run Strategy and Run Journey IDs do not persist across environments. Therefore, each environment will likely have different ID values for the API calls.\n\n# Validation\n\nInput fields are subject to the general validation rules below. See the service descriptions further below for specific rules.\n\n| Field type | Allowed characters | Min length | Max length | Example |\n| --- | --- | --- | --- | --- |\n| Name | a-z (lowercase), A-Z (uppercase),Unicode 4e00-9eff (Common Chinese), ', -, space | 2 | 50 | John Smith |\n| Other text value | a-z (lowercase), A-Z (uppercase), 0-9 Numeric, Unicode 4e00-9eff (Common Chinese), space, /, -, !, ., +, comma, _, (), %, #, @, &, ', carriage return, Line feed | 0 | 500 | The quick brown fox jumped over the lazy dog |\n| URL | a-z (lowercase), A-Z (uppercase), 0-9, space, /, -, !, ., +, =, comma, _, (), %, &, ', :, ?, carriage return, Line feed | n/a | n/a | [https://www.trunarrative.cloud/?api=true&amp;validation=1](https://null) |\n| Telephone | 0-9, (), space, +, - | 1 | 20 | +44 (0) 020 3887 1539 |\n| Email | [x@x.xx](https://null) | 6 | 100 | [info@trunarrative.com](https://null) |\n| Postcode | a-z (lowercase), A-Z (uppercase), 0-9 Numeric, space | 0 | 10 | LS2 7JF |\n\n# Supported Files\n\nBatch Files  \nMaximum Size: 50MB  \nMinimum Size: 1KB\n\n| Supported Files | MimeType |\n| --- | --- |\n| XLS | application/vnd.ms-excel |\n| XLSX | application/vnd.openxmlformats-officedocument.spreadsheetml.sheet |\n| CSV | text/csv |\n\nDocuments  \nMaximum Size: 10MB  \nMinimum Size: 1KB\n\n| Supported Files | MimeType |\n| --- | --- |\n| JPEG | image/jpeg |\n| JPG | image/jpeg |\n| PDF | application/pdf |\n| PNG | image/png |\n| RTF | application/rtf |\n| TXT | text/plain |\n| DOC | application/msword |\n| DOCX | application/vnd.openxmlformats-officedocument.wordprocessingml.document |\n| XLS | application/vnd.ms-excel |\n| XLSX | application/vnd.openxmlformats-officedocument.spreadsheetml.sheet |\n\nIdentity Documents  \nMaximum Size: 10MB  \nMinimum Size: 3KB\n\n| Supported Files | MimeType |\n| --- | --- |\n| JPEG | image/jpeg |\n| JPG | image/jpeg |\n| PDF | application/pdf |\n\nMedia  \nMaximum Size: 50MB  \nMinimum Size: 1KB\n\n| Supported Files | MimeType |\n| --- | --- |\n| AVI | video/avi |\n| FLV | video/flv/json |\n| JSON | video/json |\n| MKV | video/mkv |\n| MOV | video/mov |\n| MP3 | audio/mp3 |\n| MP4 | video/mp4 |\n| WEBM | video/webm |\n| WMV | video/wmv |\n\n# Backwards Compatibility\n\nThe webservice requests and responses will remain backward compatible in that no field will be deleted, no field's meaning will change and no field's spelling will change. Enhancements to the services will be made by adding new fields or, where the service behaviour needs to change, a new service with a different path will be introduced","schema":"https://schema.getpostman.com/json/collection/v2.0.0/collection.json","isPublicCollection":false,"owner":"21037509","collectionId":"cdfe3f9f-06c8-4f51-adf5-67b368b33bd4","publishedId":"2s9YC2yYG1","public":true,"publicUrl":"https://api.trunarrative.com","privateUrl":"https://go.postman.co/documentation/21037509-cdfe3f9f-06c8-4f51-adf5-67b368b33bd4","customColor":{"top-bar":"FFFFFF","right-sidebar":"303030","highlight":"FF6C37"},"documentationLayout":"classic-double-column","customisation":{"metaTags":[{"name":"description","value":""},{"name":"title","value":""}],"appearance":{"default":"light","themes":[{"name":"dark","logo":null,"colors":{"top-bar":"212121","right-sidebar":"303030","highlight":"FF6C37"}},{"name":"light","logo":null,"colors":{"top-bar":"FFFFFF","right-sidebar":"303030","highlight":"FF6C37"}}]}},"version":"8.10.1","publishDate":"2025-04-01T13:53:49.000Z","activeVersionTag":"latest","documentationTheme":"light","metaTags":{"title":"","description":""},"logos":{"logoLight":null,"logoDark":null}},"statusCode":200},"environments":[],"user":{"authenticated":false,"permissions":{"publish":false}},"run":{"button":{"js":"https://run.pstmn.io/button.js","css":"https://run.pstmn.io/button.css"}},"web":"https://www.getpostman.com/","team":{"logo":"https://res.cloudinary.com/postman/image/upload/t_team_logo_pubdoc/v1/team/80a8c7ef5a1e4a83e0d8bb4d8a207bd6d94b728e2d087eb3b929fc3c010ee261","favicon":"https://res.cloudinary.com/postman/image/upload/v1679670359/team/hjqbgefjgkgwmbdwlwsr.ico"},"isEnvFetchError":false,"languages":"[{\"key\":\"csharp\",\"label\":\"C#\",\"variant\":\"HttpClient\"},{\"key\":\"csharp\",\"label\":\"C#\",\"variant\":\"RestSharp\"},{\"key\":\"curl\",\"label\":\"cURL\",\"variant\":\"cURL\"},{\"key\":\"dart\",\"label\":\"Dart\",\"variant\":\"http\"},{\"key\":\"go\",\"label\":\"Go\",\"variant\":\"Native\"},{\"key\":\"http\",\"label\":\"HTTP\",\"variant\":\"HTTP\"},{\"key\":\"java\",\"label\":\"Java\",\"variant\":\"OkHttp\"},{\"key\":\"java\",\"label\":\"Java\",\"variant\":\"Unirest\"},{\"key\":\"javascript\",\"label\":\"JavaScript\",\"variant\":\"Fetch\"},{\"key\":\"javascript\",\"label\":\"JavaScript\",\"variant\":\"jQuery\"},{\"key\":\"javascript\",\"label\":\"JavaScript\",\"variant\":\"XHR\"},{\"key\":\"c\",\"label\":\"C\",\"variant\":\"libcurl\"},{\"key\":\"nodejs\",\"label\":\"NodeJs\",\"variant\":\"Axios\"},{\"key\":\"nodejs\",\"label\":\"NodeJs\",\"variant\":\"Native\"},{\"key\":\"nodejs\",\"label\":\"NodeJs\",\"variant\":\"Request\"},{\"key\":\"nodejs\",\"label\":\"NodeJs\",\"variant\":\"Unirest\"},{\"key\":\"objective-c\",\"label\":\"Objective-C\",\"variant\":\"NSURLSession\"},{\"key\":\"ocaml\",\"label\":\"OCaml\",\"variant\":\"Cohttp\"},{\"key\":\"php\",\"label\":\"PHP\",\"variant\":\"cURL\"},{\"key\":\"php\",\"label\":\"PHP\",\"variant\":\"Guzzle\"},{\"key\":\"php\",\"label\":\"PHP\",\"variant\":\"HTTP_Request2\"},{\"key\":\"php\",\"label\":\"PHP\",\"variant\":\"pecl_http\"},{\"key\":\"powershell\",\"label\":\"PowerShell\",\"variant\":\"RestMethod\"},{\"key\":\"python\",\"label\":\"Python\",\"variant\":\"http.client\"},{\"key\":\"python\",\"label\":\"Python\",\"variant\":\"Requests\"},{\"key\":\"r\",\"label\":\"R\",\"variant\":\"httr\"},{\"key\":\"r\",\"label\":\"R\",\"variant\":\"RCurl\"},{\"key\":\"ruby\",\"label\":\"Ruby\",\"variant\":\"Net::HTTP\"},{\"key\":\"shell\",\"label\":\"Shell\",\"variant\":\"Httpie\"},{\"key\":\"shell\",\"label\":\"Shell\",\"variant\":\"wget\"},{\"key\":\"swift\",\"label\":\"Swift\",\"variant\":\"URLSession\"}]","languageSettings":[{"key":"csharp","label":"C#","variant":"HttpClient"},{"key":"csharp","label":"C#","variant":"RestSharp"},{"key":"curl","label":"cURL","variant":"cURL"},{"key":"dart","label":"Dart","variant":"http"},{"key":"go","label":"Go","variant":"Native"},{"key":"http","label":"HTTP","variant":"HTTP"},{"key":"java","label":"Java","variant":"OkHttp"},{"key":"java","label":"Java","variant":"Unirest"},{"key":"javascript","label":"JavaScript","variant":"Fetch"},{"key":"javascript","label":"JavaScript","variant":"jQuery"},{"key":"javascript","label":"JavaScript","variant":"XHR"},{"key":"c","label":"C","variant":"libcurl"},{"key":"nodejs","label":"NodeJs","variant":"Axios"},{"key":"nodejs","label":"NodeJs","variant":"Native"},{"key":"nodejs","label":"NodeJs","variant":"Request"},{"key":"nodejs","label":"NodeJs","variant":"Unirest"},{"key":"objective-c","label":"Objective-C","variant":"NSURLSession"},{"key":"ocaml","label":"OCaml","variant":"Cohttp"},{"key":"php","label":"PHP","variant":"cURL"},{"key":"php","label":"PHP","variant":"Guzzle"},{"key":"php","label":"PHP","variant":"HTTP_Request2"},{"key":"php","label":"PHP","variant":"pecl_http"},{"key":"powershell","label":"PowerShell","variant":"RestMethod"},{"key":"python","label":"Python","variant":"http.client"},{"key":"python","label":"Python","variant":"Requests"},{"key":"r","label":"R","variant":"httr"},{"key":"r","label":"R","variant":"RCurl"},{"key":"ruby","label":"Ruby","variant":"Net::HTTP"},{"key":"shell","label":"Shell","variant":"Httpie"},{"key":"shell","label":"Shell","variant":"wget"},{"key":"swift","label":"Swift","variant":"URLSession"}],"languageOptions":[{"label":"C# - HttpClient","value":"csharp - HttpClient - C#"},{"label":"C# - RestSharp","value":"csharp - RestSharp - C#"},{"label":"cURL - cURL","value":"curl - cURL - cURL"},{"label":"Dart - http","value":"dart - http - Dart"},{"label":"Go - Native","value":"go - Native - Go"},{"label":"HTTP - HTTP","value":"http - HTTP - HTTP"},{"label":"Java - OkHttp","value":"java - OkHttp - Java"},{"label":"Java - Unirest","value":"java - Unirest - Java"},{"label":"JavaScript - Fetch","value":"javascript - Fetch - JavaScript"},{"label":"JavaScript - jQuery","value":"javascript - jQuery - JavaScript"},{"label":"JavaScript - XHR","value":"javascript - XHR - JavaScript"},{"label":"C - libcurl","value":"c - libcurl - C"},{"label":"NodeJs - Axios","value":"nodejs - Axios - NodeJs"},{"label":"NodeJs - Native","value":"nodejs - Native - NodeJs"},{"label":"NodeJs - Request","value":"nodejs - Request - NodeJs"},{"label":"NodeJs - Unirest","value":"nodejs - Unirest - NodeJs"},{"label":"Objective-C - NSURLSession","value":"objective-c - NSURLSession - Objective-C"},{"label":"OCaml - Cohttp","value":"ocaml - Cohttp - OCaml"},{"label":"PHP - cURL","value":"php - cURL - PHP"},{"label":"PHP - Guzzle","value":"php - Guzzle - PHP"},{"label":"PHP - HTTP_Request2","value":"php - HTTP_Request2 - PHP"},{"label":"PHP - pecl_http","value":"php - pecl_http - PHP"},{"label":"PowerShell - RestMethod","value":"powershell - RestMethod - PowerShell"},{"label":"Python - http.client","value":"python - http.client - Python"},{"label":"Python - Requests","value":"python - Requests - Python"},{"label":"R - httr","value":"r - httr - R"},{"label":"R - RCurl","value":"r - RCurl - R"},{"label":"Ruby - Net::HTTP","value":"ruby - Net::HTTP - Ruby"},{"label":"Shell - Httpie","value":"shell - Httpie - Shell"},{"label":"Shell - wget","value":"shell - wget - Shell"},{"label":"Swift - URLSession","value":"swift - URLSession - Swift"}],"layoutOptions":[{"value":"classic-single-column","label":"Single Column"},{"value":"classic-double-column","label":"Double Column"}],"versionOptions":[],"environmentOptions":[{"value":"0","label":"No Environment"}],"canonicalUrl":"https://api.trunarrative.com/view/metadata/2s9YC2yYG1"}