Watchlist Person - Developers Documentation

## Overview This is the previous version of the PEP and sanctions product. It provides similar functionality to the current version, but uses different URLs. It offers real-time screening against multiple global PEP and sanctions sources, improving geographic coverage and overall match quality. It’s designed to support initial risk assessment and ongoing due diligence. Our platform consolidates data from global PEP lists, government sanctions lists, anti-terrorism lists, CIA lists, and bespoke geographic lists. PEP and sanctions monitoring supports due diligence by checking whether a person or entity appears on any PEP or sanctions lists. This version also includes a **backoffice portal** where you can: - **Review previously performed scans** and inspect results - **Trigger new scans directly from the portal**, in addition to using the API A PEP (Politically Exposed Person) is someone who holds—or has held—a prominent public position, as well as their close relatives or associates. As a result, a PEP match may also include “PEPs by relation,” also known as RCA (Relatives or Close Associates). A sanctions listing indicates that an individual or entity is subject to official restrictions imposed by a government or international body (for example, asset freezes, travel bans, or limits on doing business). ### Capabilities The API provides two primary capabilities: - **PEP and Sanctions Check:** Run a one-time check against global PEP and sanctions lists to determine whether an entity is flagged. - **PEP and Sanctions Monitoring:** Continuously monitor an entity against global PEP and sanctions lists for updates or changes. ## Core Functionalities ### Environments We maintain environments you can use: - Test: https://test-gateway.zignsec.com/ - Production: https://gateway.zignsec.com/ ### Authentication Each request to our API should be authenticated by sending your subscription key in the “Authorization” header. Our support creates subscription keys for you (a pair for each environment), and it’s highly recommended to regularly rotate the keys (currently it’s done by sending a support request, but please let us know if you’d like to automate it). If you need different configurations, it’s possible to register multiple tenants and configure them differently. ### REST API #### Headers | Header | Description | Required | | ------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------- | | Authorization | This header parameter is the subscription key you received from ZignSec during the registration process. Example: Authorization: 123456add0cff22873c428e987654321 | Yes | | Content-Type | Specifies the media type of the request body data. Set to application/json if JSON object. | Yes | #### API specification and documentation #### API Endpoints These endpoints support running a PEP (Politically Exposed Person) screening (“scan”) and optionally enrolling the subject for ongoing monitoring. A “scan-only” request and a “scan + monitoring” request use the same **Create session** endpoint—controlled by the `update_monitoring_list` parameter. ##### Create session POST /core/api/sessions/identity_check/pep_global_member_check - [Link to Swagger ](https://test-gateway.zignsec.com/#/Watchlist%20-%20Person/postIdentityCheckPepGlobalMemberCheck) Creates a new **PEP Global Member Check** session and executes an initial screening based on the provided subject data. - Use this endpoint for: - **Standard PEP scan (one-off screening)** - **PEP scan with monitoring enrollment** (adds/updates the subject in the monitoring list) - Monitoring behavior is controlled by: - `update_monitoring_list = false` → scan only (does not enroll/update monitoring) - `update_monitoring_list = true` → scan and enroll/update the subject for monitoring Returns a session object that includes the session identifier and the results/metadata needed to retrieve details later. ##### Get session details GET /core/api/sessions/identity_check/pep_global_member_check/{id} - [Link to Swagger](https://test-gateway.zignsec.com/#/Watchlist%20-%20Person/getIdentityCheckPepGlobalMemberCheck) Retrieves details for an existing **PEP Global Member Check** session by its `{id}`. Use this endpoint to: - Fetch the full screening results and session metadata - Check the current state/status of the session - Re-read the result payload after the initial creation call ##### Enable / Disable monitoring POST /core/api/sessions/identity_check/pep_global_member_check/enable_monitoring -[Link to Swagger ](https://test-gateway.zignsec.com/core/api/sessions/identity_check/pep_global_member_check/enable_monitoring) Enables or disables ongoing monitoring for a subject associated with a PEP Global Member Check workflow. Use this endpoint to: - Turn monitoring **on** for a subject (start receiving updates/alerts based on matches) - Turn monitoring **off** for a subject (stop monitoring updates/alerts) This is typically used after an initial scan when you want to change monitoring status without creating a new screening session. ### Request example ```bash curl --request POST \ --url https://test-gateway.zignsec.com/core/api/sessions/identity_check/pep_global_member_check \ --header 'Content-Type: application/json' \ --header 'authorization: your api key' \ --data '{ "gdpr_user_id": "string", "metadata": { "address": "string", "blank_address": "Ignore", "close_match_rate_threshold": 80, "dob": "string", "exclude_deceased_persons": "No", "first_name": "string", "full_name": "string", "gender": "Male", "include_web_search": "No", "last_name": "string", "match_type": "Exact", "middle_name": "string", "pep_jurisdiction": "Apply", "residence": "Ignore", "update_monitoring_list": "Yes", "whitelist": "Ignore" }, "relay_state": "string", "webhook": "string" }' ``` | Input data | Description | Required | | -------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------- | | match_type | Used to determine how closely a watchlist entity must match a person before being considered a match. | No | | close_match_rate_threshold | Used to refine Close Match results by setting a Close Match Rate threshold (1 to 100). This is only applicable if matchType is Close. | No | | whitelist | Used for eliminating match results previously determined to not be a true match. | No | | residence | Used for eliminating match results where the person and matching entity have a different Country of Residence. | No | | blank_address | Used in conjunction with the preset Default Country of Residence in the Organisation's Scan Settings in the web application to apply the default Country if person addresses are blank. | No | | pep_jurisdiction | Used for eliminating/including match results where the matching watchlist entity is a PEP whose country of Jurisdiction is selected for exclusion/inclusion in the organisation's settings. | No | | exclude_deceased_persons | Used for eliminating deceased persons in match results. | No | | first_name | person's First Name - this field is mandatory (unless you are entering an Full Name). To specify a mononym (single name), enter a dash (-) in this parameter and the mononym in lastName. | Yes | | middle_name | person's Middle Name - if available. | | | last_name | person's Last Name - this field is mandatory (unless you are entering an Full Name). | | | full_name | This parameter is available if the Compliance Officer has enabled the setting Original Script Search/Full Name in the Organisation Settings. This parameter has multiple uses and supports either the individual's full name in original script text (e.g. Cyrillic, Arabic, Chinese etc), or the full Latin-based name if you are unable to separate based on First, Middle and Last Name. This field is mandatory, unless you are entering a First and Last Name. | | | gender | person's gender - if available. Male, Female and blank are acceptable values. | | | dob | person's Date of Birth - if available, using the format DD/MM/YYYY or YYYY. Matching is performed on date of birth, for exact matches, if it is entered. | | | address | person's Address - there are no restrictions imposed on the format. No matching is performed on address but it is used for comparing country of residence when the Residence Policy is applied. | | | include_result_entities | Include full profile information of all matched entities to be returned in resultEntity. This is enabled by default if not explicitly defined. | | | `update_monitoring_list` | Used for adding the person to the Monitoring List. Please note that if an existing person with the same clientId/personNumber exists in the Monitoring List, it will be replaced. | | | include_web_search | Used for including adverse media results on the web using Google search engine. | | ### Response example ``` json { "data":{ "id":"example-id-12345", "result":{ "dataSources":"ExampleProvider", "matchedEntities":[ { "category":"POI", "decisionDetail":{ "assessedRisk":"Unallocated", "comment":null, "matchDecision":"NotReviewed", "text":"Not Reviewed" }, "dob":"YYYY", "firstName":"Example", "middleName":"", "lastName":"Person", "matchRate":100, "matchedFields":"FullPrimaryName, Country", "primaryLocation":"Example Institution, Example City, Example Country", "resultEntity":{ "uniqueId":99999999, "category":"POI", "dataSource":"ExampleProvider", "deceased":"NO", "generalInfo":{ "nationality":"ExampleNationality" }, "nationalities":[ "ExampleNationality" ], "dateOfBirth":"YYYY", "primaryLocation":"Example Institution, Example City, Example Country", "profileOfInterests":[ { "category":"Other Public Figures", "positions":[ { "country":"ExampleCountry", "from":"YYYY-MM-DD", "to":"YYYY-MM-DD", "position":"Example Position Title" } ] } ], "importantDates":[ { "dateType":"Date of Birth", "dateValue":"YYYY" } ], "sources":[ { "categories":"Identity, Profile Of Interest", "details":[ { "captureDate":"YYYY-MM-DD", "categories":"Identity", "summary":"Example source describing the subject." } ] } ], "descriptions":[ { "description1":"Profile of Interest (POI)", "description2":"", "description3":"" } ] }, "resultId":11111111 } ], "matchedNumber":1, "metadata":{ "message":"1 match found for PEP and Sanctions." }, "scanId":22222222, "webSearchResults":[ ] } } } ``` ### Response (flattened summary) | Field | Type | Description | | ---------------------------- | -------------- | ------------------------------------------------- | | category | string | Match category (e.g., POI = Profile of Interest). | | dob | string | Date/year of birth (as provided by datasource). | | firstName | string | Matched first name. | | middleName | string | Matched middle name(s). Empty if none. | | lastName | string | Matched last name. | | matchRate | integer | Similarity score / match percentage. | | matchedFields | string | Fields that contributed to the match. | | primaryLocation | string | Main associated location. | | resultId | integer | Result record identifier (match instance). | | uniqueId | integer | Datasource unique identifier for the entity. | | decisionDetail | object | Review/decision metadata for this match. | | decisionDetail.assessedRisk | string | Risk classification (workflow-driven). | | decisionDetail.matchDecision | string | Review decision status. | | decisionDetail.text | string | Display label for the decision. | | decisionDetail.comment | string \| null | Reviewer comment (if any). | | resultEntity | object | Full enriched entity profile from the datasource. | ### matchedEntities[] (one match object) | Field | Type | Description | | ------------------ | ------------------- | ------------------------------------------------------ | | uniqueId | integer | Datasource unique identifier (same as match uniqueId). | | dataSource | string | Datasource name. | | category | string | Category code. | | categories | string | Human-readable category name. | | primaryFirstName | string | Primary first name. | | primaryLastName | string | Primary last name. | | gender | string | Gender. | | dateOfBirth | string | DOB / birth year. | | nationalities | array[string] | Nationality labels. | | nationalitiesCodes | array[string] | Nationality ISO codes. | | primaryLocation | string | Primary location string. | | locations | array[object] | Structured locations for the entity. | | images | array[string] | Image URLs. | | image | string | Primary image URL (may duplicate `images[0]`). | | lastReviewed | string (YYYY-MM-DD) | Last reviewed date in the datasource. | | suggestedRisk | string | Suggested risk rating from datasource/workflow. | | generalInfo | object | General attributes (e.g., nationality text). | | profileOfInterests | array[object] | POI category + held positions. | | importantDates | array[object] | Key dates (DOB, etc.). | | sources | array[object] | Source references backing the profile. | | officialLists | array | Official sanctions/PEP lists associated (if any). | | deceased | string | Deceased flag as string. | | deceasedDate | string \| null | Deceased date if known. | | oldProfile | boolean | Whether the record is marked as an older profile. | | identifiers | array | Identifiers (passport, etc.) if present. | | linkedCompanies | array | Linked company entities (if any). | | linkedIndividuals | array | Linked individuals (if any). | | furtherInformation | string \| null | Additional info if present. | ### resultEntity (enriched entity profile) | Field | Type | Description | |---|---|---| | uniqueId | integer | Datasource unique identifier (same as match uniqueId). | | dataSource | string | Datasource name. | | category | string | Category code. | | categories | string | Human-readable category name. | | primaryFirstName | string | Primary first name. | | primaryLastName | string | Primary last name. | | gender | string | Gender. | | dateOfBirth | string | DOB / birth year. | | nationalities | array[string] | Nationality labels. | | nationalitiesCodes | array[string] | Nationality ISO codes. | | primaryLocation | string | Primary location string. | | locations | array[object] | Structured locations for the entity. | | images | array[string] | Image URLs. | | image | string | Primary image URL (may duplicate `images[0]`). | | lastReviewed | string (YYYY-MM-DD) | Last reviewed date in the datasource. | | suggestedRisk | string | Suggested risk rating from datasource/workflow. | | generalInfo | object | General attributes (e.g., nationality text). | | profileOfInterests | array[object] | POI category + held positions. | | importantDates | array[object] | Key dates (DOB, etc.). | | sources | array[object] | Source references backing the profile. | | officialLists | array | Official sanctions/PEP lists associated (if any). | | deceased | string | Deceased flag as string. | | deceasedDate | string \| null | Deceased date if known. | | oldProfile | boolean | Whether the record is marked as an older profile. | | identifiers | array | Identifiers (passport, etc.) if present. | | linkedCompanies | array | Linked company entities (if any). | | linkedIndividuals | array | Linked individuals (if any). | | furtherInformation | string \| null | Additional info if present. | ### webSearchResults[] (one item) | Field | Type | Description | |---|---|---| | title | string | Result title. | | link | string (URL) | Target URL. | | displayLink | string | Display domain. | | snippet | string | Plain-text snippet. | | htmlTitle | string | HTML-formatted title (may include `<b>`). | | htmlSnippet | string | HTML-formatted snippet. | | formattedUrl | string | Display-friendly URL. | | htmlFormattedUrl | string | HTML-formatted URL. | | kind | string | Search result type identifier. | | mime | string \| null | MIME type if known. | | fileFormat | string \| null | File format if known. |