The World-Check One API enables developers to integrate the next generation of LSEG screening capabilities into existing workflows and internal systems (such as CRMs) in order to help streamline the processes for on-boarding, KYC and third party due diligence.
swagger: '2.0'
info:
title: London Stock Exchange Group LSEG World-Check One API
description: >
The World-Check One API enables developers to integrate the next generation of LSEG screening capabilities into existing workflows and internal systems (such as CRMs) in order to help streamline the processes for on-boarding, KYC and third party due diligence.
The API provides, among other features:
- The ability to screen entity names, with or without secondary fields such as date of birth for individuals. These names are called “cases” within the World-Check One system.
- The ability to retrieve results of the screening process from the World-Check database
- The ability to flag cases for Ongoing Screening, and retrieve the World-Check results from the Ongoing Screening process.
- The ability to submit request for reports.
- The ability to fetch the status of the report requests and download the completed reports.
> © 2018 - 2023 LSEG. All rights reserved. Republication or redistribution of LSEG content, including by framing or similar means, is prohibited without the prior written consent of LSEG. 'LSEG' and the LSEG logo are registered trademarks and trademarks of LSEG and its affiliated companies.
version: 2.61.0
termsOfService: https://www.lseg.com/en/risk-intelligence/screening-solutions/world-check-kyc-screening/one-kyc-verification
contact:
name: LSEG World-Check One API Q&A
url: https://community.developers.refinitiv.com/index.html
email: [email protected]
license:
name: Commercial
url: https://www.lseg.com/en/risk-intelligence/screening-solutions/world-check-kyc-screening/one-kyc-verification
externalDocs:
description: Refer to the LSEG Developer Portal for additional documentation on the World-Check One API.
url: https://developers.lseg.com/en/api-catalog/customer-and-third-party-screening/world-check-one-api
host: api-worldcheck.refinitiv.com
basePath: /v2
tags:
- name: Api-Info
description: Operations for the API info domain.
- name: Audit
description: Operations for the audit domain.
- name: Case
description: Operations for the case domain.
- name: Case-Rating
description: Operations for the rating domain.
- name: Client-Watchlist
description: Operations for the Watchlist domain.
- name: Group
description: Operations for the group domain.
- name: Linked-Cases
description: Operations for the linked cases domain.
- name: Media-Check
description: Operations for the Media-Check domain.
- name: Passport-Check
description: Operations for the Passport-Check domain.
- name: Reference
description: Operations for the reference domain.
- name: Reporting
description: Operations for the report domain.
- name: Smart-Filter
description: Operations for the smart filter domain.
- name: Upcoming
description: |
Operations for upcoming features and changes.
**Note:** Requests to these endpoints will return an HTTP '404 Not Found' response status code until officially released.
- name: User
description: Operations for the user domain.
- name: Zfs
description: Operations for the ZFS domain.
x-tagGroups:
- name: Upcoming Features and Changes
tags:
- upcoming
- name: Zero Footprint Screening
tags:
- zfs
- name: Case Management and Audit
tags:
- api-info
- reference
- group
- case
- audit
- media-check
- client-watchlist
- user
- passport-check
- linked-cases
- case-rating
- smart-filter
- reporting
schemes:
- https
consumes:
- application/json
produces:
- application/json
- application/octet-stream
responses:
Unauthorized:
description: The request has failed an authorisation check. This can happen for a variety of reasons, such as an invalid or expired API key, an invalid HMAC signature or a request timing issue/problem with the Date header value. The API client should ensure a correctly synchronised clock is used to generate request timestamps.
CannotReturnResponse:
description: Cannot return response
schema:
type: array
items:
$ref: '#/definitions/Error'
UnsupportedMediaType:
description: For requests with payloads, an unsupported Content-Type was specified. The World-Check One API only supports a content type of application/json.
TooManyRequests:
description: The API client is making too many concurrent requests, and some are being throttled. Throttled requests can be retried (with an updated request Date and HTTP signature) after a short delay.
BadRequest:
description: Bad request
schema:
type: array
items:
$ref: '#/definitions/Error'
UnexpectedError:
description: Unexpected error
schema:
type: array
items:
$ref: '#/definitions/Error'
Forbidden:
description: Forbidden
schema:
type: array
items:
$ref: '#/definitions/Error'
InactiveResource:
description: For requests to a resource that is no longer available.
schema:
type: array
items:
$ref: '#/definitions/Error'
Conflict:
description: Conflict error.
schema:
type: array
items:
$ref: '#/definitions/Error'
paths:
/apiInfo:
get:
operationId: getApiInfo
tags:
- Api-Info
summary: London Stock Exchange Group Get information about the Public API.
description: Get information about the version of the Public API, a link to the documentation, and a date and time that can be used to verify the 'Date' header.
parameters:
- name: Authorization
description: The authorization credentials including 'keyId', 'algorithm', 'headers', 'signature' (see 'Security and Authentication details' documentation section for more details).
in: header
type: string
required: true
- name: Date
description: The date and time at which the message was originated in 'RFC 1123' format.
in: header
type: string
required: true
responses:
200:
description: The information about the Public API.
schema:
$ref: '#/definitions/ApiInfo'
400:
$ref: '#/responses/BadRequest'
401:
$ref: '#/responses/Unauthorized'
404:
$ref: '#/responses/CannotReturnResponse'
415:
$ref: '#/responses/UnsupportedMediaType'
429:
$ref: '#/responses/TooManyRequests'
500:
$ref: '#/responses/UnexpectedError'
/groups:
get:
operationId: getGroups
tags:
- Group
- Zfs
summary: London Stock Exchange Group Get all the top-level groups with their immediate descendants
description: Get all the top-level groups with their immediate descendants
parameters:
- name: Authorization
description: The authorization credentials including 'keyId', 'algorithm', 'headers', 'signature' (see 'Security and Authentication details' documentation section for more details)
in: header
type: string
required: true
- name: Date
description: The date and time at which the message was originated in 'RFC 1123' format
in: header
type: string
required: true
responses:
200:
description: A list of all top-level groups containing their immediate descendants
schema:
type: array
items:
$ref: '#/definitions/Group'
400:
$ref: '#/responses/BadRequest'
401:
$ref: '#/responses/Unauthorized'
404:
$ref: '#/responses/CannotReturnResponse'
415:
$ref: '#/responses/UnsupportedMediaType'
429:
$ref: '#/responses/TooManyRequests'
500:
$ref: '#/responses/UnexpectedError'
/groups/{groupId}:
get:
operationId: getGroupById
tags:
- Group
- Zfs
summary: London Stock Exchange Group Get a specified group including its immediate descendants
description: Get a specified group including its immediate descendants
parameters:
- name: Authorization
description: The authorization credentials including 'keyId', 'algorithm', 'headers', 'signature' (see 'Security and Authentication details' documentation section for more details)
in: header
type: string
required: true
- name: Date
description: The date and time at which the message was originated in 'RFC 1123' format
in: header
type: string
required: true
- name: groupId
in: path
type: string
required: true
description: Group ID under which we wish to retrieve children groups
responses:
200:
description: A specified group including its immediate descendants
schema:
$ref: '#/definitions/Group'
400:
$ref: '#/responses/BadRequest'
401:
$ref: '#/responses/Unauthorized'
404:
$ref: '#/responses/CannotReturnResponse'
415:
$ref: '#/responses/UnsupportedMediaType'
429:
$ref: '#/responses/TooManyRequests'
500:
$ref: '#/responses/UnexpectedError'
/groups/{groupId}/caseTemplate:
get:
operationId: getCaseTemplateForGroup
tags:
- Group
- Zfs
summary: London Stock Exchange Group Get the CaseTemplate for the given Group
description: |
Get the CaseTemplate for the given Group, used for constructing a Case
**Available secondary fields:**
<details>
<summary>Click here to expand</summary>
| Type ID | NAME | VALUE |
|--|-||
| SFCT_1 | GENDER | MALE, FEMALE, UNSPECIFIED |
| SFCT_2 | DATE OF BIRTH | DATE |
| SFCT_3 | COUNTRY LOCATION | COUNTRY CODE |
| SFCT_4 | PLACE OF BIRTH | COUNTRY CODE |
| SFCT_5 | NATIONALITY | COUNTRY CODE |
| SFCT_6 | REGISTERED COUNTRY | COUNTRY CODE |
| SFCT_7 | IMO NUMBER | TEXT |
| SFCT_8 | PASSPORT GIVEN NAMES | TEXT |
| SFCT_9 | PASSPORT LAST NAME | TEXT |
| SFCT_10 | PASSPORT GENDER | MALE, FEMALE, UNSPECIFIED |
| SFCT_11 | PASSPORT ISSUING STATE | STATE CODE |
| SFCT_12 | PASSPORT NATIONALITY | STATE CODE |
| SFCT_13 | PASSPORT DATE OF BIRTH | DATE |
| SFCT_14 | PASSPORT DOCUMENT TYPE | PASSPORT, ID1, ID2 |
| SFCT_15 | PASSPORT ID NUMBER | TEXT |
| SFCT_16 | PASSPORT DATE OF EXPIRY | DATE |
| SFCT_191 | DOCUMENT ID | TEXT |
| SFCT_192 | DOCUMENT ID COUNTRY | COUNTRY CODE |
| SFCT_193 | DOCUMENT ID TYPE | TEXT |
</details>
parameters:
- name: Authorization
description: The authorization credentials including 'keyId', 'algorithm', 'headers', 'signature' (see 'Security and Authentication details' documentation section for more details)
in: header
type: string
required: true
- name: Date
description: The date and time at which the message was originated in 'RFC 1123' format
in: header
type: string
required: true
- name: groupId
in: path
type: string
required: true
description: Group ID under which we wish to manage Cases and perform screening
responses:
200:
description: The CaseTemplate for the given Group
schema:
$ref: '#/definitions/CaseTemplateResponse'
400:
$ref: '#/responses/BadRequest'
401:
$ref: '#/responses/Unauthorized'
404:
$ref: '#/responses/CannotReturnResponse'
415:
$ref: '#/responses/UnsupportedMediaType'
429:
$ref: '#/responses/TooManyRequests'
500:
$ref: '#/responses/UnexpectedError'
/groups/{groupId}/resolutionToolkit:
get:
operationId: getResolutionToolkitForGroup
tags:
- Group
summary: London Stock Exchange Group Get the ResolutionToolkit for the given Group.
description: |
Get the ResolutionToolkit for the given Group, used to construct a valid resolution request(s) on the results
for a Case belonging to the given Group `groupId`.
parameters:
- name: Authorization
description: The authorization credentials including 'keyId', 'algorithm', 'headers', 'signature' (see 'Security and Authentication details' documentation section for more details).
in: header
type: string
required: true
- name: Date
description: The date and time at which the message was originated in 'RFC 1123' format.
in: header
type: string
required: true
- name: groupId
in: path
type: string
required: true
description: ID of the Group to which the resolution toolkit belongs.
responses:
200:
description: The ResolutionToolkit for the given Group.
schema:
$ref: '#/definitions/ResolutionToolkitResponse'
400:
$ref: '#/responses/BadRequest'
401:
$ref: '#/responses/Unauthorized'
404:
$ref: '#/responses/CannotReturnResponse'
415:
$ref: '#/responses/UnsupportedMediaType'
429:
$ref: '#/responses/TooManyRequests'
500:
$ref: '#/responses/UnexpectedError'
/groups/{groupId}/resolutionToolkits:
get:
operationId: getResolutionToolkitsForGroup
tags:
- Group
summary: London Stock Exchange Group Get all the ResolutionToolkits for the given Group
description: |
Get the ResolutionToolkits for the given Group for all enabled provider types, used to construct a valid
resolution request(s) on the results for a Case belonging to the given Group `groupId`.
parameters:
- name: Authorization
description: The authorization credentials including 'keyId', 'algorithm', 'headers', 'signature' (see 'Security and Authentication details' documentation section for more details)
in: header
type: string
required: true
- name: Date
description: The date and time at which the message was originated in 'RFC 1123' format
in: header
type: string
required: true
- name: groupId
in: path
type: string
required: true
description: ID of the Group to which the resolution toolkits belong.
responses:
200:
description: Map of ResolutionToolkits for the given Group keyed by provider type
schema:
type: object
additionalProperties:
$ref: '#/definitions/ResolutionToolkitResponse'
400:
$ref: '#/responses/BadRequest'
401:
$ref: '#/responses/Unauthorized'
404:
$ref: '#/responses/CannotReturnResponse'
415:
$ref: '#/responses/UnsupportedMediaType'
429:
$ref: '#/responses/TooManyRequests'
500:
$ref: '#/responses/UnexpectedError'
/groups/{groupId}/resolutionToolkits/{providerType}:
get:
operationId: getResolutionToolkitForGroupWithProviderType
tags:
- Group
summary: London Stock Exchange Group Get the ResolutionToolkit for a specific provider type for the given Group
description: |
Get the ResolutionToolkit for a specific provider type the given Group, used to construct a valid resolution request(s) on the results
for a Case belonging to the given Group `groupId`.
parameters:
- name: Authorization
description: The authorization credentials including 'keyId', 'algorithm', 'headers', 'signature' (see 'Security and Authentication details' documentation section for more details)
in: header
type: string
required: true
- name: Date
description: The date and time at which the message was originated in 'RFC 1123' format
in: header
type: string
required: true
- name: groupId
in: path
type: string
required: true
description: ID of the Group to which the resolution toolkit belongs.
- name: providerType
in: path
type: string
required: true
description: Provider type for which the resolution toolkit applies.
enum:
- WATCHLIST
- CLIENT_WATCHLIST
responses:
200:
description: The ResolutionToolkit for the given Group and provider type
schema:
$ref: '#/definitions/ResolutionToolkitResponse'
400:
$ref: '#/responses/BadRequest'
401:
$ref: '#/responses/Unauthorized'
404:
$ref: '#/responses/CannotReturnResponse'
415:
$ref: '#/responses/UnsupportedMediaType'
429:
$ref: '#/responses/TooManyRequests'
500:
$ref: '#/responses/UnexpectedError'
/caseIdentifiers:
head:
operationId: checkCaseIdentifierAvailability
tags:
- Case
summary: London Stock Exchange Group Check if a given caseId is available for use
description: |
caseIds must be unique within each Client. If any Group under a Client has a Case with a particular caseId,
that caseId cannot be reused on another Case within the same Client. This endpoint allows the user to check
if a given caseId is available to use when creating or updating a Case.
parameters:
- name: Authorization
description: The authorization credentials including 'keyId', 'algorithm', 'headers', 'signature' (see 'Security and Authentication details' documentation section for more details)
in: header
type: string
required: true
- name: Date
description: The date and time at which the message was originated in 'RFC 1123' format
in: header
type: string
required: true
- name: caseId
in: query
type: string
required: true
description: Id to check if it is available to use as a caseId
responses:
200:
description: |
The given caseId is in use within the current user's Client, therefore is not available to use on a
different Case.
400:
$ref: '#/responses/BadRequest'
401:
$ref: '#/responses/Unauthorized'
404:
description: |
The given caseId is not found within the current user's Client, therefore is available to use as a caseId
on any Case.
415:
$ref: '#/responses/UnsupportedMediaType'
429:
$ref: '#/responses/TooManyRequests'
500:
$ref: '#/responses/UnexpectedError'
/caseReferences:
get:
operationId: getCaseReference
tags:
- Case
summary: London Stock Exchange Group Return the CaseReference (caseId, caseSystemId) for a caseId
description: |
Returns the CaseReference containing the caseId and caseSystemId pair for an existing Case with the given caseId.
This is useful if only the caseId is known but caseSystemId is required by other endpoints such as
`GET /cases/{caseSystemId}`.
parameters:
- name: Authorization
description: The authorization credentials including 'keyId', 'algorithm', 'headers', 'signature' (see 'Security and Authentication details' documentation section for more details)
in: header
type: string
required: true
- name: Date
description: The date and time at which the message was originated in 'RFC 1123' format
in: header
type: string
required: true
- name: caseId
in: query
type: string
required: true
description: Case ID provided by the client or else generated by the system for the client
responses:
200:
description: CaseReference for the given caseId
schema:
$ref: '#/definitions/CaseReference'
400:
$ref: '#/responses/BadRequest'
401:
$ref: '#/responses/Unauthorized'
404:
$ref: '#/responses/CannotReturnResponse'
415:
$ref: '#/responses/UnsupportedMediaType'
429:
$ref: '#/responses/TooManyRequests'
500:
$ref: '#/responses/UnexpectedError'
/cases:
post:
operationId: saveCase
tags:
- Case
summary: London Stock Exchange Group Create a new case
description: |
Creates a new Case for asynchronous screening. Synchronous screening on the dedicated ZFS gateway host
via `/cases/screeningRequest` should be used instead of this for Zero Footprint Screening (ZFS).
**Info about available secondary fields can be found [here](#tag/groups/operation/getCaseTemplateForGroup).**
parameters:
- name: Authorization
description: The authorization credentials including 'keyId', 'algorithm', 'headers', 'signature' (see 'Security and Authentication details' documentation section for more details)
in: header
type: string
required: true
- name: Date
description: The date and time at which the message was originated in 'RFC 1123' format
in: header
type: string
required: true
- name: Content-Type
description: The media type of the request (e.g., 'application/json')
in: header
type: string
required: true
- name: Content-Length
description: The length of the request body in octets (8-bit bytes)
in: header
type: integer
required: true
- name: newCase
in: body
description: Case to be created
required: true
schema:
$ref: '#/definitions/NewCase'
responses:
201:
description: Case created
schema:
$ref: '#/definitions/Case'
400:
$ref: '#/responses/BadRequest'
401:
$ref: '#/responses/Unauthorized'
403:
$ref: '#/responses/Forbidden'
404:
$ref: '#/responses/CannotReturnResponse'
415:
$ref: '#/responses/UnsupportedMediaType'
429:
$ref: '#/responses/TooManyRequests'
500:
$ref: '#/responses/UnexpectedError'
/cases/screeningRequest:
post:
operationId: screen
tags:
- Case
- Zfs
summary: London Stock Exchange Group Perform synchronous screening for a new case
description: |
Perform synchronous screening for a new case.
This endpoint can perform a synchronous screening for a set of valid case details and, if provided,
set the ongoing screening (OGS) state for the given provider types. The supported provider types for setting
the OGS state are WATCHLIST and MEDIA_CHECK. They both can be set to either INITIAL (OGS disabled) or ONGOING
(OGS enabled) state. You cannot set the OGS state when using Zero Footprint Screening (ZFS) groups.
The returned result collection contains the regular case result details plus identity documents and important events.
ZFS is enabled by specifying a ZFS group id in the body and is available for dedicated Zero-footprint API customers
or Regular WC1 API customers using ZFS-specific groups.
The response may contain Special Interest Categories (SIC) records that depends on the user subscription type.
This helps in SIC risk analysis:
- if a user has subscription type is Premium or Premium Plus, the keywords for SIC subcategories provided
in the "sources" field and full value of SIC keywords code in the "categories" field;
- if a user has a Standard subscription type then the "categories" field will not contain SIC keywords;
- the above behavior is the same for ZFS.
The example response body includes SIC with Premium or Premium Plus user subscription:
```
{
"sources":[
"b_trwc_M:1TQ",
"b_trwc_4"
],
"categories":[
"Special Interest Categories",
"Other Bodies"
]
}
```
**Note:** The maximum number of World-Check screenings (including initial, rescreening, and ZFP ones)
that a client can perform in an hour is limited.
When using the API care should be taken when using operator words even when combined with an apostrophe,
for example the below combinations will cause an error 403 to be returned:
- String ‘AND (String)
- String ‘OR (String)
- String ‘AND NOT (String)
- String ‘OR NOT (String)
- String ‘AND AS (String)
- String ‘OR AS (String)
**Info about available secondary fields can be found [here](#tag/groups/operation/getCaseTemplateForGroup).**
parameters:
- name: Authorization
description: The authorization credentials including 'keyId', 'algorithm', 'headers', 'signature' (see 'Security and Authentication details' documentation section for more details)
in: header
type: string
required: true
- name: Date
description: The date and time at which the message was originated in 'RFC 1123' format
in: header
type: string
required: true
- name: Content-Type
description: The media type of the request (e.g., 'application/json')
in: header
type: string
required: true
- name: Content-Length
description: The length of the request body in octets (8-bit bytes)
in: header
type: integer
required: true
- name: screeningRequest
in: body
description: Screening Request
required: true
schema:
$ref: '#/definitions/ScreeningRequest'
responses:
200:
description: Collection of Screening Results
schema:
$ref: '#/definitions/ScreeningResultCollection'
400:
$ref: '#/responses/BadRequest'
401:
$ref: '#/responses/Unauthorized'
403:
$ref: '#/responses/Forbidden'
404:
$ref: '#/responses/CannotReturnResponse'
415:
$ref: '#/responses/UnsupportedMediaType'
429:
$ref: '#/responses/TooManyRequests'
500:
$ref: '#/responses/UnexpectedError'
/cases/{caseSystemId}:
put:
operationId: updateExistingCase
tags:
- Case
summary: London Stock Exchange Group Update an existing Case by its caseSystemId
description: |
Updates an existing Case identified by the given caseSystemId. When the case is updated, all the non-empty fields for the case are required to be sent, including the updated field(s). Non-empty fields that are not sent when calling this endpoint will be overwritten as null.
For example, if the date of birth for a case need to be updated, existing fields such as nationality, etc. should contain the original values, otherwise it will be updated as null. That is, all the other fields should be included in the body with their existing data. This applies to Custom Fields as well.
**Note:** When updating an existing Case details with Passport-Check details within the API, to check
the details in the UI information you must refresh the page to view all updated details.
**Info about available secondary fields can be found [here](#tag/groups/operation/getCaseTemplateForGroup).**
parameters:
- name: Authorization
description: The authorization credentials including 'keyId', 'algorithm', 'headers', 'signature' (see 'Security and Authentication details' documentation section for more details)
in: header
type: string
required: true
- name: Date
description: The date and time at which the message was originated in 'RFC 1123' format
in: header
type: string
required: true
- name: Content-Type
description: The media type of the request (e.g., 'application/json')
in: header
type: string
required: true
- name: Content-Length
description: The length of the request body in octets (8-bit bytes)
in: header
type: integer
required: true
- name: caseSystemId
in: path
description: System generated ID for the Case
required: true
type: string
- name: updateCase
in: body
description: Update Case
required: true
schema:
$ref: '#/definitions/UpdateCase'
responses:
200:
description: Case updated
schema:
$ref: '#/definitions/Case'
400:
$ref: '#/responses/BadRequest'
401:
$ref: '#/responses/Unauthorized'
404:
$ref: '#/responses/CannotReturnResponse'
415:
$ref: '#/responses/UnsupportedMediaType'
429:
$ref: '#/responses/TooManyRequests'
500:
$ref: '#/responses/UnexpectedError'
patch:
operationId: partialUpdateCase
tags:
- Case
summary: London Stock Exchange Group Partial update an existing Case by its caseSystemId
description: |
Updates an existing Case identified by the given caseSystemId. When the case is updated, only updated field(s) for the case are required to be sent.
If non-empty fields are not sent they will be left untouched.
Case screening results related to the value provided in Screen query parameter.
Calling the endpoint without any change in the existing case payload, but retained query parameter screen=SYNC, works as synchronous re-screening.
**Note:** The maximum number of World-Check screenings (including initial, rescreening, and ZFP ones)
that a client can perform in an hour is limited.
When updating an existing Case details with Passport-Check details within the API, to check
the details in the UI information you must refresh the page to view all updated details.
**Info about available secondary fields can be found [here](#tag/groups/operation/getCaseTemplateForGroup).**
parameters:
- name: Authorization
description: The authorization credentials including 'keyId', 'algorithm', 'headers', 'signature' (see 'Security and Authentication details' documentation section for more details)
in: header
type: string
required: true
- name: Date
description: The date and time at which the message was originated in 'RFC 1123' format
in: header
type: string
required: true
- name: Content-Type
description: The media type of the request (e.g., 'application/json')
in: header
type: string
required: true
- name: Content-Length
description: The length of the request body in octets (8-bit bytes)
in: header
type: integer
required: true
- name: caseSystemId
in: path
description: System g
# --- truncated at 32 KB (383 KB total) ---
# Full source: https://raw.githubusercontent.com/api-evangelist/london-stock-exchange-group/refs/heads/main/openapi/lseg-world-check-one-openapi-original.yml