Core Tools
Infrastructure
Product previews
From zero to regulator-ready
See how ComplyBridge walks you through a full MiCA CASP application — from entity setup to final submission package.
See how it works →The only AI that knows your firm
Reasons across the live EU rulebook and your own policies, KYB data, UBOs, and integrations.
Explore capabilities →API Platform
Compliance data,
programmatic.
Share verification results, license status, and policy attestations with your banks, exchanges, and fintech partners through a clean API. Granular scopes, signed responses, full audit trails — no more PDF email chains.
$ Built for compliance teams, priced for product teams.
REST + webhooks
Simple REST endpoints, with webhooks for state changes so partners react in real time.
Scoped API keys
Per-partner keys with attribute-level scopes. Revoke individually, no reshuffles.
Signed payloads
Every response signed and timestamped. Partners verify integrity cryptographically.
Live audit trail
Every request, response, and re-share logged. Exportable in JSON or CSV.
Mutual TLS
Partner identity verified at the transport layer. Nothing trusts just an API key.
Sub-20ms p95
Low-latency edge deployment across EU regions. Verified at 99.99% uptime SLA.
The endpoints your partners already ask for.
Opinionated, stable, and well-documented. If you've integrated any fintech API, you'll be productive here in 15 minutes.
/v1/parties/{id}Canonical party profile: entity, licence, KYB, UBOs, attestations./v1/verificationsTrigger a fresh KYB or KYC verification run with partner-owned inputs./v1/licenses/{id}Authorisation status with NCA reference and last confirmation timestamp./v1/sharesIssue a time-boxed, scoped credential share to a named partner./v1/attestations/{type}Policy and control attestations (AML, DORA, GDPR) with signing chain./v1/webhooksRegister partner callbacks for status changes, expiries, and re-verifications.Designed to pass a third-line audit.
Every call is scoped, signed, logged, and exportable. Compliance data moves, but control over it doesn't leave your tenant.
- OAuth 2.1 with PKCE plus mutual TLS — no shared secrets on the wire.
- JWS-signed responses; partners can verify without calling back.
- Rate limits and quotas per key, visible in real time.
- Full request/response archive exportable under GDPR/NIS2.
Frequently Asked Questions
Pragmatic answers for engineering and compliance teams.
Per API call above a tier allowance, with volume discounts at 1M, 10M, and 100M monthly calls. Enterprise plans include dedicated capacity and a committed SLA.
Yes — a full-fidelity sandbox with seeded data is available on sign-up. Staging webhooks, stable fixtures, and a conformance suite you can run in CI.
Yes. The platform is designed for bank, exchange, and PSP counterparties and includes the contract primitives (DPA, sub-processor list, technical and organisational measures) they typically require.
First-class TypeScript and Python SDKs are supported today. Go, Java, and Ruby SDKs are community-maintained. The OpenAPI spec ships with every release.