Integration Guide

Integrate the Reglyt compliance engine directly into your transaction flow. Our API allows you to programmatically evaluate transfers against your active policies in real-time.

1. Architecture Overview

Reglyt acts as an asynchronous compliance gatekeeper. Your system initiates a transfer, provides the associated parties (KYC/KYB data), and triggers the policy engine. If the evaluation requires manual review (WAITING_INFO), your compliance team manages it via this dashboard.

📡
Production Base URL:https://api.reglyt.com/v1

2. Authentication

Machine-to-machine API requests must be authenticated using your secret API Key. Pass this key in the X-API-Key HTTP header.

http
GET /v1/account/me HTTP/1.1
Host: api.reglyt.com
X-API-Key: rglt_live_your_secret_key_here

3. Standardized Error Handling

Reglyt returns strongly typed JSON errors for reliable programmatic handling. Every error payload includes a code, a human-readable message, and a tracking request_id.

json
{
  "error": {
    "code": "VALIDATION_ERROR",
    "message": "Invalid request",
    "request_id": "req_12345abcde",
    "details": [...]
  }
}

Common error codes include: UNAUTHORIZED, FORBIDDEN, RATE_LIMITED, QUOTA_EXCEEDED, and INTERNAL_ERROR.

4. Create a Transfer

Register a new transfer intention. This does not trigger policy validation yet.

POSTbash
curl -X POST "https://api.reglyt.com/v1/transfers" \
  -H "X-API-Key: <YOUR_API_KEY>" \
  -H "Content-Type: application/json" \
  -d '{
    "reference_id": "TXN-88492",
    "scenario_type": "CRYPTO_TO_CRYPTO",
    "amount": 2500.50,
    "asset": "USDT",
    "chain": "Ethereum"
  }'

Expected response: The API returns a JSON object with a unique id and a status of CREATED. Store this ID to attach parties in the next step.

5. Hydrate Parties

Attach the originator and beneficiary details to the transfer. Our policy engine relies on these attributes (such as country or wallet_address) to make decisions.

PUTbash
curl -X PUT "https://api.reglyt.com/v1/transfers/<TRANSFER_ID>/parties" \
  -H "X-API-Key: <YOUR_API_KEY>" \
  -H "Content-Type: application/json" \
  -d '{
    "originator": {
      "name": "Acme Corp",
      "country": "FR",
      "address": "10 Rue de la Paix, Paris",
      "vasp_name": "Acme Exchange",
      "wallet_address": "0xabc123..."
    },
    "beneficiary": {
      "name": "Jane Doe",
      "country": "GB",
      "wallet_address": "0xdef456..."
    }
  }'

6. Policy Validation

Trigger the rule engine. Reglyt will dynamically evaluate the transfer against your active policies based on the scenario type.

POSTbash
curl -X POST "https://api.reglyt.com/v1/transfers/<TRANSFER_ID>/validate" \
  -H "X-API-Key: <YOUR_API_KEY>"

The engine will return one of three final statuses:

  • VALIDATED: The transfer complies with all rules.
  • BLOCKED: A blocking rule was triggered. The response includes a reason_comment.
  • WAITING_INFO: Required party fields are missing (e.g., Missing: vasp_name).

7. Evidence Export

For auditing purposes, generate a cryptographic, immutable Evidence Pack once a transfer reaches its final state.

POSTbash
curl -X POST "https://api.reglyt.com/v1/transfers/<TRANSFER_ID>/evidence" \
  -H "X-API-Key: <YOUR_API_KEY>"

The payload will contain the hash, version, and the full JSON content of the audit pack.