Skip to main content
POST
/
entities
Create
curl --request POST \
  --url http://api.gu1.ai/entities \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --data '
{
  "type": "<string>",
  "externalId": "<string>",
  "name": "<string>",
  "countryCode": "<string>",
  "taxId": "<string>",
  "email": {},
  "phone": {},
  "nationality": {},
  "registrationDate": {},
  "attributes": {},
  "riskFactors": {},
  "entityData": {},
  "isClient": true,
  "riskMatrixId": "<string>",
  "skipRulesExecution": true,
  "shareholderDepth": 123,
  "status": "<string>",
  "monitoring": {},
  "autoExecuteIntegrations": {}
}
'
{
  "success": true,
  "entity": {},
  "rulesResult": {},
  "rulesExecutionSummary": {}
}

Documentation Index

Fetch the complete documentation index at: https://docs.gu1.ai/llms.txt

Use this file to discover all available pages before exploring further.

Overview

Creates a new entity with the specified type and attributes. Entities represent the core data objects you want to analyze for risk and compliance.

Endpoint

POST http://api.gu1.ai/entities

Authentication

Requires a valid API key in the Authorization header: 
Authorization: Bearer YOUR_API_KEY

Request Body

type
string
required
The type of entity to create. Available types:
  • person - Individual person/customer
  • company - Business entity
externalId
string
Your unique identifier for this entity in your system (optional but recommended for easier tracking)
name
string
required
Display name for the entity
countryCode
string
required
ISO 3166-1 alpha-2 country code (e.g., “US”, “BR”, “AR”)
taxId
string
Tax identification number (validated based on country)
email
string | null
Optional primary contact email stored on the entity row (nullable). Existing entities keep null until set. Send null on PATCH to clear.
phone
string | null
Optional primary contact phone stored on the entity row (nullable). Existing entities keep null until set. Send null on PATCH to clear.
nationality
string | null
Optional root-level nationality: ISO 3166-1 alpha-2, or a recognized label the API maps to ISO2. If omitted, the root field may still be derived from entityData.person.nationality or entityData.company.nationality when mappable.
registrationDate
string | number | Date
Registration or incorporation date of the entity. Accepts:
  • ISO 8601 datetime string (e.g., “2020-06-15T00:00:00Z”)
  • Unix timestamp (number)
  • JavaScript Date object
attributes
object
Optional - Custom attributes as key-value pairs for flexible metadataUse this for custom fields that don’t fit in the standard schema (e.g., internal IDs, tags, flags)
riskFactors
object
Optional - Custom risk factors and manual risk score overridesProperties:
  • reasons (array of strings) - Reasons for the risk assessment
  • customLabel (object) - Custom risk label configuration:
    • name (string) - Label name (e.g., “High Risk”, “Suspicious”)
    • color (string) - Color code for UI display
    • status (string) - Status indicator
    • minScore (number) - Minimum score for this label
    • maxScore (number | null) - Maximum score (null for infinite)
    • severity (enum) - Severity level: ‘low’, ‘medium’, ‘high’, ‘critical’
  • displayRange (object) - Score range display configuration:
    • max (number | null) - Maximum value (null for infinite)
    • min (number) - Minimum value
    • current (number) - Current score value
    • isInfinite (boolean) - Whether the range is infinite
  • originalScore (number) - Original calculated score before manual override
  • normalizedScore (number) - Normalized score value
Use case: Override automatic risk scoring with manual assessments for special cases.
entityData
object
Optional - Type-specific data structure. See examples below for each entity type.
When to use entityData?
  • Optional for basic entity creation - You can create an entity with just type, name, taxId, and countryCode
  • Required for enrichment and risk analysis - If you want to run compliance checks, you’ll need to provide relevant fields
  • Can be populated later - You can create a minimal entity first, then update it with full data before running risk analysis
Minimal Example (Person):
{
  "type": "person",
  "name": "John Doe",
  "taxId": "12345678",
  "countryCode": "US"
  // No entityData needed for basic creation
}
Full Example (Person with KYC data):
{
  "type": "person",
  "name": "John Doe",
  "taxId": "12345678",
  "countryCode": "US",
  "entityData": {
    "person": {
      "firstName": "John",
      "lastName": "Doe",
      "dateOfBirth": "1980-01-15",
      "email": "john@example.com",
      "phone": "+1234567890"
    }
  }
}
isClient
boolean
default:"false"
Mark this entity as a client/customer for tracking purposes
riskMatrixId
string
UUID of the risk matrix to execute rules from automatically
skipRulesExecution
boolean
default:"false"
Skip automatic rules execution after entity creation
shareholderDepth
number
default:"0"
For company entities: How many levels of shareholders to auto-create (0-5).
  • 0 = None (default)
  • 1 = Direct shareholders only
  • 2 = Shareholders + their shareholders
  • 3-5 = Deeper nested levels
Useful for automatic KYB and UBO (Ultimate Beneficial Owner) discovery.
status
string
default:"under_review"
Initial status for the entity. Options:
  • active - Entity is active
  • inactive - Entity is inactive
  • blocked - Entity is blocked
  • under_review - Entity is under review (default)
  • suspended - Entity is suspended
  • expired - Entity has expired
  • deleted - Soft deleted
  • rejected - Entity was rejected
monitoring
object
Optional flags so specific enrichments run in watchlist mode (Regtia op 1 — check and add to monitored list) for the main entity when autoExecuteIntegrations runs that enrichment. Only applies if your organization has monitoring enabled in Marketplace for that integration.
  • main (object, optional) — map of enrichment provider codeboolean. Today the only supported key is global_gueno_sanctions_enrichment (Gueno global sanctions).
  • relationships (object, optional) — ignored on this endpoint; use Create automatically with depth > 0 and monitoring.relationships for shareholders/related entities.
If org monitoring is off, the enrichment still runs as a normal check (op 0); the flag is a no-op. The enrichment must also appear in autoExecuteIntegrations.enrichments (or run via executeAllActiveEnrichments: true with that enrichment active).
autoExecuteIntegrations
object
Configure automatic execution of integrations (enrichments and checks) when creating the entity.Properties:
  • executeAllActiveEnrichments (boolean) - Execute all active enrichment integrations
  • executeAllActiveChecks (boolean) - Execute all active check integrations
  • enrichments (array) - Array of specific enrichment provider codes to execute (see Provider Codes Reference)
  • checks (array) - Array of specific check provider codes to execute (see Provider Codes Reference)

Entity Data Structures

Person Entity

{
  "person": {
    "firstName": "string",
    "lastName": "string",
    "dateOfBirth": "YYYY-MM-DD",
    "nationality": "string",
    "occupation": "string",
    "income": number,
    "incomeCurrency": "string",
    "address": "string | object (see Address Format note)",
    "city": "string",
    "state": "string",
    "country": "string",
    "postalCode": "string",
    "email": "string",
    "gender": "M | F | male | female | unknown | other",
    "phone": "string",
    "alternativePhone": "string",
    "idType": "national_id | passport | drivers_license | tax_id | other",
    "idNumber": "string",
    "isPep": boolean,
    "pepPosition": "string",
    "pepCountry": "string"
  }
}

Company Entity

{
  "company": {
    "legalName": "string",
    "tradeName": "string",
    "incorporationDate": "YYYY-MM-DD",
    "companySubtype": "merchant | investment_fund | holding | bank | payment_processor | other",
    "industry": "string",
    "websiteUrl": "string",
    "employeeCount": number,
    "revenue": number,
    "revenueCurrency": "string",
    "contactInfo": {
      "email": "string",
      "phone": "string",
      "alternativePhone": "string"
    },
    "address": "string | object (see Address Format note)",
    "city": "string",
    "state": "string",
    "country": "string",
    "postalCode": "string"
  }
}
Address Format: The address field supports both formats:
  • String format (simple): "Av. Paulista, 1000, São Paulo, SP, Brazil"
  • Object format (structured): 
    {
  "street": "Av. Paulista",
  "number": "1000",
  "complement": "Suite 200",
  "neighborhood": "Bela Vista",
  "city": "São Paulo",
  "state": "SP",
  "country": "Brazil",
  "postalCode": "01310-100"
}
This applies to person, company, and location entities.

Device Entity

{
  "device": {
    "type": "string",
    "model": "string",
    "manufacturer": "string",
    "serialNumber": "string",
    "os": "string",
    "lastSeen": "ISO8601 timestamp",
    "imei": "string",
    "carrier": "string",
    "phoneNumber": "string"
  }
}

Payment Method Entity

{
  "paymentMethod": {
    "type": "string",
    "issuer": "string",
    "lastFour": "string",
    "expiryDate": "YYYY-MM",
    "isDefault": boolean,
    "pixKey": "string",
    "pixKeyType": "string",
    "bankName": "string",
    "bankCode": "string"
  }
}

Location Entity

{
  "location": {
    "type": "string",
    "address": "string | object (see Address Format note)",
    "city": "string",
    "state": "string",
    "postalCode": "string",
    "coordinates": {
      "lat": number,
      "lng": number
    }
  }
}

Document Entity

{
  "document": {
    "type": "string",
    "issuer": "string",
    "issueDate": "YYYY-MM-DD",
    "expiryDate": "YYYY-MM-DD",
    "documentNumber": "string"
  }
}

Alert Entity

{
  "alert": {
    "alertNumber": "string",
    "alertType": "RISK | COMPLIANCE | FRAUD | REGULATORY | SYSTEM",
    "severity": "INFO | WARNING | HIGH | CRITICAL",
    "status": "NEW | ACKNOWLEDGED | INVESTIGATING | RESOLVED | FALSE_POSITIVE",
    "sourceSystem": "string",
    "triggerRuleId": "string",
    "triggerCondition": "string",
    "affectedEntityId": "string",
    "relatedEntityIds": ["string"],
    "alertedAt": "ISO8601 timestamp",
    "acknowledgedAt": "ISO8601 timestamp",
    "acknowledgedBy": "string",
    "resolvedAt": "ISO8601 timestamp",
    "resolvedBy": "string",
    "resolutionNotes": "string",
    "falsePositiveReason": "string"
  }
}

Query Parameters

refresh
boolean
default:"false"
Force re-enrichment of the entity even if it already exists in the system.Type: boolean (query string: "true" or "false")Behavior:
  • When true: Forces the system to fetch fresh data from enrichment providers (e.g., background checks, KYC data, company registries)
  • When false or omitted: Uses cached enrichment data if available
  • Overrides organization setting enrichmentsConfig.reEnrichExistingEntities
Use Cases:
  • Re-validating entity data after a significant time period
  • Updating information when you know external data has changed
  • Manual refresh triggered by compliance team
  • Periodic data quality audits
Example:
POST http://api.gu1.ai/entities?refresh=true
Note: Re-enrichment may incur additional costs from third-party data providers.

Response

success
boolean
Indicates if the entity was created successfully
entity
object
The created entity object including:
  • id - gu1’s internal ID
  • externalId - Your external ID
  • organizationId - Your organization ID
  • type - Entity type
  • name - Entity name
  • riskScore - Initial risk score (0-100)
  • status - Entity status
  • entityData - Type-specific data
  • attributes - Custom attributes
  • createdAt - Creation timestamp
  • updatedAt - Last update timestamp
rulesResult
object
Result of rules execution (only present when rules ran, e.g. when skipRulesExecution is false and a risk matrix is configured), including:
  • success (boolean) - Whether rules executed successfully
  • rulesTriggered (number) - Number of rules that were triggered
  • alerts (array) - Alerts generated by rules
  • riskScore (number) - Final calculated risk score
  • decision (string) - Final decision (APPROVE, REJECT, HOLD, REVIEW_REQUIRED)
  • rulesExecutionSummary (object) - Present when rules ran. See below for structure.
rulesExecutionSummary
object
At the root of the response (same as transactions API). Only present when rules ran (e.g. skipRulesExecution is false and rules engine executed). Same value as rulesResult.rulesExecutionSummary. Summary of which rules matched (hit) vs did not match (no hit), executed actions, and total score. Omitted when rules did not run.
  • rulesHit (array) - Rules whose conditions were met. Each item: name, description, score, priority, category, status (e.g. active, shadow), conditions (array of { field, value, operator? }), actions (alerts, suggestion, status, assignedUser).
  • rulesNoHit (array) - Rules that were evaluated but conditions were not met. Same structure as rulesHit (includes configured actions, not executed).
  • actionsExecuted (object) - Aggregated executed actions across all rules that hit: alerts (array of { name?, type?, severity?, description? }), suggestion (BLOCK | SUSPEND | FLAG, highest weight), status (entity status applied, if any), assignedUser ({ userId }, if any), customKeys (array of strings, optional) — custom action keys from matched rules; for integrations/workflows.
  • totalScore (number) - Sum of score of all rules that hit and are not in shadow status.

Example: Gueno sanctions monitoring on create

Use this when Gueno global sanctions should run in watchlist mode (subscribe for daily screening) during POST /entities, not only as a one-off check.
monitoring has no effect unless:
  1. The same enrichment code appears in autoExecuteIntegrations.enrichments (or you use executeAllActiveEnrichments: true and that enrichment is active), and
  2. Your organization enabled monitoring for Gueno sanctions in Marketplace. If monitoring is off, the enrichment still runs as a normal screening (op 0).

Person (type: "person")

{
  "type": "person",
  "externalId": "cust_screening_001",
  "name": "María González",
  "countryCode": "AR",
  "taxId": "27-12345678-1",
  "entityData": {
    "person": {
      "firstName": "María",
      "lastName": "González",
      "dateOfBirth": "1985-03-15",
      "nationality": "AR"
    }
  },
  "monitoring": {
    "main": {
      "global_gueno_sanctions_enrichment": true
    }
  },
  "autoExecuteIntegrations": {
    "executeAllActiveEnrichments": false,
    "executeAllActiveChecks": false,
    "enrichments": ["global_gueno_sanctions_enrichment"],
    "checks": []
  }
}

Company (type: "company")

{
  "type": "company",
  "externalId": "co_screening_001",
  "name": "Tech Solutions S.A.",
  "countryCode": "AR",
  "taxId": "30-71000001-2",
  "entityData": {
    "company": {
      "legalName": "Tech Solutions S.A.",
      "tradeName": "Tech Solutions",
      "industry": "Software"
    }
  },
  "monitoring": {
    "main": {
      "global_gueno_sanctions_enrichment": true
    }
  },
  "autoExecuteIntegrations": {
    "executeAllActiveEnrichments": false,
    "executeAllActiveChecks": false,
    "enrichments": ["global_gueno_sanctions_enrichment"],
    "checks": []
  }
}
The relationships key inside monitoring is not used on POST /entities. For shareholders or related entities created in the same job, use Create automatically with depth > 0 and monitoring.relationships.

Examples

Create Person Entity (KYC)

curl -X POST http://api.gu1.ai/entities \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "type": "person",
    "externalId": "customer_12345",
    "name": "María González",
    "countryCode": "AR",
    "taxId": "20-12345678-9",
    "entityData": {
      "person": {
        "firstName": "María",
        "lastName": "González",
        "dateOfBirth": "1985-03-15",
        "nationality": "AR",
        "occupation": "Software Engineer",
        "income": 85000
      }
    },
    "attributes": {
      "email": "maria.gonzalez@example.com",
      "phone": "+54 11 1234-5678",
      "customerSince": "2024-01-15"
    }
  }'

Create Company Entity (KYB)

curl -X POST http://api.gu1.ai/entities \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "type": "company",
    "externalId": "company_789",
    "name": "Tech Solutions S.A.",
    "countryCode": "BR",
    "taxId": "12.345.678/0001-90",
    "entityData": {
      "company": {
        "legalName": "Tech Solutions Sociedade Anônima",
        "tradeName": "Tech Solutions",
        "incorporationDate": "2020-06-15",
        "industry": "Software Development",
        "employeeCount": 50,
        "revenue": 5000000
      }
    },
    "attributes": {
      "website": "https://techsolutions.com.br",
      "registeredAddress": "Av. Paulista, 1000, São Paulo",
      "partnershipTier": "gold"
    }
  }'

Response Example

{
  "success": true,
  "entity": {
    "id": "550e8400-e29b-41d4-a716-446655440000",
    "externalId": "customer_12345",
    "organizationId": "8e2f89ab-c216-4eb4-90eb-ca5d44499aaa",
    "type": "person",
    "name": "María González",
    "taxId": "20-12345678-9",
    "countryCode": "AR",
    "riskScore": 25,
    "status": "active",
    "entityData": {
      "person": {
        "firstName": "María",
        "lastName": "González",
        "dateOfBirth": "1985-03-15",
        "nationality": "AR",
        "occupation": "Software Engineer",
        "income": 85000
      }
    },
    "attributes": {
      "email": "maria.gonzalez@example.com",
      "phone": "+54 11 1234-5678",
      "customerSince": "2024-01-15"
    },
    "createdAt": "2024-10-03T14:30:00.000Z",
    "updatedAt": "2024-10-03T14:30:00.000Z"
  }
}

Error Responses

400 Bad Request - Invalid Tax ID

{
  "success": false,
  "error": {
    "code": "VALIDATION_ERROR",
    "message": "Invalid CUIT format. Please check the format and try again.",
    "details": {
      "field": "taxId",
      "taxIdName": "CUIT",
      "providedValue": "20-12345678-9"
    }
  },
  "entity": null
}

400 Bad Request - Missing Required Fields

{
  "success": false,
  "error": {
    "code": "VALIDATION_ERROR",
    "message": "Missing required fields for company creation",
    "details": {
      "missingFields": ["legalName", "industry"],
      "requiredFields": ["legalName", "tradeName", "industry", "incorporationDate"],
      "countryCode": "BR"
    }
  },
  "entity": null
}

409 Conflict - Duplicate Entity

{
  "success": false,
  "error": {
    "code": "DUPLICATE_ENTITY",
    "message": "Entity with this external_id already exists",
    "details": {
      "field": "external_id",
      "value": "customer_12345",
      "constraint": "entities_organization_external_id_unique"
    }
  },
  "entity": null
}

401 Unauthorized

{
  "error": "Invalid or missing API key",
  "code": "INVALID_KEY"
}

429 Too Many Requests

{
  "error": "Rate limit exceeded",
  "code": "RATE_LIMIT_EXCEEDED",
  "message": "You have exceeded your API rate limit. Please wait before making more requests.",
  "retryAfter": 3600,
  "limit": 100,
  "remaining": 0,
  "resetAt": "2025-01-15T10:00:00Z"
}

500 Internal Server Error

{
  "success": false,
  "error": {
    "code": "INTERNAL_ERROR",
    "message": "An unexpected error occurred while creating the entity",
    "details": {
      "message": "Database connection timeout"
    }
  },
  "entity": null
}

Next Steps

After creating an entity, you can:
  1. Request AI Analysis - Get automated risk assessment
  2. List Entities - Query your entities
  3. Get Entity Details - Retrieve complete entity information
  4. Apply Rules - Run compliance and risk rules