Introduction
The KryoGuard API provides a powerful set of tools to automate and streamline your compliance workflows. With our RESTful API, you can integrate key compliance tasks such as sanction screening, identity verification, KYC/KYB processes, transaction monitoring, and terms of service enforcement directly into your applications.
Our API is designed with simplicity and scalability in mind, offering predictable resource-oriented URLs, clear authentication methods, and easy-to-understand request and response formats. Whether you're managing large-scale operations or focusing on specific compliance tasks, the KryoGuard API is built to fit seamlessly into your existing systems.
In this documentation, you'll find everything you need to get started with the KryoGuard API—detailed guides, reference materials, and code examples to help you integrate, test, and implement our solutions with ease.
Authentication
KryoGuard uses OAuth 2.0's Client Credentials Grant to authenticate API requests. This method allows your application to obtain an access token using your client_id and client_secret.
You will need to include this token in the Authorization header for all subsequent API requests.
POST https://auth.kryoguard.com/realms/kryoguard-dev/protocol/openid-connect/token
Request Headers
| Header | Value |
|---|---|
Content-Type | application/x-www-form-urlencoded |
Request Parameter
| Parameter | Type | Description |
|---|---|---|
grant_type | string | Set to client_credentials. |
client_id | string | Your client ID. |
client_secret | string | Your client secret |
scope | string | Set to openid. |
Here's an example on how to obtain an access token:
import java.net.http.HttpClient;
import java.net.http.HttpRequest;
import java.net.http.HttpResponse;
import java.net.URI;
public class KryoGuardAuth {
public static void main(String[] args) throws Exception {
HttpClient client = HttpClient.newHttpClient();
HttpRequest request = HttpRequest.newBuilder()
.uri(new URI("https://auth.kryoguard.com/realms/kryoguard-dev/protocol/openid-connect/token"))
.header("Content-Type", "application/x-www-form-urlencoded")
.POST(HttpRequest.BodyPublishers.ofString(
"grant_type=client_credentials&client_id=kryoguard-client&client_secret=YOUR_CLIENT_SECRET&scope=openid"
))
.build();
HttpResponse<String> response = client.send(request, HttpResponse.BodyHandlers.ofString());
System.out.println(response.body());
}
}Sanction Screening
The Sanctions Search API allows developers to search for individuals, entities, and documents within the OFAC (Office of Foreign Assets Control), UN (United Nations), and UK (United Kingdom) sanction lists. This endpoint helps in automating compliance checks by providing detailed results based on the search criteria provided.
Endpoint
POST /api/search
Base URL:https://api-dev.kryoguard.com
Full Endpoint URL
https://api-dev.kryoguard.com/api/search
Method
POST
Request
Headers
| Key | Value | Required | Description |
|---|---|---|---|
Content-Type | application/json | Specifies the payload type. | |
Content-Type | Bearer <Your_JWT_Token> | JWT token for authentication and authorization. |
JSON Request Field Descriptions
The request body should be a JSON object containing the following fields:
| Field | Type | Required | Description |
|---|---|---|---|
individuals | Array | Optional | List of individuals to search for. Each entry is an object. |
entities | Array | Optional | List of entities to search for. Each entry is an object. |
documents | Array | Optional | List of documents to search for. Each entry is an object. |
Individual Object Fields
| Field | Type | Required | Description |
|---|---|---|---|
firstName | String | First name of the individual. | |
middleName | String | Optional | Middle name of the individual. |
lastName | String | Optional | Last name of the individual. |
dateOfBirth | String | Optional | Date of birth of the individual in YYYY-MM-DD format. |
gender | String | Optional | Gender of the individual (e.g., "Male" or "Female"). |
title | String | Optional | Title or honorific of the individual (e.g., "Dr.", "Mr.", "Ms."). |
address | Object | Optional | Address details of the individual. This is a nested object. |
Address Object Fields (for Individuals)
| Field | Type | Required | Description |
|---|---|---|---|
addressLine1 | String | Optional | The first line of the street address. |
addressLine2 | String | Optional | The second line of the street address (e.g., apartment or suite number). |
addressLine3 | String | Optional | The third line of the street address, if applicable. |
city | String | Optional | The city of the address. |
state | String | Optional | The state or province of the address. |
postalCode | String | Optional | The postal code of the address. |
zipCode | String | Optional | The ZIP code of the address (used primarily in the U.S.). |
region | String | Optional | The region or territory of the address. |
country | String | Optional | The country of the address. |
Entities Object
| Field | Type | Required | Description |
|---|---|---|---|
name | String | The name of the entity (e.g., organization, group, or company). | |
address | Object | Optional | The address details of the entity. |
Address Object for Entities
The address field in the Entities Object contains the following subfields:
| Field | Type | Required | Description |
|---|---|---|---|
addressLine1 | String | Optional | The first line of the entity's address. |
addressLine2 | String | Optional | The second line of the entity's address (e.g., suite number). |
addressLine3 | String | Optional | The third line of the entity's address, if applicable. |
city | String | Optional | The city of the entity's address. |
state | String | Optional | The state or province of the entity's address. |
postalCode | String | Optional | The postal code of the entity's address. |
zipCode | String | Optional | The ZIP code of the entity's address (primarily for the United States). |
region | String | Optional | The region or territory of the entity's address. |
country | String | Optional | The country of the entity's address. |
Documents Object Fields
| Field | Type | Required | Description |
|---|---|---|---|
documentNumber | String | Required | The unique number associated with the document (e.g., passport number). |
documentCountry | String | Required | The issuing country of the document. |
documentIssuingAuthority | String | Optional | The authority or organization that issued the document. |
documentType | String | Required | The type of document (e.g., Passport, ID Card). |
documentNationality | String | Required | The nationality associated with the document holder. |
Sample Code
import java.net.HttpURLConnection;
import java.net.URL;
import java.io.OutputStream;
public class SearchSanction {
public static void main(String[] args) throws Exception {
String url = "http://localhost:8080/api/search";
String token = "Bearer <YOUR_JWT_TOKEN>";
// JSON request body
String jsonInputString = "{ "individuals": [ { ...} ], "entities": [ { ... } ], "documents": [ {...} ] }";
// Open connection to the URL
URL obj = new URL(url);
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("POST");
con.setRequestProperty("Content-Type", "application/json");
con.setRequestProperty("Authorization", token);
con.setDoOutput(true);
// Send the JSON request body
try (OutputStream os = con.getOutputStream()) {
byte[] input = jsonInputString.getBytes("utf-8");
os.write(input, 0, input.length);
}
// Get response code and output
int responseCode = con.getResponseCode();
System.out.println("Response Code: " + responseCode);
}
}