RiskMaster API

Integrate RiskMaster into your applications using the SignalX GraphQL and REST APIs.

Authentication

SignalX uses a two-step authentication process with GraphQL mutations followed by JWT token authentication for all subsequent requests.

Endpoint

All GraphQL mutations are sent to:

POST https://api.riskmaster.signalx.ai/query
Content-Type: application/json

Step 1: Login mutation

Authenticate user credentials and start a session.

mutation Login {
  login(username: "user.name", password: "PassWord") {
    message
    code
    sessionID
  }
}

Success response (example):

{
  "data": {
    "login": {
      "message": "Session ID creation successful",
      "code": "OK",
      "sessionID": "11eb983b-ba71-453b-9c16-66ac94a0cc21"
    }
  }
}

Step 2: 2FA / OTP verification

Verify the OTP to complete authentication and receive a JWT token.

mutation Otp {
  otp(sessionID: "11eb983b-ba71-453b-9c16-66ac94a0cc21", otp: "123456") {
    message
    code
    token
    userDetails {
      username
    }
  }
}

Success response (example):

{
  "data": {
    "otp": {
      "message": "Token created successfully",
      "code": "OK",
      "token": "<JWT_TOKEN_EXAMPLE>",
      "userDetails": {
        "username": "demo.user"
      }
    }
  }
}

Token usage

Include the JWT token in headers for all subsequent requests.

GraphQL header:

token: <JWT_TOKEN_EXAMPLE>

REST header:

Authorization: Bearer <JWT_TOKEN_EXAMPLE>

In some browser flows the token may also be carried as a cookie:

Cookie: auth_token=<JWT_TOKEN>

---

Create wishlist

Create a wishlist containing connected parties (companies, directors, individuals, non‑companies) for which reports will be generated.

Endpoint

POST https://api.riskmaster.signalx.ai/query

GraphQL mutation

mutation createWishlist(
  $name: String!
  $org_id: Int!
  $cps: WCPInput!
  $company_id: Int!
  $department_id: Int!
) {
  createWishlist(
    name: $name
    org_id: $org_id
    cps: $cps
    company_id: $company_id
    department_id: $department_id
  ) {
    id
    name
    slug
    org_id
    company_id
    department_id
    cps {
      companies { name cin gstin pan status report_id }
      directors { name din pan status report_id father_name dob }
      individuals { name pan status report_id father_name dob }
      non_companies {
        name
        pan
        gstin
        aliases
        establishment_ids
        status
        report_id
        connected_party
      }
    }
    created_at
    updated_at
    created_by
    updated_by
  }
}

Required headers

Header	Description
accept	application/json
authorization	JWT token (or auth_token cookie)
origin	https://riskmaster.signalx.ai
referer	https://riskmaster.signalx.ai/

Input variables (example)

{
  "company_id": 143,
  "cps": {
    "companies": [
      {
        "aliases": [],
        "cin": "AAF-2331",
        "establishment_ids": [],
        "gstin": [],
        "name": "ABC - ADANI BUSINESS COMMERCE LLP",
        "pan": "",
        "report_id": "",
        "status": "PENDING"
      }
    ],
    "directors": [
      {
        "din": "10277177",
        "dob": "",
        "father_name": "",
        "name": "Abc Xyz",
        "pan": "",
        "report_id": "",
        "status": "PENDING"
      }
    ],
    "individuals": [
      {
        "dob": "2000-08-13T18:30:00.000Z",
        "father_name": "XYZ ",
        "name": "xyz abc ",
        "pan": "ABCDE1234H",
        "report_id": "",
        "status": "PENDING"
      }
    ],
    "non_companies": [
      {
        "aliases": [],
        "connected_party": "",
        "establishment_ids": [],
        "gstin": [],
        "name": "ABC Enterprise",
        "pan": "ABCDE1234F",
        "report_id": "",
        "status": "PENDING"
      }
    ]
  },
  "department_id": 87,
  "name": "test",
  "org_id": 44
}

Sample cURL

curl 'https://api.riskmaster.signalx.ai/query' \
  -H 'content-type: application/json' \
  -H 'accept: application/json' \
  -H 'Cookie: auth_token=<YOUR_JWT_TOKEN>' \
  --data-raw '{
    "query": "mutation createWishlist($name: String!, $org_id: Int!, $cps: WCPInput!, $company_id: Int!, $department_id: Int!) { createWishlist(name: $name, org_id: $org_id, cps: $cps, company_id: $company_id, department_id: $department_id) { id name slug org_id company_id department_id cps { companies { name cin gstin pan status report_id } directors { name din pan status report_id father_name dob } individuals { name pan status report_id father_name dob } non_companies { name pan gstin aliases establishment_ids status report_id connected_party } } created_at updated_at created_by updated_by } }",
    "variables": { ... }
  }'

---

Create multiple SignalX reports

Generate multiple SignalX reports in bulk for all entities in a wishlist.

GraphQL mutation

mutation CreateMultipleSignalXReport($request: MultipleSignalXReportRequest!) {
  createMultipleSignalXReport(request: $request) {
    message
    code
    report_requests {
      id
      org_id
      company_id
      department_id
      entity_type
      entity_id
      entity_details {
        corporate { name cin }
        non_corporate { name pan }
        individual { name pan father_name dob }
        director { name din }
      }
      report_details {
        report_id
        report_name
        report_type
        weightage_id
        created_at
        created_by
        updated_at
        updated_by
      }
    }
  }
}

Single report request format

Each object inside report_requests[]:

Field	Type	Required	Description
company_id	Int	Yes	Usually 0 for wishlist flow
department_id	Int	Yes	Usually 0 for wishlist flow
entity_type	Enum	Yes	CORPORATE, DIRECTOR, INDIVIDUAL, NON_CORPORATE
entity_id	String	Yes	CIN / DIN / PAN etc.
entity_details	Object	Yes	Details required for report generation
report_type	String	Yes	e.g. "STANDARD"
org_id	Int	Yes	Organization ID
wishlist_id	String	Yes	ID returned from Create Wishlist API

Sample request body

{
  "request": {
    "report_requests": [
      {
        "company_id": 0,
        "department_id": 0,
        "entity_details": {
          "corporate": { "cin": "AAF-2331", "name": "ABC - ADANI BUSINESS COMMERCE LLP" },
          "director": null,
          "individual": null,
          "non_corporate": null
        },
        "entity_id": "AAF-2331",
        "entity_type": "CORPORATE",
        "org_id": 44,
        "report_type": "STANDARD",
        "wishlist_id": "6929871f058574e2fcf87908"
      }
      // ... additional entities (director, individual, non_corporate)
    ]
  }
}

Sample response item (simplified)

{
  "id": "68ab1946d7acbf21ac433d02",
  "entity_type": "CORPORATE",
  "entity_id": "AAF-2331",
  "entity_details": {
    "corporate": { "name": "ABC - ADANI BUSINESS COMMERCE LLP", "cin": "AAF-2331" }
  },
  "report_details": [
    {
      "report_id": "cfb2b285-0139-47d4-b7b9-3bee2e283a4f",
      "report_name": "ABC - ADANI BUSINESS COMMERCE LLP",
      "report_type": "STANDARD",
      "created_at": "2025-08-24T13:53:10Z"
    }
  ]
}

Notes

• Each entity may return multiple historical reports.
• report_id values can be used with status, details, and download APIs below.

---

Get report status

Check the latest status of a generated report.

GET https://legacy.riskmaster.signalx.ai/api/report/get_report_status/{report_id}/

Headers

accept: application/json
authorization: <YOUR_JWT_TOKEN>
origin: https://riskmaster.signalx.ai
referer: https://riskmaster.signalx.ai/
user-agent: Mozilla/5.0

Sample cURL

curl 'https://legacy.riskmaster.signalx.ai/api/report/get_report_status/c7666a55-d289-444f-90d5-cb25f699eb32/' \
  -H 'accept: application/json' \
  -H 'authorization: <YOUR_JWT_TOKEN>' \
  -H 'origin: https://riskmaster.signalx.ai' \
  -H 'referer: https://riskmaster.signalx.ai/' \
  -H 'user-agent: Mozilla/5.0'

Status values

• NOT_START
• START
• QC
• COMPLETED

---

Get report details and analysis IDs

Retrieve full report details, including all analysis jobs and their analysis_ids.

GET https://legacy.riskmaster.signalx.ai/api/reports/{report_id}/?format=json

Sample cURL

curl -X GET \
  'https://legacy.riskmaster.signalx.ai/api/reports/fe9229da-a7a0-4cb4-879d-d0884027e1ba/?format=json' \
  -H 'accept: application/json' \
  -H 'authorization: Bearer <YOUR_JWT_TOKEN>' \
  -H 'origin: https://riskmaster.signalx.ai' \
  -H 'referer: https://riskmaster.signalx.ai/'

Response (excerpt)

{
  "id": "c7666a55-d289-444f-90d5-cb25f699eb32",
  "title": "RASIK PRODUCTS PRIVATE LIMITED",
  "status": "COMPLETED",
  "config": {
    "report_type": "STANDARD",
    "target_type": "COMPANY",
    "target": {
      "name": "RASIK PRODUCTS PRIVATE LIMITED",
      "cin": "U22211UP1998PTC024053",
      "pan": "AACCR3348B"
    }
  },
  "analyses": [
    {
      "id": "30ace731-6d14-4546-886b-b546f18e9ab1",
      "analysis_type": "regulatory analysis",
      "status": "COMPLETED"
    }
  ]
}

Use each analysis.id with the analysis detail APIs below.

---

Analysis detail APIs

Base URL:

https://legacy.riskmaster.signalx.ai/api/report/analysisdetail/{report_id}/{analysis_type}/{analysis_id}/

Common headers:

accept: application/json
authorization: Bearer <JWT_TOKEN>
cache-control: no-cache
origin: https://riskmaster.signalx.ai
pragma: no-cache
user-agent: Mozilla/5.0

Endpoints

• Regulatory analysis
  GET /api/report/analysisdetail/{report_id}/regulatoryanalysis/{analysis_id}/

• Finance analysis
  GET /api/report/analysisdetail/{report_id}/financeanalysis/{analysis_id}/

• Target overview analysis
  GET /api/report/analysisdetail/{report_id}/targetoverviewanalysis/{analysis_id}/

• Filings analysis
  GET /api/report/analysisdetail/{report_id}/filingsanalysis/{analysis_id}/

• Media analysis
  GET /api/report/analysisdetail/{report_id}/mediaanalysis/{analysis_id}/

• Risk scorecard analysis
  GET /api/report/analysisdetail/{report_id}/riskscorecardanalysis/{analysis_id}/

Sample cURL (finance analysis)

curl -X GET \
  'https://legacy.riskmaster.signalx.ai/api/report/analysisdetail/a55e2176-494c-41e3-a563-0b03d50d8395/financeanalysis/4a150f5e-ea72-427e-9267-303a1189dc81/' \
  -H 'accept: application/json' \
  -H 'authorization: Bearer <YOUR_JWT_TOKEN>'

Error handling

HTTP code	Description	Notes
200	Successful request	Data returned in response body
401	Unauthorized	Token is missing or expired
403	Forbidden	You do not have access to this resource
404	Not Found	Invalid report_id or analysis_id
500	Internal Server Error	Unexpected server error

---

Download report PDF

Download the final generated PDF report.

GET https://legacy.riskmaster.signalx.ai/api/report/download/{report_id}/

Headers

authorization: <YOUR_JWT_TOKEN>
accept: application/pdf
origin: https://riskmaster.signalx.ai
referer: https://riskmaster.signalx.ai/
user-agent: Mozilla/5.0

Sample cURL

curl 'https://legacy.riskmaster.signalx.ai/api/report/download/c7666a55-d289-444f-90d5-cb25f699eb32/' \
  -H 'accept: application/pdf' \
  -H 'authorization: <YOUR_JWT_TOKEN>' \
  --output report.pdf

--output report.pdf saves the PDF instead of printing binary content to the terminal.

Response

On success (200 OK), the API returns a PDF binary stream. For example, the start of the response body will look like:

%PDF-1.4
%....
1 0 obj
<< /Title (ENTITY NAME - Docx Report.docx)
...

This confirms the API is returning a proper PDF file.

Preconditions

Before calling the download API:

• The report must be generated — check status with:
  GET https://legacy.riskmaster.signalx.ai/api/report/get_report_status/{report_id}/
  Status must be COMPLETED.
• You must know the report_id, obtained from:
  • Create Report API (GraphQL)
  • Get Reports list
  • Wishlist report creation API

Example:

{
  "report_id": "c7666a55-d289-444f-90d5-cb25f699eb32"
}

Error responses

Status	Meaning
401	Unauthorized – invalid/missing token
404	Not Found – report ID does not exist
409	Conflict – report not ready (status != COMPLETED)
500	Internal Server Error – PDF generation failed

---