JWT-secured REST endpoints covering customer onboarding, transaction scoring, case management and the RBA engine — documented in OpenAPI, tested in sandbox, audited on every call.
A single POST /api/Auth/login exchanges your tenant code + credentials for a session JWT. Every subsequent call carries it as Authorization: Bearer <token>. Tokens are short-lived; re-authenticate when they expire.
application/json
HTTP 200
Bearer <token>.Each group below is a logical surface area. Customer Integration handles KYC and case lifecycle; Transaction Integration covers TMS scoring and listings; Utilities expose rules and reference data; Auth governs every session.
Whether you saved a customer, queried a transaction or validated an IP — the response shape is identical. Your client only ever has to parse one schema.
message
isError
messageCode
messageDetails
data
Real working calls against the LiveEx Shield TMS API. Drop them into your terminal, replace the credentials with the sandbox keys we issue, and you have a working integration loop in under five minutes.
The API returns standard HTTP status codes. The envelope above is your detail surface; the status code is your routing surface.
data for the resource and messageCode for downstream signals (e.g. risk band).messageDetails names the offending field. Fix and retry./api/Auth/login and retry with the fresh token.Retry-After header and back off.messageDetails includes a trace ID — quote it when you contact support.The /api/Customers/validate and /api/Transactions/tms-details endpoints don't just return a number — they return the component risks, the mitigation scores, and the residual risk the engine computes from them.