{"activeVersionTag":"latest","latestAvailableVersionTag":"latest","collection":{"info":{"_postman_id":"c6d54fab-0dd0-405d-8158-3e8f2d5ea5a9","name":"Matrix Security Watchdog API","description":"Matrix Security Watchdog provides a public API that allows you to integrate your processes and systems with our service.\n\n- Create and update screening cases\n- Approve or reject additional checks\n- Respond to adverse findings\n- Get updates on case progress\n- Download the information gathered during the screening process\n \n\nHere we provide examples on how you can use our API.\n\nThe GraphQL API is flexible. You can build your requests to fetch the data you need. In most cases, you can combine two requests into one to get your data quickly and efficiently.\n\nPlease refer to the GraphQL documentation to learn more about the protocol:\n\n- study materials: [https://graphql.com/](https://graphql.com/)\n- the latest version of the [GraphQL specification](https://spec.graphql.org/October2021/)\n- how GraphQL works [over HTTP](https://github.com/graphql/graphql-over-http/blob/main/spec/GraphQLOverHTTP.md)\n \n\nWe format the date using the Unix timestamp format.\n\n### Endpoints\n\nWe provide 2 API endpoints:\n\n- GraphQL for data transfer\n- REST for file download\n \n\n### Versioning\n\nEach version of the API is backwards compatible. We can add new features to the API, but we won't remove them or change their behaviour.\n\n# Authorisation\n\nThe authorisation is provided by the API key that you can generate in your Client Portal. Please contact your Implementation Manager or Client Relationship Manager for Client Portal access.\n\nAdd a header `x-api-key` with your key to the requests.\n\n# Sandbox\n\nWe provide a sandbox to simplify the integration process and to use with your test environments.\n\nIt supports the full API schema and mirrors any new features we make available via our open API, but doesn't store your data and returns mock responses.\n\n> **The mock data is a mixture of static and random data. Don't expect the response to match the request data, but you can trust the format and the data types.** \n \n\nFor more details on the dummy data we return, download [sandbox-documentation.pdf](https://swprod127sandboxdocs.blob.core.windows.net/api/sandbox-documentation.pdf).\n\nUse the API key that only works with this sandbox: \n`x-api-key`: `qWiieGk-Uxnd05YpCHzgRvbkbbv4FHMAr8Tx2d`\n\n# File transfer\n\n### Upload\n\nThe file upload is done using the GraphQL protocol. Form the multipart request with the GraphQL query and the uploaded file. You can find examples in this collection.\n\n### Download\n\nUse HTTP endpoints to download files. You can find examples in this collection.\n\n# Errors\n\nBelow is an overview of common error responses you may encounter when using our API. For each error type, we provide an example and a recommended way to fix it.\n\n### Access control errors\n\n- **Invalid or expired API key** \n This error may occur when the provided API key is invalid, has expired, or was deleted.\n\n {\n \"statusCode\": 401,\n \"message\": \"Access denied due to invalid subscription key. Make sure to provide a valid key for an active subscription.\"\n }\n\n **Recommended way to fix:** \n Acquire a new API key by generating it via *this* API or in your Client Portal and include it in the `x-api-key` header.\n\n\n- **Missing permissions** \n This error ***may*** indicate that the current user does not have access to the requested entity.\n\n {\n \"errors\": [\n {\n \"message\": \"Exception while fetching data (/category) : Entity with ID: {\\\"id\\\":42,\\\"type\\\":\\\"Category\\\"} does not exist.\",\n \"path\": [\n \"category\"\n ],\n \"extensions\": {\n \"path\": [],\n \"code\": \"MissingEntity\",\n \"errorType\": \"DataFetchingException\",\n \"classification\": \"DataFetchingException\",\n \"serviceName\": \"catalog\"\n }\n }\n ],\n \"data\": null\n }\n\n **Recommended way to fix:** \n Ensure that your user account has permissions to access the corresponding Customer and/or Contract.\n\n\n- **Rate limit exceeded** \n This error occurs when the allowed request rate per minute is exceeded.\n\n {\n \"statusCode\": 429,\n \"message\": \"Rate limit is exceeded. Try again in 59 seconds.\"\n }\n\n **Recommended way to fix:** \n Verify your implementation to see whether you can reduce the number of requests per minute to stay within the allowed limits.\n\n### GraphQL validation errors\n\n- **Query limits exceeded** \n Occurs when certain query constraints (e.g., cost limit, alias limit, depth limit) are surpassed.\n\n {\n \"errors\": [\n {\n \"message\": \"Syntax Error: Query Cost limit of 300000 exceeded, found 846442.6739057899.\",\n \"extensions\": {\n \"code\": \"GRAPHQL_VALIDATION_FAILED\"\n }\n },\n {\n \"message\": \"Syntax Error: Aliases limit of 50 exceeded, found 54.\",\n \"extensions\": {\n \"code\": \"GRAPHQL_VALIDATION_FAILED\"\n }\n },\n {\n \"message\": \"Syntax Error: Query depth limit of 20 exceeded, found 21.\",\n \"extensions\": {\n \"code\": \"GRAPHQL_VALIDATION_FAILED\"\n }\n }\n ]\n }\n\n **Recommended way to fix:** \n Review your query structure to ensure it remains within the recommended complexity limits.\n\n\n- **Querying a non-existent field** \n This happens when the requested field does not exist in the schema.\n\n {\n \"errors\": [\n {\n \"message\": \"Cannot query field \\\"ids\\\" on type \\\"ClientCase\\\". <[PROTECTED MESSAGE]>?\",\n \"locations\": [\n {\n \"line\": 4,\n \"column\": 4\n }\n ],\n \"extensions\": {\n \"code\": \"GRAPHQL_VALIDATION_FAILED\"\n }\n }\n ]\n }\n\n **Recommended way to fix:** \n Check the field name in your query. For instance, use `id` instead of `ids` if that is the correct field in the schema.\n\n\n- **Mutation input field does not exist** \n Similar to the above, but occurs within the mutation input fields. You might see errors indicating a missing required field or a field name that is not defined.\n\n {\n \"errors\": [\n {\n \"message\": \"Variable \\\"$input\\\" ... Field \\\"categoryId\\\" of required type \\\"ID!\\\" was not provided.\",\n \"extensions\": {\n \"code\": \"BAD_USER_INPUT\"\n }\n },\n {\n \"message\": \"Variable \\\"$input\\\" ... Field \\\"categoryIds\\\" is not defined by type \\\"ClientCaseInput\\\". <[PROTECTED MESSAGE]>?\",\n \"extensions\": {\n \"code\": \"BAD_USER_INPUT\"\n }\n }\n ]\n }\n\n **Recommended way to fix:** \n Compare the fields in your mutation input against the schema. If a field is marked as required, ensure you include it, and use the exact field names defined in the schema.\n\n\n- **Invalid query syntax** \n If your query contains syntax errors (e.g. unmatched braces), GraphQL will reject it.\n\n {\n \"errors\": [\n {\n \"message\": \"Syntax Error: Unexpected \\\"}\\\".\\n\\nGraphQL request:8:1\\n7 | \\t}\\n8 | }\\n | ^\",\n \"extensions\": {\n \"code\": \"GRAPHQL_VALIDATION_FAILED\"\n }\n }\n ]\n }\n\n **Recommended way to fix:** \n Double-check the query structure and ensure all braces, parentheses, and commas are in the correct places.\n\n### VOLTi4 errors\n\nThese errors form the bulk of our service’s error responses. They can represent validation errors or server-side failures. All VOLTi4 errors contain a `code` and an `errorType` in the `extensions` object.\n\n**Possible `errorType` values:**\n\n InvalidSyntax,\n ValidationError,\n DataFetchingException,\n NullValueInNonNullableField,\n OperationNotSupported,\n ExecutionAborted\n\n**The `code` field provides a way to uniquely identify the specific issue on the client side.**\n\n\n- **Business logic validation** \n These errors clarify which part of the request is invalid or missing information.\n \n *Example 1*\n\n {\n \"errors\": [\n {\n \"message\": \"Exception while fetching data (/caseUpdate) : Optional products with ids [{\\\"id\\\":64659,\\\"type\\\":\\\"ProductOption\\\"}] not found in category {\\\"id\\\":10363,\\\"version\\\":1069351,\\\"type\\\":\\\"Category\\\"}\",\n \"extensions\": {\n \"code\": \"FieldsConflict\",\n \"errorType\": \"ValidationError\",\n \"classification\": \"DataFetchingException\"\n }\n }\n ],\n \"data\": null\n }\n\n *Example 2*\n\n {\n \"errors\": [\n {\n \"message\": \"Exception while fetching data (/category) : Entity with ID: {\\\"id\\\":42,\\\"type\\\":\\\"Category\\\"} does not exist.\",\n \"path\": [\n \"category\"\n ],\n \"extensions\": {\n \"path\": [],\n \"code\": \"MissingEntity\",\n \"errorType\": \"DataFetchingException\",\n \"classification\": \"DataFetchingException\",\n \"serviceName\": \"catalog\"\n }\n }\n ],\n \"data\": null\n }\n **Recommended way to fix:** \n Adjust the request or data according to the details in the error message. E.g. ensure the specified products exist in the specified category, or ensure the specified category exists.\n\n\n- **Server-side or processing error** \n This is similar to an HTTP 5** error in REST, indicating a failure on the server side.\n\n {\n \"errors\": [\n {\n \"message\": \"Exception while fetching data (/caseUpdate) : Failed to process the request\",\n \"extensions\": {\n \"code\": \"ProcessingFailed\",\n \"errorType\": \"ExecutionAborted\",\n \"classification\": \"DataFetchingException\"\n }\n }\n ],\n \"data\": null\n }\n\n **Recommended way to fix:** \n In most cases, these errors cannot be fixed from the client side. But sometimes it might represent a badly handled user (HTTP 4**) error, e.g., a non-existent Category ID passed in during case creation will cause this error. Verify that all data (such as IDs) is valid before retrying.\n\n### 🔴 If you’re unable to resolve your errors after reviewing this documentation, please contact Matrix Security Watchdog 🔴","schema":"https://schema.getpostman.com/json/collection/v2.0.0/collection.json","isPublicCollection":false,"owner":"28003456","team":5243898,"collectionId":"c6d54fab-0dd0-405d-8158-3e8f2d5ea5a9","publishedId":"2s9XxvUv2T","public":true,"publicUrl":"https://client-docs.api.securitywatchdog.org.uk","privateUrl":"https://go.postman.co/documentation/28003456-c6d54fab-0dd0-405d-8158-3e8f2d5ea5a9","customColor":{"top-bar":"FFFFFF","right-sidebar":"303030","highlight":"001E86"},"documentationLayout":"classic-double-column","customisation":{"metaTags":[{"name":"description","value":""},{"name":"title","value":""}],"appearance":{"default":"light","themes":[{"name":"dark","logo":"https://content.pstmn.io/772b19cd-db13-4f5e-8b39-e0e8ca0699d4/aW1hZ2UucG5n","colors":{"top-bar":"121212","right-sidebar":"303030","highlight":"BDF4DC"}},{"name":"light","logo":"https://content.pstmn.io/6eaa45e3-8d2e-4352-b938-63d89758c0dc/aW1hZ2UgKDEpLnBuZw==","colors":{"top-bar":"FFFFFF","right-sidebar":"303030","highlight":"001E86"}}]}},"version":"8.10.0","publishDate":"2024-01-17T08:27:17.000Z","activeVersionTag":"latest","documentationTheme":"light","metaTags":{"title":"","description":""},"logos":{"logoLight":"https://content.pstmn.io/6eaa45e3-8d2e-4352-b938-63d89758c0dc/aW1hZ2UgKDEpLnBuZw==","logoDark":"https://content.pstmn.io/772b19cd-db13-4f5e-8b39-e0e8ca0699d4/aW1hZ2UucG5n"}},"statusCode":200},"environments":[{"name":"Sandbox","id":"4019d354-3163-4f67-b15a-6e232b3e6c61","owner":"28003456","values":[{"key":"client.api.url","value":"https://sandbox.portal.securitywatchdog.org.uk","type":"default","enabled":true},{"key":"client.api.key","value":"qWiieGk-Uxnd05YpCHzgRvbkbbv4FHMAr8Tx2d","type":"secret","enabled":true}],"published":true}],"user":{"authenticated":false,"permissions":{"publish":false}},"run":{"button":{"js":"https://run.pstmn.io/button.js","css":"https://run.pstmn.io/button.css"}},"web":"https://www.getpostman.com/","team":{"logo":"https://res.cloudinary.com/postman/image/upload/t_team_logo_pubdoc/v1/team/9d2f3f93c00cffc5a6a889599447d8734b6b63656962ad28d1bb113f758b1765","favicon":"https://securitywatchdog.org.uk/favicon.ico"},"isEnvFetchError":false,"languages":"[{\"key\":\"csharp\",\"label\":\"C#\",\"variant\":\"HttpClient\"},{\"key\":\"csharp\",\"label\":\"C#\",\"variant\":\"RestSharp\"},{\"key\":\"curl\",\"label\":\"cURL\",\"variant\":\"cURL\"},{\"key\":\"dart\",\"label\":\"Dart\",\"variant\":\"http\"},{\"key\":\"go\",\"label\":\"Go\",\"variant\":\"Native\"},{\"key\":\"http\",\"label\":\"HTTP\",\"variant\":\"HTTP\"},{\"key\":\"java\",\"label\":\"Java\",\"variant\":\"OkHttp\"},{\"key\":\"java\",\"label\":\"Java\",\"variant\":\"Unirest\"},{\"key\":\"javascript\",\"label\":\"JavaScript\",\"variant\":\"Fetch\"},{\"key\":\"javascript\",\"label\":\"JavaScript\",\"variant\":\"jQuery\"},{\"key\":\"javascript\",\"label\":\"JavaScript\",\"variant\":\"XHR\"},{\"key\":\"c\",\"label\":\"C\",\"variant\":\"libcurl\"},{\"key\":\"nodejs\",\"label\":\"NodeJs\",\"variant\":\"Axios\"},{\"key\":\"nodejs\",\"label\":\"NodeJs\",\"variant\":\"Native\"},{\"key\":\"nodejs\",\"label\":\"NodeJs\",\"variant\":\"Request\"},{\"key\":\"nodejs\",\"label\":\"NodeJs\",\"variant\":\"Unirest\"},{\"key\":\"objective-c\",\"label\":\"Objective-C\",\"variant\":\"NSURLSession\"},{\"key\":\"ocaml\",\"label\":\"OCaml\",\"variant\":\"Cohttp\"},{\"key\":\"php\",\"label\":\"PHP\",\"variant\":\"cURL\"},{\"key\":\"php\",\"label\":\"PHP\",\"variant\":\"Guzzle\"},{\"key\":\"php\",\"label\":\"PHP\",\"variant\":\"HTTP_Request2\"},{\"key\":\"php\",\"label\":\"PHP\",\"variant\":\"pecl_http\"},{\"key\":\"powershell\",\"label\":\"PowerShell\",\"variant\":\"RestMethod\"},{\"key\":\"python\",\"label\":\"Python\",\"variant\":\"http.client\"},{\"key\":\"python\",\"label\":\"Python\",\"variant\":\"Requests\"},{\"key\":\"r\",\"label\":\"R\",\"variant\":\"httr\"},{\"key\":\"r\",\"label\":\"R\",\"variant\":\"RCurl\"},{\"key\":\"ruby\",\"label\":\"Ruby\",\"variant\":\"Net::HTTP\"},{\"key\":\"shell\",\"label\":\"Shell\",\"variant\":\"Httpie\"},{\"key\":\"shell\",\"label\":\"Shell\",\"variant\":\"wget\"},{\"key\":\"swift\",\"label\":\"Swift\",\"variant\":\"URLSession\"}]","languageSettings":[{"key":"csharp","label":"C#","variant":"HttpClient"},{"key":"csharp","label":"C#","variant":"RestSharp"},{"key":"curl","label":"cURL","variant":"cURL"},{"key":"dart","label":"Dart","variant":"http"},{"key":"go","label":"Go","variant":"Native"},{"key":"http","label":"HTTP","variant":"HTTP"},{"key":"java","label":"Java","variant":"OkHttp"},{"key":"java","label":"Java","variant":"Unirest"},{"key":"javascript","label":"JavaScript","variant":"Fetch"},{"key":"javascript","label":"JavaScript","variant":"jQuery"},{"key":"javascript","label":"JavaScript","variant":"XHR"},{"key":"c","label":"C","variant":"libcurl"},{"key":"nodejs","label":"NodeJs","variant":"Axios"},{"key":"nodejs","label":"NodeJs","variant":"Native"},{"key":"nodejs","label":"NodeJs","variant":"Request"},{"key":"nodejs","label":"NodeJs","variant":"Unirest"},{"key":"objective-c","label":"Objective-C","variant":"NSURLSession"},{"key":"ocaml","label":"OCaml","variant":"Cohttp"},{"key":"php","label":"PHP","variant":"cURL"},{"key":"php","label":"PHP","variant":"Guzzle"},{"key":"php","label":"PHP","variant":"HTTP_Request2"},{"key":"php","label":"PHP","variant":"pecl_http"},{"key":"powershell","label":"PowerShell","variant":"RestMethod"},{"key":"python","label":"Python","variant":"http.client"},{"key":"python","label":"Python","variant":"Requests"},{"key":"r","label":"R","variant":"httr"},{"key":"r","label":"R","variant":"RCurl"},{"key":"ruby","label":"Ruby","variant":"Net::HTTP"},{"key":"shell","label":"Shell","variant":"Httpie"},{"key":"shell","label":"Shell","variant":"wget"},{"key":"swift","label":"Swift","variant":"URLSession"}],"languageOptions":[{"label":"C# - HttpClient","value":"csharp - HttpClient - C#"},{"label":"C# - RestSharp","value":"csharp - RestSharp - C#"},{"label":"cURL - cURL","value":"curl - cURL - cURL"},{"label":"Dart - http","value":"dart - http - Dart"},{"label":"Go - Native","value":"go - Native - Go"},{"label":"HTTP - HTTP","value":"http - HTTP - HTTP"},{"label":"Java - OkHttp","value":"java - OkHttp - Java"},{"label":"Java - Unirest","value":"java - Unirest - Java"},{"label":"JavaScript - Fetch","value":"javascript - Fetch - JavaScript"},{"label":"JavaScript - jQuery","value":"javascript - jQuery - JavaScript"},{"label":"JavaScript - XHR","value":"javascript - XHR - JavaScript"},{"label":"C - libcurl","value":"c - libcurl - C"},{"label":"NodeJs - Axios","value":"nodejs - Axios - NodeJs"},{"label":"NodeJs - Native","value":"nodejs - Native - NodeJs"},{"label":"NodeJs - Request","value":"nodejs - Request - NodeJs"},{"label":"NodeJs - Unirest","value":"nodejs - Unirest - NodeJs"},{"label":"Objective-C - NSURLSession","value":"objective-c - NSURLSession - Objective-C"},{"label":"OCaml - Cohttp","value":"ocaml - Cohttp - OCaml"},{"label":"PHP - cURL","value":"php - cURL - PHP"},{"label":"PHP - Guzzle","value":"php - Guzzle - PHP"},{"label":"PHP - HTTP_Request2","value":"php - HTTP_Request2 - PHP"},{"label":"PHP - pecl_http","value":"php - pecl_http - PHP"},{"label":"PowerShell - RestMethod","value":"powershell - RestMethod - PowerShell"},{"label":"Python - http.client","value":"python - http.client - Python"},{"label":"Python - Requests","value":"python - Requests - Python"},{"label":"R - httr","value":"r - httr - R"},{"label":"R - RCurl","value":"r - RCurl - R"},{"label":"Ruby - Net::HTTP","value":"ruby - Net::HTTP - Ruby"},{"label":"Shell - Httpie","value":"shell - Httpie - Shell"},{"label":"Shell - wget","value":"shell - wget - Shell"},{"label":"Swift - URLSession","value":"swift - URLSession - Swift"}],"layoutOptions":[{"value":"classic-single-column","label":"Single Column"},{"value":"classic-double-column","label":"Double Column"}],"versionOptions":[],"environmentOptions":[{"value":"0","label":"No Environment"},{"label":"Sandbox","value":"28003456-4019d354-3163-4f67-b15a-6e232b3e6c61"}],"canonicalUrl":"https://client-docs.api.securitywatchdog.org.uk/view/metadata/2s9XxvUv2T"}