W2 DocsAPI Basics
This section describes how to use the W2 RESTful API
Location
Live: https://api.w2globaldata.com
UAT: https://api-uat.w2globaldata.com
Authentication
The W2 REST API uses basic authentication. You will need to add a basic authorization header with your api key base 64 encoded to all requests.
| Header Key | Header Pattern |
|---|---|
| Authorization | Basic Base64EncodedW2ApiKey |
API Versioning
To call a specific version of the API append the API version query option to the end of the URL like this: https://api.w2globaldata.com/kyc-check?api-version=1.1
We strongly recommend that you provide a version number with all of your requests. A request without a version number will default to the latest version of the API so you might experience changes you are not prepared for.
Version history
| Date | Version | Notes |
|---|---|---|
| 13/02/2024 | 2.0 | Large changes to our OpenAPI spec (particularly around Case Management) has caused us to increase the major version of our API. There are no breaking changes to the actual API itself. |
| 28/02/2024 | 2.1 | Introduced the business search endpoint, and the ability to create a business case with the information retrieved from the search results. |
| 16/04/2024 | 2.3 | Introduced the include categories filter to the Watchlist 006 service and updated the match profile schema to show the categories for the matched profile. |
| 24/04/2024 | 2.4 | Introduced the Nationalities field to Person Cases. |
| 10/06/2024 | 2.5 | Added CaseId to QueryData. |
| 25/06/2024 | 2.6 | Introduced the Callback Settings endpoints for managing webhooks. |
| 03/07/2024 | 2.7 | Financial vulnerability UK 005 service added. |
| 18/09/2024 | 2.8 | Added new endpoint for remediating Case Alerts. |
| 31/10/2024 | 2.9 | Anti-Fraud CIFAS UK 048 service added. |
| 04/12/2024 | 3.0 | Renamed Risk Groups to Case Groups. |
| 04/12/2024 | 3.1 | Added file upload to the IDV Check 013 service. |
| 17/12/2024 | 3.2 | Added new endpoint for retrieving full results for the DVFC 047 service. |
| 26/02/2025 | 3.3 | Updated the OnboardingStatusType enum for the DVFC 047 service. |
OpenAPI
OpenAPI is a popular standard for describing RESTful APIs. It defines all of an API's endpoints, requests and responses in a single JSON file. The file can be imported into tools like Postman or used to generate integration code in Visual Studio. It makes integrating with APIs easy.
We have Swagger running on our API and our OpenAPI spec can be found at the following url: https://api.w2globaldata.com/swagger/index.html
HTTP Status Codes
The W2 RESTful API closely adheres to the standard use of HTTP status codes. You can expect to find one of the following status codes in your response data.
| Http Response | Http Statuscode | Description |
|---|---|---|
| Retrieved (OK) | 200 | A 200 response indicates that the request has succeeded and the resource has been retrieved. |
| Created | 201 | An 201 response indicates that the request has succeeded and a resource was created. |
| OK No Content | 204 | A 204 response indicates that the request has succeeded and there was nothing to return. |
| Bad Request | 400 | A Bad request response indicates that due to invalid properties provided, the server was unable to process the request. |
| Unauthorised | 401 | An unauthorised response suggests that missing valid authentication and therefore the request could not be processed. |
| Forbidden | 403 | A forbidden error suggests that the server understands the request however authorization is denied. Please contact our support team in order to gain access. |
| Not Found | 404 | A not found error suggests the resource does not exist. |
| Internal Server Error | 500 | An Internal server error suggests that there is a problem with the server. Please contact our support team. |