TRM Sanctions API (v1)

Download OpenAPI specification:Download


The TRM API is organized around REST.

Our API has predictable resource-oriented URLs, accepts form-encoded request bodies, returns JSON-encoded responses, and uses standard HTTP response codes, authentication, and verbs.

You can view code examples in the dark area to the right, and you can switch the programming language of the examples with the tabs in the top right.


TRM uses conventional HTTP response codes to indicate the success or failure of an API request. In general: Codes in the 2xx range indicate success. Codes in the 4xx range indicate an error that failed given the information provided (e.g., a required parameter was omitted, etc.). Codes in the 5xx range indicate an error with TRM's servers (these are rare).

The TRM API uses the following error codes:

Error Code Meaning
400 Bad Request -- Your request is invalid.
401 Unauthorized -- Your API key is wrong.
404 Not Found -- The specified resource could not be found.
405 Method Not Allowed -- You tried to access an object with an invalid method.
406 Not Acceptable -- You requested a format that isn't json.
429 Too Many Requests -- You have exceeded your rate limit. See below for details on handling rate limits.
500 Internal Server Error -- We had a problem with our server. Try again later.
503 Service Unavailable -- We're temporarily offline for maintenance. Please try again later.

Rate Limiting

Traffic to the TRM Sanctions API is rate limited.

Requests that come in faster than this limit may receive an error response with HTTP status code 429. If you are seeing this response, the solution is to retry these requests after the suggested interval. In general, your application should meter requests to try to stay at or below the limit.

Responses to TRM API requests include several headers to help you work with our rate limit. Responses with a 429 error will include a Retry-After header recommending a number of seconds to wait before retrying the request.

By default, the API is limited to 1 req/sec, and maximum of 100 req/day. For those who need more screens, you can request an API Key here.

Headers on a successful request

HTTP/1.1 201 Created
X-RateLimit-Limit: 10
X-RateLimit-Remaining: 8
X-RateLimit-Reset: 1613700051

Headers on a rate-limited request

HTTP/1.1 429 Too Many Requests
X-RateLimit-Limit: 10
X-RateLimit-Remaining: 0
X-RateLimit-Reset: 1613700051
Retry-After: 1


Submit one or more addresses to be screened

Returns whether each address provided has sanctions exposure. By default, the API is limited to 1 req/sec, and maximum of 100 req/day For those who need more screens, you can request an API Key here. For users with API Keys, the API is limited to 1000 req/sec, and maximum of 100K req/day

Request Body schema: application/json
Array (non-empty)

Address(es) screened

Request samples
  • {
Response samples
  • {