Core Tools
Infrastructure
Product previews
From zero to regulator-ready
See how ComplyBridge walks you through a full MiCA CASP application โ from entity setup to final submission package.
See how it works โThe only AI that knows your firm
Reasons across the live EU rulebook and your own policies, KYB data, UBOs, and integrations.
Explore capabilities โAPI Platform
Compliance data,
programmatic.
Share verification results, license status, and policy attestations with your banks, exchanges, and fintech partners through a clean API. Granular scopes, signed responses, full audit trails โ no more PDF email chains.
$ Built for compliance teams, priced for product teams.
REST + webhooks
Simple REST endpoints, with webhooks for state changes so partners react in real time.
Scoped API keys
Per-partner keys with attribute-level scopes. Revoke individually, no reshuffles.
Signed payloads
Every response signed and timestamped. Partners verify integrity cryptographically.
Live audit trail
Every request, response, and re-share logged. Exportable in JSON or CSV.
Mutual TLS
Partner identity verified at the transport layer. Nothing trusts just an API key.
Sub-20ms p95
Low-latency edge deployment across EU regions. Verified at 99.99% uptime SLA.
The endpoints your partners already ask for.
Opinionated, stable, and well-documented. If you've integrated any fintech API, you'll be productive here in 15 minutes.
/v1/parties/{id}Canonical party profile: entity, licence, KYB, UBOs, attestations./v1/verificationsTrigger a fresh KYB or KYC verification run with partner-owned inputs./v1/licenses/{id}Authorisation status with NCA reference and last confirmation timestamp./v1/sharesIssue a time-boxed, scoped credential share to a named partner./v1/attestations/{type}Policy and control attestations (AML, DORA, GDPR) with signing chain./v1/webhooksRegister partner callbacks for status changes, expiries, and re-verifications.Designed to pass a third-line audit.
Every call is scoped, signed, logged, and exportable. Compliance data moves, but control over it doesn't leave your tenant.
- OAuth 2.1 with PKCE plus mutual TLS โ no shared secrets on the wire.
- JWS-signed responses; partners can verify without calling back.
- Rate limits and quotas per key, visible in real time.
- Full request/response archive exportable under GDPR/NIS2.
Frequently Asked Questions
Pragmatic answers for engineering and compliance teams.
Per API call above a tier allowance, with volume discounts at 1M, 10M, and 100M monthly calls. Enterprise plans include dedicated capacity and a committed SLA.
Yes โ a full-fidelity sandbox with seeded data is available on sign-up. Staging webhooks, stable fixtures, and a conformance suite you can run in CI.
Yes. The platform is designed for bank, exchange, and PSP counterparties and includes the contract primitives (DPA, sub-processor list, technical and organisational measures) they typically require.
First-class TypeScript and Python SDKs are supported today. Go, Java, and Ruby SDKs are community-maintained. The OpenAPI spec ships with every release.