SableCheck Documentation
Screen counterparties against sanctions, PEP and adverse-media data — with full provenance on every match. One REST API, auditor-ready PDF reports, and continuous monitoring.
Get a free API key Open the API reference
Quickstart — first screening in four calls
You'll need an API key — the free tier (500 screenings/month, no card) is issued by email in under a minute from sablecheck.com.
1 · Submit a counterparty
# client_key makes this idempotent — re-posting the same key returns the same subject
curl -X POST https://api.sablecheck.com/subjects \
-H "Authorization: Bearer $SABLECHECK_KEY" \
-H "Content-Type: application/json" \
-d '{
"name": "Acme Trading (Pvt) Ltd",
"entity_type": "Company",
"jurisdiction": "ZW",
"identifiers": [{"scheme": "registration_number", "value": "4471/2019"}],
"client_key": "your-internal-ref-001"
}'
# → 201 {"id": "5540f0dc-…", "name": "Acme Trading (Pvt) Ltd", …}
entity_type is Company or Person. For people, submit the fullest legal name you have — matching is fuzzy and alias-aware, but garbage in, garbage out.
2 · Trigger a screening run
curl -X POST https://api.sablecheck.com/subjects/{subject_id}/screen \
-H "Authorization: Bearer $SABLECHECK_KEY" \
-H "Content-Type: application/json" \
-d '{"actor": "jane.analyst"}'
# → 202 {"run_id": "f78631e7-…", "status": "running"}
Screening is asynchronous — the run fans out across every data source in parallel. Most runs finish in 10–60 seconds. actor is optional and lands in the audit trail.
3 · Read the result
curl https://api.sablecheck.com/runs/{run_id} \
-H "Authorization: Bearer $SABLECHECK_KEY"
Poll until status is completed (or partial — see below). The response contains the aggregated risk_assessment and every per-source finding with full provenance.
4 · Download the report
curl -o report.pdf https://api.sablecheck.com/runs/{run_id}/report.pdf \
-H "Authorization: Bearer $SABLECHECK_KEY"
An A4, auditor-ready PDF: verdict summary per category, matched findings with source · dataset · timestamp, and the run record. Hand it straight to your reviewer or regulator.
Authentication
Every endpoint except /health takes your key as a bearer token:
Authorization: Bearer cipk_your_key_here
- Keys are shown once at issue and stored hashed — we cannot recover a lost key, only rotate it (email [email protected]).
- Keep the key server-side. Never ship it in mobile apps or browser code.
- One key per organisation; usage and plan are per key.
Plans & rate limits
| Plan | Monthly screenings | Burst limits | Monitoring |
|---|---|---|---|
| Free — $0 | 500 | 5/min · 100/day | — |
| Growth — $99/mo | 10,000 | 60/min | Your book |
| Scale — $249/mo | Unlimited | 120/min fair-use | Unlimited + webhooks |
Every plan gets the full product — all watchlists, fuzzy matching, PDF reports, the complete API. Paid tiers buy volume and monitoring.
Every authenticated request counts against your windows. When a window is exceeded you get 429 with a Retry-After header (seconds). The monthly quota resets on the 1st, UTC. Check your live usage any time with GET /me or at your account page.
How screening works
- Subject — a counterparty you've submitted (company or person). Idempotent on your
client_key, so wire it into onboarding without fear of duplicates. - Screening run — one execution across all data sources. Each source succeeds, is skipped, or fails independently: a slow source produces a
partialrun (with the failure recorded per source) rather than an error. Matches found are never lost to another source's timeout. - Finding — one source result.
matched: truefindings carry amatch_score(fuzzy/alias-aware name matching) and the raw source payload. - Risk assessment — the per-run rollup: a
score, arisk_band(low/medium/high), andhuman_review_flag.
human_review_flag: true. Matches are name-based candidates for your analyst to adjudicate; the accept/reject decision, and the record of it, stay with your institution.Provenance & audit
Every finding carries its source, dataset_version and retrieved_at timestamp, plus the exact query sent and the raw response received. Nothing is asserted without evidence, and nothing is hard-deleted — screening history survives staff turnover and system migrations. When your auditor asks "what did you check, against what, and when?", the answer is one API call or the PDF.
Data coverage
| Category | Sources | Refresh |
|---|---|---|
| Sanctions | US OFAC (SDN + Consolidated), UN Security Council, EU Consolidated, UK OFSI, Canada SEMA — from the primary publishers | Daily |
| PEPs | All 54 African countries (Wikidata) + national/sub-national Nigerian PEP register (Chipper) | Daily |
| Adverse media | Global news-mention screening (GDELT) | Live at screen time |
| Context | Corporate registries (GLEIF LEI), offshore-leaks reconciliation (ICIJ), FATF jurisdiction risk, DNFBP classification | Live / per plenary |
100,000+ sanctioned entities and PEPs tracked. Source data is drawn from primary publishers — not resold aggregator feeds — which is what keeps enterprise-grade screening affordable.
Guide · PDF reports
GET /runs/{run_id}/report.pdf returns the branded report for any run, any plan. It contains:
- Result summary — sanctions / PEP / adverse-media verdict chips per category
- Aggregated risk band and the human-review notice where applicable
- Every matched finding with source, dataset version and retrieval timestamp
- The run record: what was queried, when, triggered by whom
Generate it lazily — the PDF renders from stored findings, so you can fetch it days later or repeatedly; each generation is itself audit-logged.
Guide · Continuous monitoring
Watchlists change daily; your counterparties don't re-onboard themselves. Monitoring re-screens enrolled subjects every day, right after the watchlist refresh, and alerts you only on material change:
- a new matched finding (same hit tomorrow = silence, no alert fatigue),
- a risk-band escalation, or
- the human-review flag turning on.
# enrol at submission…
{"name": "Acme Trading (Pvt) Ltd", "entity_type": "Company", "monitor": true}
# …or toggle any time
curl -X POST https://api.sablecheck.com/subjects/{subject_id}/monitor \
-H "Authorization: Bearer $SABLECHECK_KEY" \
-H "Content-Type: application/json" \
-d '{"enabled": true}'
Alerts arrive as an email digest. Webhook delivery is available on the Scale plan — contact us to configure your endpoint. Monitoring is included on Growth (your book) and Scale (unlimited).
Guide · Usage & upgrading
curl https://api.sablecheck.com/me -H "Authorization: Bearer $SABLECHECK_KEY"
# → {"plan": "Free", "month_usage": 212, "rate_limit_per_month": 500, …}
Watch month_usage approach your quota programmatically, or see it as a meter at sablecheck.com/account — where you can also request an upgrade in one click. Billing is currently invoice-based; upgrades are activated within one business day.
Errors
| Status | Meaning | What to do |
|---|---|---|
| 401 | Missing or invalid API key | Check the Authorization: Bearer header; rotate a lost key via hello@ |
| 404 | Subject or run doesn't exist | Check the UUID; subjects are per-account |
| 200 on POST /subjects | Duplicate client_key | Not an error — the existing subject is returned (idempotency) |
| 422 | Validation failed | The response body names the offending field |
| 429 | Rate limit or quota | Respect Retry-After (seconds). A monthly-quota 429 says "Monthly quota reached — upgrade your plan" |
partial runs as usable results (they are — every completed source's findings are present) and to back off on 429 rather than retrying immediately: counters increment even on denied requests.