Skip to content

CredForge: Business Rule Engine (BRE) API

The BRE API provides programmatic access to our comprehensive Business Rule Engine (BRE) platform, delivering enhanced decision making using customised workflows.

Base URL

https://credforge.credeau.com/api

Variables

Variable Description Format Source
client_id Unique identifier for your organization Alphanumeric string Provided by Credeau during onboarding
auth_token Secret token for API authentication Alphanumeric string Provided by Credeau during onboarding
workflow_endpoint Unique API identifier for the workflow you want to execute Alphanumeric string Generated during strategy formation
workflow_name Name of the workflow, representing a strategy Alphanumeric string Generated during strategy formation
user_id Unique identifier for an end user Alphanumeric string, max 64 chars Generated by your application
reference_id Unique identifier for each loan application (lead_id). One customer can have many. Alphanumeric string Generated by your application
app_user_id Unique identifier for an end user registered on MobileGator SDK, if Integrated Alphanumeric string, max 64 chars, non-PII Generated by your application
request_id Unique identifier for each request Alphanumeric string Generated by the API

⚠️ Note

Keep these credentials secure and never share them publicly. These credentials are unique to your organization and will be used to authenticate all API requests.

Endpoint Pattern

POST /execute/${client_id}/${workflow_endpoint}

Authentication

The API requires two authentication headers:

Header Value
x-client-id <client_id>
x-auth-token <auth_token>

and, one content type header:

Header Value
Content-Type application/json

Request Parameters

Request Body (JSON)

Parameter Type Required Description
user_id string Yes Unique identifier of the user
reference_id string Yes Unique identifier for each loan application (lead_id). One customer can have many.
input_data json Yes Input parameters required to execute the workflow

⚠️ Note

Fields in input_data vary depending upon the workflow being executed. Refer to the individual BRE pages for the required fields.

Response

HTTP 200 OK (Success)

When a workflow is successfully executed and a decision is made:

{
  "request_id": "<request_id>",
  "user_id": "<user_id>",
  "reference_id": "<reference_id>",
  "workflow_version_path": "workflow_<workflow_name>_<version>",
  "engine_history": [],
  "output_data": {
    "ecm": {},
    "rules_output": {},
    "features": {}
  }
}

⚠️ Note

Fields in output_data vary depending upon the workflow being executed. Refer to the individual BRE pages for the response fields.

Error Responses

HTTP 401 Unauthorized (Wrong credentials)

This error occurs when either an invalid client ID or authentication token is provided in the request headers.

⚠️ Note

If you receive this error:

  1. Verify that you're using the correct client ID and authentication token
  2. Contact Credeau support

HTTP 403 Forbidden (Invalid Access)

This error can occur when the requesting IP address is not whitelisted in the Credeau firewall. For security reasons, all API requests must originate from pre-approved IP addresses.

<html>
  <head>
    <title>403 Forbidden</title>
  </head>
  <body>
    <center><h1>403 Forbidden</h1></center>
  </body>
</html>

⚠️ Note

To resolve this error:

  1. Contact Credeau support to whitelist your IP address
  2. Provide your organization's name and the IP address(es) that need access
  3. Once whitelisted, you'll be able to access the API from the approved IP addresses

HTTP 422 Unprocessable Content (Wrong Request Payload)

This error is returned when any of the required parameters is missing from the request payload.

{
  "detail": [
    {
      "type": "missing",
      "loc": ["body", "user_id"],
      "msg": "Field required",
      "input": {
        "reference_id": "...",
        "fetched_timestamp": "...",
        "raw_data": "...",
        "format_type": "..."
      }
    }
  ]
}

HTTP 429 Too Many Requests (Rate Limit Exceeded)

This error is returned when the rate of requests exceeds the allowed limit of 500 requests per minute per IP.

Best Practice for Rate Limit Handling

When implementing retries for rate-limited requests:

  1. Use exponential backoff: Start with a base delay (e.g., 1 second) and double it after each retry
  2. Add jitter: Include random variation (±20%) to the delay to prevent thundering herd problems
import random
import time

def get_retry_delay(attempt, base_delay=1, max_delay=60):
    # Calculate exponential backoff
    delay = min(base_delay * (2 ** attempt), max_delay)

    # Add jitter (±20%)
    jitter = delay * 0.2

    return delay + random.uniform(-jitter, jitter)

HTTP 500 Internal Server Error

This error is returned when the passed input contains unexpected values in correct format.

{
  "detail": "..."
}

Workflow

A Workflow is a programmatic representation of a business strategy to drive a decision based on custom requirements and respective input variables.

A Workflow can contain the following components in an order that justifies a business strategy:

  1. ECM (External Connection Manager) — Fetches data from external sources (Bureau, 3rd Party APIs, etc.) using pre-defined configurable templates for commonly used sources (CIBIL, Crif, Experian, Equifax, and some 3rd party APIs)
  2. Feature Engine — Executes custom logic in the form of Python functions to generate variables from the fetched data and raw data provided by the user
  3. Rule Engine — Applies business rules on the raw/fetched/generated variables to make a decision

Example

Example Workflow

  1. Input Data — Raw applicant information passed into the workflow

    Field Description
    name Full name of the applicant
    dob Date of birth
    pan PAN number
    email Email address
    mobile Mobile number
    address Residential address
    income Annual income
    occupation Occupation type
    loan_amt Loan amount requested

  2. Rule Engine — Basic Checks — Eligibility screening on raw input

    • age >= 18
    • income >= 50,000
    • occupation in ['Salaried', 'Self Employed']
    • address not in blacklisted pincodes
    • Decision: Proceed if all conditions pass, else Reject

  3. ECM — Bureau Report — Fetch credit bureau data for the applicant

    • Uses pan, dob, and mobile to pull the bureau report
    • Output: Raw bureau report

  4. Feature Engine — Bureau Features — Derive meaningful variables from bureau data

    • Processes the raw bureau report through custom Python functions
    • Output: Computed bureau features (e.g., bureau_score, obligations, bounces)

  5. Rule Engine — Bureau Checks — Credit assessment based on bureau features

    • bureau_score >= 600
    • obligations <= 20,000
    • bounces <= 1
    • Decision: Proceed if all conditions pass, else Reject

  6. ECM — Account Aggregator — Fetch banking/financial data for the applicant

    • Uses pan, dob, and mobile to pull the account aggregator report
    • Output: Raw account aggregator report

  7. Feature Engine — Account Features — Derive variables from banking data

    • Processes the account aggregator report through custom Python functions
    • Output: Computed account features (e.g., obligations, bounces, avg_balance)

  8. Rule Engine — Account Aggregator Checks — Final assessment based on banking data

    • obligations <= 20,000
    • bounces <= 1
    • Decision: Approved if all conditions pass, else Reject

Reading the Output

In the workflow output, look for the following keys for the final decision:

output_data → rules_output → final_decision → <key>

Where <key> can be one of the following:

  • Decision — Final decision of the workflow. Values like Approve, Reject, Proceed To Bank, etc.
  • DecisionReason — Reason for the decision. Values like geocoding bre checked, bureau bre checked, etc.
  • LoanAmount — Approved loan amount. Values like 50000, 100000, etc.
  • EmiDecision — Decision for EMI loan products.
  • LoanOffers — List of approved EMI loan offers.

For Payday/Bullet Loans

  1. output_data → rules_output → final_decision → Decision — the decision
  2. output_data → rules_output → final_decision → LoanAmount — the approved fixed amount

For EMI Loans

  1. output_data → rules_output → final_decision → EmiDecision — the decision
  2. output_data → rules_output → final_decision → LoanOffers — list of approved loan offers

Available BREs

Select the BRE that matches your use case and refer to its dedicated documentation for request parameters, response structure, and configuration details.

BRE Endpoint Description
Location BRE POST /execute/${client_id}/location_bre Decision based on location information
Bureau Mobile BRE POST /execute/${client_id}/bureau_mobile_bre Decision based on Mobile & Bureau Intelligence
Bank BRE POST /execute/${client_id}/bank_bre Decision based on banking transaction data
Bureau Mobile Bank BRE POST /execute/${client_id}/bureau_mobile_bank_bre Decision based on Account, Mobile & Bureau Intelligence
Repeat BRE POST /execute/${client_id}/repeat_bre Decision for repeat customers

Consideration

This is a highly customisable API that can serve multiple business strategies. Thus, the fields mentioned in input_data and output_data in the individual BRE pages are not limited to the provided values, and will change as per the requirements of the strategy.

Hence, this documentation acts as the integration guide for developers, and the actual API documentation with detailed fields and descriptions will be provided by Credeau's team post strategy finalisation.