Description
Sentinel Compliance Platform (SCP) is bundled with several RESTful API’s that are available for both developer and client use. The API enables users to interact with SCP programmatically, providing a way to integrate SCP into custom applications and automating tasks. The proposed documentation was created to provide a way for incoming developers or inquiring clients the ability to learn and use the RESTful API’s effectively.
Summary / Analysis
Sentinel Compliance Platform (SCP) RESTful API’s provides a flexible and powerful way to interact with its platform, allowing developers to automate tasks, integrate SCP into custom applications, and access SCP functionality programmatically. The API adheres to RESTful API design principles and uses standard HTTP methods (GET, POST, PUT, DELETE, etc.).
The documentation will primarily focus on the Platform directory. The API’s are segregated into sub directories based off of their functionality in relation to Sentinel Compliance Platform (SCP). These sub directories are the following:
Account →
Accounts, organizations, groups and users who use SCP shall be able to use API’s for administrative and management level tasks.Batch →
Batch file upload searches and review queue for batches provided through API’s to provide functionality to users.Compliance →
Compliance and remediation of searches supported by API’s for users. Access to reporting, monitoring, and annotating compliance.Search →
Conducting compliance searches (individual or organization) for inquires through API access. Compliance search reporting and continuous monitored screenings.
Functional Spec
The functional specification outlines the functionality that the API provides and how it can be used. The following are the key features of the SCP API:
Access to Sentinel Compliance Platform (SCP) functionality: The API provides access to the full range of SCP functionality, allowing developers to interact with SCP in a programmatic way.
Standardized protocol: The API adheres to RESTful API design principles, using standard HTTP methods to interact with SCP.
Request and response format: The API uses JSON for request and response payloads, providing a standard and flexible format for data exchange between the API and client applications.
Acceptance Criteria:
Documentation shall explain functionality of the API
Documentation shall include the path and method of the API
Documentation shall include (if applicable) the parameters required for the API
Documentation shall include (if applicable) the request body required for the API
Documentation shall include the responses back for the particular API
Documentation will be conducted using OpenAPI’s formatting standards, specifically version 3.0 to create a “Swagger Doc”. After some testing we decided a JSON-type document would work best labeled swagger.json.
We will be using Postman (see references) to facilitate the conversion of our swagger.json file into an easy, deployable set of documentation that can be shared and collaborative on all within location. Editing the document will be limited to Truth Technology developers only.
Technical Spec
The technical specification outlines the technical details of the API, including the API path and method, parameters, request body, and responses. The following is a sample technical specification for a SCP API endpoint in JSON:
Example JSON:
"/api/account/{accountId}": {
"put": {
"description": "Update an Account",
"parameters": [
{
"name": "accountId",
"in": "path",
"required": true,
"schema": {
"type": "string"
}
},
{
"name": "authorization",
"in": "header",
"schema": {
"type": "string"
}
}
],
"requestBody":{
"$ref": "#/components/requestBodies/putAccount"
},
"responses": {
"200": {
"description": "OK"
},
"401": {
"description": "Unauthorized"
},
"503": {
"description": "Service Unavailable"
}
}
}
},