The Ingo Fraud Alert API will provide clients with access to disaggregated risk scores across Ingo Money customer payee data, for both check deposit and non-check-related uses.
The current API version is “1”.
The API supports 2 API versioning strategies.
- Version Request Header
- Query String Version parameter
The value of the header key or the query string parameter key to use is
- UAT : https://insights-uat.ingo.money/identity/score [Will be used for certification]
- PROD : https://insights.ingo.money/identity/score [Credentials will be delivered Post certification]
API requests must be performed using a secure transport layer over Https with a minimum TLS version of 1.2.
All API activity will be sanitized, recorded and retained as per Ingo’s data retention strategy.
Allowed IP configuration
The API’s are designed for machine to machine communication and are restricted by adding our partners IP addresses to an “Allowed List” of IP addresses.
A single IP, multiple IP’s or range of IP’s can be added to the list.
The Client Id and Client Secret will be provisioned by Ingo Client Services and provided via a PGP encrypted file format.
We will need a Public Key from a client to encrypt the credentials.