openapi: 3.0.3
info:
title: sanctions.io API
description: >-
The sanctions.io API provides sanctions, PEP (politically exposed persons),
and criminal watchlist screening for AML compliance. It covers the
Screening API (v2.3) - real-time single search, batch screening of up to
10,000 records per request, adverse media search, data source listing, and
full database export - and the Monitoring API (v3.1) for continuous
monitoring with alerts, plus account management (tokens, company and
webhook configuration, users, plans, usage). All requests require a Bearer
API token in the Authorization header; the API version is selected with
the Accept header, for example "application/json; version=2.3" (the
adverse media endpoint requires version=3.0). Sign up for a self-serve
7-day free trial at https://api.sanctions.io/users/signup to obtain a key.
version: '2.3'
contact:
name: sanctions.io
url: https://www.sanctions.io
email: info@sanctions.io
termsOfService: https://www.sanctions.io/terms-of-service
servers:
- url: https://api.sanctions.io
description: Production
security:
- bearerAuth: []
tags:
- name: Screening
description: Real-time single screening against sanctions, PEP, and criminal watchlists.
- name: Batch Screening
description: Screen up to 10,000 names in a single request.
- name: Adverse Media
description: Keyword search of news articles for adverse media screening (requires Accept version=3.0).
- name: Data Sources
description: Sanctions and watchlist sources available for screening, and database export.
- name: Monitoring
description: Continuous monitoring entries, alerts, and result review.
- name: Account Management
description: API tokens, company and webhook configuration, users, plans, and usage.
paths:
/search/:
get:
operationId: createScreeningRequest
tags:
- Screening
summary: Screen a name in real time
description: >-
Queries the sanctions, criminal watchlist, and PEP databases for a
name and returns scored matches. Supports individuals, entities,
vessels, and aircraft. Results include the confidence score, matched
record details, the originating data source, and the echoed search
parameters.
parameters:
- $ref: '#/components/parameters/acceptVersion'
- name: name
in: query
required: true
description: Primary name of the entity being screened (maximum 15 words). Full legal name for individuals; registered name for organizations.
schema:
type: string
example: Walter White
- name: min_score
in: query
required: true
description: Minimum match confidence score (0.8-1.0) for a result to count as a match. Recommended starting value 0.88; 0.93 for stricter matching.
schema:
type: number
format: float
minimum: 0.8
maximum: 1.0
example: 0.88
- name: data_source
in: query
required: true
description: Comma-separated watchlist short codes (from the sources endpoint) or a Screening Collection, e.g. "sdn,nonsdn,uk-sanctions". Include ADV-MEDIA to add adverse media.
schema:
type: string
example: sdn,nonsdn
- name: entity_type
in: query
required: false
description: Type of the screened entity. Strongly recommended to improve performance and match accuracy.
schema:
type: string
enum:
- individual
- entity
- vessel
- aircraft
- name: country
in: query
required: false
description: ISO 3166-1 alpha-2 country associated with the entity (nationality/residence for individuals, incorporation/operating country for organizations).
schema:
type: string
example: US
- name: date_of_birth
in: query
required: false
description: Date of birth (YYYY-MM-DD). Strongly recommended for individuals, particularly for PEP screening.
schema:
type: string
format: date
example: '1956-01-01'
- name: identifier
in: query
required: false
description: Additional identifier (passport number, national ID, tax ID, email, company domain, SWIFT code, IMO number, aircraft registration, wallet address; max 120 characters) screened in parallel with the name.
schema:
type: string
maxLength: 120
- name: external_identifier
in: query
required: false
description: Client-defined identifier stored and returned in results so alerts map back to your internal records.
schema:
type: string
example: ABC123
- name: name_match_boosting_threshold
in: query
required: false
description: Optional threshold (0.8-1.0, recommended 0.93-0.95) above which high-confidence name matches are boosted in the overall confidence score.
schema:
type: number
format: float
minimum: 0.8
maximum: 1.0
example: 0.94
responses:
'200':
description: Paginated screening matches plus the echoed search parameters.
content:
application/json:
schema:
$ref: '#/components/schemas/ScreeningResponse'
'401':
$ref: '#/components/responses/Unauthorized'
/search/batch/:
get:
operationId: listBatchScreenings
tags:
- Batch Screening
summary: List batch screenings
description: Returns a paginated list of batch screening requests submitted by your account.
parameters:
- $ref: '#/components/parameters/acceptVersion'
- $ref: '#/components/parameters/page'
responses:
'200':
description: Paginated list of batch screenings.
content:
application/json:
schema:
$ref: '#/components/schemas/PaginatedList'
'401':
$ref: '#/components/responses/Unauthorized'
post:
operationId: createBatchScreening
tags:
- Batch Screening
summary: Create a batch screening
description: >-
Screens up to 10,000 names in a single API request - ideal for
periodic customer base audits, bulk vendor onboarding, or regulatory
reporting. Each record supports the same parameters as real-time
screening. Webhook events notify you when batch results are ready.
parameters:
- $ref: '#/components/parameters/acceptVersion'
requestBody:
required: true
content:
application/json:
schema:
type: array
maxItems: 10000
items:
$ref: '#/components/schemas/BatchScreeningRecord'
example:
- external_identifier: customer-identifier-1
name: Walther White
min_score: '0.88'
entity_type: individual
data_source: FSL
- external_identifier: customer-identifier-2
name: Pied Piper
entity_type: entity
min_score: '0.88'
data_source: FSL
responses:
'201':
description: Batch screening accepted for processing.
'401':
$ref: '#/components/responses/Unauthorized'
/search/batch/{batch_query_id}/:
get:
operationId: retrieveBatchScreening
tags:
- Batch Screening
summary: Retrieve a batch screening
description: Retrieves a batch screening request and its processing status by ID.
parameters:
- $ref: '#/components/parameters/acceptVersion'
- $ref: '#/components/parameters/batchQueryId'
responses:
'200':
description: Batch screening detail.
'401':
$ref: '#/components/responses/Unauthorized'
'404':
$ref: '#/components/responses/NotFound'
delete:
operationId: deleteBatchScreening
tags:
- Batch Screening
summary: Delete a batch screening
description: Deletes a batch screening request by ID.
parameters:
- $ref: '#/components/parameters/acceptVersion'
- $ref: '#/components/parameters/batchQueryId'
responses:
'204':
description: Batch screening deleted.
'401':
$ref: '#/components/responses/Unauthorized'
'404':
$ref: '#/components/responses/NotFound'
/search/batch-result/{batch_result_id}/:
get:
operationId: getBatchScreeningResult
tags:
- Batch Screening
summary: Get a batch screening result
description: Retrieves the results of a completed batch screening by result ID.
parameters:
- $ref: '#/components/parameters/acceptVersion'
- name: batch_result_id
in: path
required: true
description: The batch result identifier.
schema:
type: string
responses:
'200':
description: Batch screening results.
'401':
$ref: '#/components/responses/Unauthorized'
'404':
$ref: '#/components/responses/NotFound'
/search/media/:
get:
operationId: searchAdverseMedia
tags:
- Adverse Media
summary: Search adverse media
description: >-
Searches news articles related to specific individuals, entities, or
subjects using custom keywords, across 60,000+ global news sources.
Requires the Accept header "application/json; version=3.0". To include
adverse media in batch screening or monitoring, pass the ADV-MEDIA
short code in data_source.
parameters:
- name: Accept
in: header
required: true
description: Must be "application/json; version=3.0" for this endpoint.
schema:
type: string
example: application/json; version=3.0
- name: name
in: query
required: true
description: Name of the individual, entity, or subject to search news coverage for.
schema:
type: string
- name: keywords
in: query
required: false
description: Custom keywords to focus the adverse media search on relevant risk topics.
schema:
type: string
responses:
'200':
description: Matching news articles with source and relevance details.
'401':
$ref: '#/components/responses/Unauthorized'
/sources/:
get:
operationId: listDataSources
tags:
- Data Sources
summary: List data sources
description: >-
Returns a paginated list of all sanctions and watchlist sources
available for screening. Use each result's short_name as the short
code in the data_source screening parameter (multiple values
comma-separated). Some sources include a notes field with usage
guidance.
parameters:
- $ref: '#/components/parameters/acceptVersion'
- $ref: '#/components/parameters/page'
responses:
'200':
description: Paginated list of data sources.
content:
application/json:
schema:
type: object
properties:
count:
type: integer
example: 49
next:
type: string
nullable: true
example: https://api.sanctions.io/sources/?page=2
previous:
type: string
nullable: true
results:
type: array
items:
$ref: '#/components/schemas/DataSource'
'401':
$ref: '#/components/responses/Unauthorized'
/exporter/:
get:
operationId: exportSanctionsDatabase
tags:
- Data Sources
summary: Export the sanctions database
description: >-
Returns a full export of the sanctions and crime database as a CSV
file. A specific plan subscription is required to access this
endpoint.
parameters:
- $ref: '#/components/parameters/acceptVersion'
responses:
'200':
description: CSV export of the sanctions and crime database.
content:
text/csv:
schema:
type: string
format: binary
'401':
$ref: '#/components/responses/Unauthorized'
'429':
$ref: '#/components/responses/TooManyRequests'
/monitoring/:
get:
operationId: getMonitoringList
tags:
- Monitoring
summary: List monitoring entries
description: >-
Returns the list of monitored entities. Supports pagination and search,
filtering by alerts, review status, and combined filters.
parameters:
- $ref: '#/components/parameters/acceptVersion'
- $ref: '#/components/parameters/page'
- name: page_size
in: query
required: false
description: Number of entries per page.
schema:
type: integer
- name: search
in: query
required: false
description: Search term to filter monitoring entries.
schema:
type: string
- name: alerts
in: query
required: false
description: Filter entries by whether they have open alerts.
schema:
type: boolean
- name: review_status
in: query
required: false
description: Filter entries by review status.
schema:
type: string
responses:
'200':
description: Paginated list of monitoring entries.
content:
application/json:
schema:
$ref: '#/components/schemas/PaginatedList'
'401':
$ref: '#/components/responses/Unauthorized'
post:
operationId: createMonitoringEntry
tags:
- Monitoring
summary: Create a monitoring entry
description: >-
Adds an entity to continuous monitoring. The entity is re-screened
against the selected data sources as lists update, and new matches or
record changes raise alerts (deliverable by webhook).
parameters:
- $ref: '#/components/parameters/acceptVersion'
requestBody:
required: true
content:
application/json:
schema:
$ref: '#/components/schemas/MonitoringEntryCreate'
example:
min_score: 0.88
data_source: sdn,nonsdn
name: Walter White
country: US
entity_type: individual
date_of_birth: '1956-01-01'
external_identifier: ABC123
responses:
'201':
description: Monitoring entry created.
'401':
$ref: '#/components/responses/Unauthorized'
/monitoring/{monitoring_entry_id}/:
get:
operationId: getMonitoringEntryDetail
tags:
- Monitoring
summary: Get a monitoring entry
description: Retrieves a monitoring entry and its current match state by ID.
parameters:
- $ref: '#/components/parameters/acceptVersion'
- $ref: '#/components/parameters/monitoringEntryId'
responses:
'200':
description: Monitoring entry detail.
'401':
$ref: '#/components/responses/Unauthorized'
'404':
$ref: '#/components/responses/NotFound'
delete:
operationId: deleteMonitoringEntry
tags:
- Monitoring
summary: Delete a monitoring entry
description: Removes an entity from continuous monitoring.
parameters:
- $ref: '#/components/parameters/acceptVersion'
- $ref: '#/components/parameters/monitoringEntryId'
responses:
'204':
description: Monitoring entry deleted.
'401':
$ref: '#/components/responses/Unauthorized'
'404':
$ref: '#/components/responses/NotFound'
/monitoring/result/{monitoring_result_id}/:
get:
operationId: getMonitoringResultDetail
tags:
- Monitoring
summary: Get a monitoring result
description: Retrieves the detail of a monitoring result (a match raised for a monitored entity) by ID.
parameters:
- $ref: '#/components/parameters/acceptVersion'
- $ref: '#/components/parameters/monitoringResultId'
responses:
'200':
description: Monitoring result detail.
'401':
$ref: '#/components/responses/Unauthorized'
'404':
$ref: '#/components/responses/NotFound'
put:
operationId: updateMonitoringResult
tags:
- Monitoring
summary: Update a monitoring result
description: Reviews or resolves a monitoring result, for example marking it as a Real Positive with reviewer notes.
parameters:
- $ref: '#/components/parameters/acceptVersion'
- $ref: '#/components/parameters/monitoringResultId'
requestBody:
required: true
content:
application/json:
schema:
type: object
properties:
status:
type: string
example: Real Positive
text:
type: string
example: Entity matches with sanctions record
responses:
'200':
description: Monitoring result updated.
'401':
$ref: '#/components/responses/Unauthorized'
'404':
$ref: '#/components/responses/NotFound'
/tokens/:
get:
operationId: listApiTokens
tags:
- Account Management
summary: List API tokens
description: Lists the API tokens on your account.
parameters:
- $ref: '#/components/parameters/acceptVersion'
responses:
'200':
description: List of API tokens.
'401':
$ref: '#/components/responses/Unauthorized'
post:
operationId: createApiToken
tags:
- Account Management
summary: Create an API token
description: Creates a new API token for your account.
parameters:
- $ref: '#/components/parameters/acceptVersion'
responses:
'201':
description: API token created.
'401':
$ref: '#/components/responses/Unauthorized'
/tokens/{token_key}:
delete:
operationId: deleteApiToken
tags:
- Account Management
summary: Delete an API token
description: Deletes (revokes) an API token by key.
parameters:
- $ref: '#/components/parameters/acceptVersion'
- name: token_key
in: path
required: true
description: The key of the token to delete.
schema:
type: string
responses:
'204':
description: API token deleted.
'401':
$ref: '#/components/responses/Unauthorized'
/company/:
get:
operationId: getCompany
tags:
- Account Management
summary: Get company
description: Retrieves your company details.
parameters:
- $ref: '#/components/parameters/acceptVersion'
responses:
'200':
description: Company detail.
'401':
$ref: '#/components/responses/Unauthorized'
put:
operationId: editCompany
tags:
- Account Management
summary: Edit company
description: Updates your company details.
parameters:
- $ref: '#/components/parameters/acceptVersion'
responses:
'200':
description: Company updated.
'401':
$ref: '#/components/responses/Unauthorized'
/company/config/:
get:
operationId: getCompanyConfig
tags:
- Account Management
summary: Get company config
description: Retrieves the company configuration, including any registered webhook endpoint.
parameters:
- $ref: '#/components/parameters/acceptVersion'
responses:
'200':
description: Company configuration.
'401':
$ref: '#/components/responses/Unauthorized'
put:
operationId: editCompanyConfig
tags:
- Account Management
summary: Edit company config
description: >-
Updates the company configuration, including registering or changing
the webhook endpoint URL. Webhook creation returns a hash_secret used
to verify the SHA-256 x-sanctions-security signature on delivered
events; the secret cannot be retrieved again later.
parameters:
- $ref: '#/components/parameters/acceptVersion'
responses:
'200':
description: Company configuration updated.
'401':
$ref: '#/components/responses/Unauthorized'
/user/:
get:
operationId: listCompanyUsers
tags:
- Account Management
summary: List company users
description: Lists the users on your company account, with pagination.
parameters:
- $ref: '#/components/parameters/acceptVersion'
- $ref: '#/components/parameters/page'
- name: page_size
in: query
required: false
description: Number of users per page.
schema:
type: integer
example: 25
responses:
'200':
description: Paginated list of users.
'401':
$ref: '#/components/responses/Unauthorized'
post:
operationId: inviteUser
tags:
- Account Management
summary: Invite a user
description: Invites a new user to your company account.
parameters:
- $ref: '#/components/parameters/acceptVersion'
responses:
'201':
description: User invited.
'401':
$ref: '#/components/responses/Unauthorized'
/user/{user_uuid}:
get:
operationId: getUser
tags:
- Account Management
summary: Get a user
description: Retrieves a company user by UUID.
parameters:
- $ref: '#/components/parameters/acceptVersion'
- $ref: '#/components/parameters/userUuid'
responses:
'200':
description: User detail.
'401':
$ref: '#/components/responses/Unauthorized'
'404':
$ref: '#/components/responses/NotFound'
patch:
operationId: updateUser
tags:
- Account Management
summary: Update a user
description: Updates a company user by UUID.
parameters:
- $ref: '#/components/parameters/acceptVersion'
- $ref: '#/components/parameters/userUuid'
responses:
'200':
description: User updated.
'401':
$ref: '#/components/responses/Unauthorized'
'404':
$ref: '#/components/responses/NotFound'
delete:
operationId: deleteUser
tags:
- Account Management
summary: Delete a user
description: Deletes a company user by UUID.
parameters:
- $ref: '#/components/parameters/acceptVersion'
- $ref: '#/components/parameters/userUuid'
responses:
'204':
description: User deleted.
'401':
$ref: '#/components/responses/Unauthorized'
'404':
$ref: '#/components/responses/NotFound'
/plans/:
get:
operationId: manageSubscriptions
tags:
- Account Management
summary: Manage subscriptions
description: Retrieves the plan subscriptions on your account.
parameters:
- $ref: '#/components/parameters/acceptVersion'
responses:
'200':
description: Plan subscriptions.
'401':
$ref: '#/components/responses/Unauthorized'
/searches/count:
get:
operationId: listScreeningsCount
tags:
- Account Management
summary: Count screenings
description: Returns the count of screenings performed by your account, for usage tracking against plan volume.
parameters:
- $ref: '#/components/parameters/acceptVersion'
responses:
'200':
description: Screening count.
'401':
$ref: '#/components/responses/Unauthorized'
components:
securitySchemes:
bearerAuth:
type: http
scheme: bearer
description: >-
API token from the sanctions.io user portal, passed as "Authorization:
Bearer {token}". The token may also be sent as a URL parameter, but
the Authorization header is recommended.
parameters:
acceptVersion:
name: Accept
in: header
required: false
description: >-
Selects the API version, e.g. "application/json; version=2.3".
Without the header, version 1.0 is used by default.
schema:
type: string
example: application/json; version=2.3
page:
name: page
in: query
required: false
description: Page number for paginated results.
schema:
type: integer
example: 1
batchQueryId:
name: batch_query_id
in: path
required: true
description: The batch screening identifier.
schema:
type: string
monitoringEntryId:
name: monitoring_entry_id
in: path
required: true
description: The monitoring entry identifier.
schema:
type: string
monitoringResultId:
name: monitoring_result_id
in: path
required: true
description: The monitoring result identifier.
schema:
type: string
userUuid:
name: user_uuid
in: path
required: true
description: The user UUID.
schema:
type: string
responses:
Unauthorized:
description: Authentication credentials were not provided or are invalid.
content:
application/json:
schema:
$ref: '#/components/schemas/Error'
example:
detail: Authentication credentials were not provided.
NotFound:
description: The requested resource was not found.
content:
application/json:
schema:
$ref: '#/components/schemas/Error'
TooManyRequests:
description: Too many requests or the plan does not permit this operation.
content:
application/json:
schema:
$ref: '#/components/schemas/Error'
schemas:
Error:
type: object
properties:
detail:
type: string
PaginatedList:
type: object
properties:
count:
type: integer
next:
type: string
nullable: true
previous:
type: string
nullable: true
results:
type: array
items:
type: object
DataSource:
type: object
properties:
short_name:
type: string
description: Short code used in the data_source screening parameter.
example: HM TREASURY
name:
type: string
example: UK Sanctions List (HM Treasury)
notes:
type: string
description: Optional usage guidance, such as recommending a source be combined with another.
ScreeningMatch:
type: object
properties:
confidence_score:
type: number
format: float
example: 1.0
name:
type: string
alt_names:
type: array
items:
type: string
entity_type:
type: string
example: Entity
address:
type: array
items:
type: string
country_residence:
type: array
items:
type: string
nationality:
type: array
items:
type: string
data_source:
type: object
properties:
name:
type: string
short_name:
type: string
remarks:
type: string
si_identifier:
type: string
description: sanctions.io-specific unique identifier for the record.
first_import:
type: string
format: date-time
last_update:
type: string
format: date-time
data_hash:
type: string
description: Changes when the underlying record changes.
ScreeningResponse:
type: object
properties:
count:
type: integer
next:
type: string
nullable: true
previous:
type: string
nullable: true
results:
type: array
items:
$ref: '#/components/schemas/ScreeningMatch'
search:
type: object
properties:
params:
type: object
timestamp:
type: string
format: date-time
api_version:
type: string
example: '2.3'
id:
type: string
format: uuid
BatchScreeningRecord:
type: object
required:
- name
- min_score
- data_source
properties:
external_identifier:
type: string
name:
type: string
min_score:
type: string
example: '0.88'
entity_type:
type: string
enum:
- individual
- entity
- vessel
- aircraft
data_source:
type: string
country:
type: string
date_of_birth:
type: string
format: date
identifier:
type: string
name_match_boosting_threshold:
type: number
format: float
MonitoringEntryCreate:
type: object
required:
- name
- min_score
- data_source
properties:
min_score:
type: number
format: float
example: 0.88
data_source:
type: string
example: sdn,nonsdn
name:
type: string
example: Walter White
country:
type: string
example: US
entity_type:
type: string
enum:
- individual
- entity
- vessel
- aircraft
date_of_birth:
type: string
format: date
example: '1956-01-01'
identifier:
type: string
external_identifier:
type: string
example: ABC123
name_match_boosting_threshold:
type: number
format: float