socure · Arazzo Workflow

Socure Contact Risk Then Decision

Version 1.0.0

Score email, phone, and address risk for an applicant, then run a decision when all contact signals are low risk.

1 workflow 2 source APIs 1 provider

View Spec View on GitHub ArazzoWorkflows

Provider

socure

Workflows

contact-risk-then-decision

Score email, phone, and address risk and run a decision only when all are low risk.

Runs the email, phone, and address RiskScore modules, branches on the returned scores, and runs a decision evaluation when all contact signals are below the threshold.

2 steps inputs: apiKey, city, country, customerUserId, dob, email, firstName, mobileNumber, nationalId, physicalAddress, riskThreshold, state, surName, zip outputs: addressScore, decision, emailScore, phoneScore, riskReferenceId

scoreContactRisk

evaluateIdentity

Run an ID+ evaluation across email, phone, and address RiskScore modules and capture each contact risk score.

runDecision

evaluateDecision

Run a decision evaluation for the applicant now that all contact signals scored below the configured threshold.

Source API Descriptions

openapi

idplusApi https://raw.githubusercontent.com/api-evangelist/socure/refs/heads/main/openapi/socure-idplus-api-openapi.yml

openapi

decisionApi https://raw.githubusercontent.com/api-evangelist/socure/refs/heads/main/openapi/socure-decision-api-openapi.yml

Arazzo Workflow Specification

arazzo: 1.0.1
info:
  title: Socure Contact Risk Then Decision
  summary: Score email, phone, and address risk for an applicant, then run a decision when all contact signals are low risk.
  description: >-
    The contact-signal gating flow. The workflow runs an ID+ evaluation across
    the email, phone, and address RiskScore modules, branches on the combined
    risk scores, and — when every contact signal scores below the configured
    threshold — runs a decision evaluation to produce a deterministic onboarding
    outcome. Every step inlines its request so the contact-risk flow can be read
    and executed without opening the underlying OpenAPI descriptions.
  version: 1.0.0
sourceDescriptions:
- name: idplusApi
  url: ../openapi/socure-idplus-api-openapi.yml
  type: openapi
- name: decisionApi
  url: ../openapi/socure-decision-api-openapi.yml
  type: openapi
workflows:
- workflowId: contact-risk-then-decision
  summary: Score email, phone, and address risk and run a decision only when all are low risk.
  description: >-
    Runs the email, phone, and address RiskScore modules, branches on the
    returned scores, and runs a decision evaluation when all contact signals are
    below the threshold.
  inputs:
    type: object
    required:
    - apiKey
    - email
    - mobileNumber
    - physicalAddress
    properties:
      apiKey:
        type: string
        description: Socure API key presented as `SocureApiKey <api-key>`.
      email:
        type: string
      mobileNumber:
        type: string
      physicalAddress:
        type: string
      city:
        type: string
      state:
        type: string
      zip:
        type: string
      country:
        type: string
      customerUserId:
        type: string
      firstName:
        type: string
      surName:
        type: string
      dob:
        type: string
      nationalId:
        type: string
      riskThreshold:
        type: number
        description: Maximum acceptable contact risk score (0-1) for each signal.
        default: 0.5
  steps:
  - stepId: scoreContactRisk
    description: >-
      Run an ID+ evaluation across email, phone, and address RiskScore modules
      and capture each contact risk score.
    operationId: evaluateIdentity
    parameters:
    - name: Authorization
      in: header
      value: SocureApiKey $inputs.apiKey
    requestBody:
      contentType: application/json
      payload:
        modules:
        - emailrisk
        - phonerisk
        - addressrisk
        customerUserId: $inputs.customerUserId
        email: $inputs.email
        mobileNumber: $inputs.mobileNumber
        physicalAddress: $inputs.physicalAddress
        city: $inputs.city
        state: $inputs.state
        zip: $inputs.zip
        country: $inputs.country
    successCriteria:
    - condition: $statusCode == 200
    outputs:
      referenceId: $response.body#/referenceId
      emailScore: $response.body#/emailRisk/score
      phoneScore: $response.body#/phoneRisk/score
      addressScore: $response.body#/addressRisk/score
    onSuccess:
    - name: lowRisk
      type: goto
      stepId: runDecision
      criteria:
      - context: $response.body
        condition: $.emailRisk.score <= $inputs.riskThreshold && $.phoneRisk.score <= $inputs.riskThreshold && $.addressRisk.score <= $inputs.riskThreshold
        type: jsonpath
    - name: highRisk
      type: end
      criteria:
      - context: $response.body
        condition: $.emailRisk.score > $inputs.riskThreshold || $.phoneRisk.score > $inputs.riskThreshold || $.addressRisk.score > $inputs.riskThreshold
        type: jsonpath
  - stepId: runDecision
    description: >-
      Run a decision evaluation for the applicant now that all contact signals
      scored below the configured threshold.
    operationId: evaluateDecision
    parameters:
    - name: Authorization
      in: header
      value: SocureApiKey $inputs.apiKey
    requestBody:
      contentType: application/json
      payload:
        modules:
        - decision
        - kyc
        customerUserId: $inputs.customerUserId
        firstName: $inputs.firstName
        surName: $inputs.surName
        dob: $inputs.dob
        nationalId: $inputs.nationalId
    successCriteria:
    - condition: $statusCode == 200
    outputs:
      referenceId: $response.body#/referenceId
      decision: $response.body#/decision/value
  outputs:
    riskReferenceId: $steps.scoreContactRisk.outputs.referenceId
    emailScore: $steps.scoreContactRisk.outputs.emailScore
    phoneScore: $steps.scoreContactRisk.outputs.phoneScore
    addressScore: $steps.scoreContactRisk.outputs.addressScore
    decision: $steps.runDecision.outputs.decision