Please enable JavaScript to view this site.

This API support an integration of the Signant Customer Due Diligence (CDD) measure with CDD owner business applications.

The purpose of this API is to enable the CDD owner to initiate CDD measures for one or more clients, and to collect CDD documentation and information to its respective customer record.

 

The CDD API

The API is a .NET Core REST based API that you can call using regular HTTP/HTTPS requests.

Service address: https://test3.signant.no/cdd/api/

 

The basic concept

The sequence diagram below illustrates the steps involved in order to perform the CDD on a single customer. For recurring measures the step 2-7 may be executed in a batch operation over the desired collection of clients.

 

 

cdd_api_sequence_diagram

 

 

 

The CDD API steps

1.

The CDD owner initiate a CDD request.

2.

Integrated system create a CDD request.

This step creates a CDD request ID and leaves a callback URL in the Signant CDD engine.

3.

Return the CDD request ID to the integrated system. Integrated system constructs the client dedicated URL.

4.

Notify the customer of a CDD measure to be performed.

5.

Customer end user navigates to the client dedicated URL to access the CDD form.

6.

Signant CDD signals the integrated system of a completed CDD measure.

7.

Integrated system request the CDD data

8.

Signant CDD transfer CDD data to the integrated system.

9.

CDD owner view and validates the collected CDD documentation and information entered by the customer end user.

 

Roles in the sequence diagram

CDD owner - The entity or company obliged to perform Customer Due Diligence.

Integrated system - Business application used by the CDD owner to collect customer data and identifying information.

Signant CDD - Signant API and services to perform CDD measures.

End user - A natural person representing either himself for identification of natural person, or the legal representative of a non natural person.

 

Security

The Signant CDD API require the following credentials in each function call:

 

API Key

A key identifying the integrator system.

Merchant handle

A handle identifying the CDD owner.

Access code

Access code to enable CDD owner usage of the API.

 

The API key should be embedded by the vendor of integrator system.

The Merchant handle and Access code should be configurable, and the CDD owner should be able to enter these values into the integrator system.

 

The credentials are provided to the REST API as HTTP headers, and the header names to use are:

x-api-key

x-merchant-handle

x-merchant-accesscode

 

 

 

Function - Create Request (GET from api/request/create)

The Create Request function initialize a CDD request and must be executed from the integrated system.

Function parameters.

Name

Description

Required

category

which category of CDD request we want. Is it a personal CDD request or a company one. Available

options are personal and company.

Yes

callbackUrl

The URL that Signant CDD should call back to once the end user has filled in and signed the

requested data. If not provided the callback url configured for the integrator will be used.

No

 

 

Return value

Name

Description

Required

ID

The CDD_ID identifies the CDD Request, and is the link between CDD data to the Customer/Client in the integrated system.

The CDD_ID is returned in the body content and must be kept by the integrator system for later inquiries related to the requested CDD measure.

Yes

 

 

Code sample - CDD API Create Request

using (var client = new HttpClient())

{

   client.DefaultRequestHeaders.Add("X-Api-Key", "<ApiKey>");

   client.DefaultRequestHeaders.Add("X-Merchant-Handle", "<Merchant_Handle>");

   client.DefaultRequestHeaders.Add("X-Merchant-AccessCode","<Merchant_AccessCode>");

 

   var response = client.GetAsync("https://signant.com/cdd/api/request/create?                                    category=<category>&callbackUrl=<callbackUrl>").Result;

   var requestId = response.Content.ReadAsStringAsync().Result;

}

 

 

 

Client dedicated URL to the CDD form

The CDD request ID returned by the Create Request is to be used in a dedicated URL to the CDD form like this:

 

 

This URL can be distributed and presented to the customer in your customer portal or simply sent by mail to the respective customer.

 

 

Function - Get Data (GET from api/data/get/<id>)

<id> - The CDD request ID also used in the customer dedicated customer path of the url is the request id.

 

Sample code - Get Data

using (var client = new HttpClient())

{

  client.DefaultRequestHeaders.Add("X-Api-Key", "<ApiKey>");

  client.DefaultRequestHeaders.Add("X-Merchant-Handle", "<Merchant_Handle>");

  client.DefaultRequestHeaders.Add("X-Merchant-AccessCode","<Merchant_AccessCode>");

 

  var response =

  client.GetAsync("https://signant.com/cdd/api/data/get/<CDD request ID>").Result;

}

 

Return Value

The Get Data function returns a zip file named <request id>.zip containing the signed document, related files and a json file with the data from the form used. This is returned as a binary stream with content type "application/octet-stream".

 

Sample response header

api-supported-versions: 1.0  content-disposition: attachment;

filename=4ffef7decd6f4347851fbc737e9a4e4c.zip; filename*=UTF-

8''4ffef7decd6f4347851fbc737e9a4e4c.zip  content-length: 51117  content-type:

application/octet-stream  date: Thu,23 Jun 2022 09:35:10 GMT  server: Microsoft-

IIS/10.0  x-powered-by: ASP.NET

 

 

Callback

There is a service that monitors the CDD data looking for CDD requests where the data has been entered and signed by the end user. When it finds such requests it will perform a callback to the integrated system based on the callback url set in the request or the callback address configured for the integrated system. The callback performed is a regular HTTP/HTTPS call to an web url.

 

Url

Which Url is called is decided from the CallbackUrl parameter provided when creating the request or by a default callback Url configured for you as an integrator.

 

Parameters

The callback will always have a query param with the name "r" that contains the CDD request id.

 

Security

When performing a callback you may want to add some security so not everyone can freely call the callback endpoint. At this pont we're supporting basic authentication, authentication by url token and configuring

custom http headers for you as a integrator.

 

Basic Authentication

On your integrator profile it is possible to add a username and password. These will be provided in the form of basic authentication on every callback made.

 

Url Token

If you want to add a security token for a request you can add it to the callback url provided when a request is created and it will be sent back to you upon callback.

 

Custom Headers

On your integrator profile it is also possible to configure custom http headers. These headers will be added as request headers on any callback made. This can include API keys or other security data.

 

CDD API internal

Internal functions.