This chapter explains the process of integrating with the ecrop OmniEagle platform for risk evaluation of identities. It outlines the necessary steps and API interactions involved in submitting identity data and retrieving risk evaluation results.

Prerequisites for Identity Integration

Before integrating with the OmniEagle Identity APIs, ensure you fulfill the following prerequisites:

1

Client Authentication and Authorization

Obtain valid credentials for accessing the OmniEagle API. Refer to the Onboarding Section for details on how to register your application and obtain access credentials for calling our APIs.

2

Data Mapping and Transformation

Familiarize yourself with the data requirements for the /omni-eagle/v1/identities endpoint. All data submitted through the API must be verified through an approved and qualified KYC service. Map your internal identity data to the required schema, including fields such as full legal name, identification provider (with identifier), legal/natural identity details, and unique identifier. Ensure accurate and consistent data mapping to ensure reliable risk evaluations.

3

Webhook Endpoint Setup

Configure a secure and reliable webhook endpoint in your system to receive asynchronous risk evaluation results from OmniEagle. This endpoint should be able to handle POST requests and parse the JSON payload containing the risk score, risk level, and detailed risk analysis (if available). The webhook URL must be accessible from the internet and properly secured to prevent unauthorized access.

4

Error Handling and Logging

Implement robust error handling and logging mechanisms to track and manage any issues that may arise during the integration process. Log all API requests, responses, and webhook notifications to facilitate troubleshooting and auditing.

Submitting Identity Data for Risk Evaluation

After fulfilling the prerequisites, you can begin the process of submitting identity data for risk evaluation using the OmniEagle API.

  1. Create Risk Evaluation Order: Submit a POST request to the /omni-eagle/v1/identities endpoint, providing the necessary, and provable, identity data, a unique reference number, and your webhook URL in the request body.
  2. Handle API Responses: Process the API response to determine if the risk evaluation order was successfully accepted. A 201 response indicates successful acceptance, while a 208 response indicates that the order has already been received.
  3. Receive Asynchronous Results: OmniEagle processes the identity data and asynchronously sends the risk evaluation result to the provided webhook URL.
  4. Process Webhook Notification: Upon receiving the webhook notification, parse the JSON payload to extract the risk score, risk level, and detailed risk analysis (if available).
  5. Retrieve Risk Evaluation (Optional): If necessary, you can retrieve the risk evaluation result using the /omni-eagle/v1/identities/ endpoint.
  6. Enforce Policies: Based on the received risk evaluation, enforce appropriate policies and take necessary actions, such as flagging high-risk identities for enhanced due diligence or restricting access to certain services.