Kompliant Web API provides our customers the ability to read, write, and update data across the entire compliance lifecycle, from application processing to decision support, ongoing monitoring and decision defense.

Read on the learn more about the standards we use for our APIs.

Kompliant Web API

Kompliant Web API is a collection of HTTP RPC-style methods, all URLs in the form https://api.kompliant.com/<method_family>.<method>.

While it's not a REST API, those familiar with REST should be at home with its foundations in HTTP. Each method has a series of arguments informing the execution of your intentions. Most methods expect arguments as JSON in a POST body. Even endpoints that traditionally would be a GET call, use POST with the JSON body.

We require all communications to be secure, thus requiring HTTPS using TLS 1.2 or higher.

Versioning

Kompliant Web API uses date-based versioning in the format YYYY-MM-DD. For example, the current API version 2025-03-24 was released on March 24, 2025.

The version should be included in the X-API-Version header. If no version is provided, then the latest version is assumed. For production implementations, we highly encourage you to include the header.

Authentication

Our APIs use a signature-based authentication mechanism. One or more data elements of the request are signed by the client and verified by the server. Customers have options about what data to sign with the request, allowing for better security of the APIs, such as mitigating against replay attacks or man-in-the-middle attacks.

Responses

Almost all Web API responses contain a JSON object that will contain some combination of the following four root-level keys:

• meta: containing metadata information about the request such as status, trace_id, etc.,
• data: contains the requested data, if any,
• errors: an array of one or more error objects,
• results: returned only in batch-based methods, contains data or errors keys.