API Reference Overview

Explore the RiskOS™ API for identity verification and fraud prevention. Learn about REST endpoints, sandbox testing, and real-time processing.

The RiskOS™ Evaluation API provides a unified framework for modern identity verification and real-time fraud prevention. The API uses established REST principles with predictable URLs and JSON payloads, and integrates machine learning and behavioral signals to help you make confident, instant decisions about user identities across the customer lifecycle.


What you can do

  • Risk Evaluation & Decisioning: Assess identity, fraud, and compliance risk with machine learning, device/behavioral signals, and Socure's identity graph—across the customer lifecycle.
  • Identity Verification & Trust Building: Verify individuals and businesses via document analysis, biometrics, and global identity data to establish durable trust.
  • Workflow Orchestration & Automation: Design and deploy decision workflows with a drag-and-drop, no-code builder. Integrate multiple data sources and automate complex processes.
  • Unified Platform & Global Coverage: Operate from a single system that connects numerous data partners and supports worldwide coverage for consistent risk and compliance decisioning.

Key features

  • REST-based architecture: Standard HTTP methods, status codes, JSON formatting, and authentication practices make integration straightforward.
  • Sandbox testing: Test your integration safely without affecting live data or incurring charges.
  • Real-time processing: Get instant results for time-sensitive verification and risk assessment decisions.

Development environments

Sandbox vs Production Testing

Sandbox Environment

  • Test API calls without affecting live data
  • Simulate various scenarios and edge cases
  • No charges for API usage during development
  • Use sandbox-specific endpoints for all testing

Production Environment

  • Live API calls with real data processing
  • Full feature access and performance
  • Standard usage charges apply
  • Use production endpoints for live integrations

The endpoint you call determines whether requests go to Sandbox or Production environments.


Technical specifications

  • Format: JSON request bodies and responses
  • Authentication: API key-based authentication with secure token management
  • Rate limits: Configurable limits for development and production use, depending on your use case
  • Response times: Optimized for real-time decisioning — most evaluations return synchronously, while longer-running checks are delivered asynchronously through webhooks
  • Webhooks: Real-time notifications for async operations and status updates
  • Error handling: Comprehensive HTTP status codes with detailed error messages

Next steps