Skip to main content

Overview

The Sigma API is a REST API that accepts JSON request bodies and returns JSON responses. All requests must be made over HTTPS. The API is organised by product:
  • Transaction Monitoring — submit transactions, manage rules, and handle blacklists
  • AML — PEP checks, sanctions screening, and adverse media searches
  • Customer Due Diligence — customer management, workflows, CDD requests, and reports
  • Reporting — submit transaction data for regulatory report generation

Authentication

All requests to the Sigma API must include the following custom headers:
HeaderDescription
apiKeyYour API key
apiSecretYour API secret
Both values are available from My Account → API & Webhooks in the Sigma dashboard. Here is an example of how to set the headers in your requests: 
const headers = {
  apiKey: "your-api-key-here",
  apiSecret: "your-api-secret-here",
};

fetch("https://sigmaprod.sabipay.com/api/v1/transaction-monitoring", {
  method: "GET",
  headers: headers,
})
  .then((response) => response.json())
  .then((data) => console.log(data))
  .catch((error) => console.error("Error:", error));
Get API Key & Secret

Base URLs

Each product has its own base URL. See the Environments page for the full list of staging and production URLs.

Environments

Staging and production base URLs for each product.

Response Codes

Standard HTTP response codes and what they mean.

Webhook Signature

How to verify the authenticity of webhook payloads from Sigma.