Allow / block lists
Lists are simple keyed lookups: "is this NIK / email / phone / IP / beneficiary-account / country on a known-good or known-bad list?"
They're the highest-confidence input to the rules engine — list hits typically trip bypassMl: true rules and produce deterministic decisions.
List kinds
| Key type | Use case |
|---|---|
nik | Per-customer block (regulatory, internal, partner-fed) |
email | Disposable-email domains, known-fraud accounts |
phone | Known-mule numbers, recycled numbers |
ip | Botnet IPs, datacenter ranges, known-VPN exit nodes |
beneficiary_account | Counterparty-account-based block |
country | Sanctioned countries, high-risk-FATF jurisdictions |
List kinds × list classes
| Class | Meaning |
|---|---|
allow | Trusted entries. Reduce fraudScore; can short-circuit to allow. |
block | Untrusted entries. Trigger configured rule; can short-circuit to block. |
Endpoints
/api/listsFilters: lane, listKind (allow · block).
Response:
{
"data": [
{
"id": "lst_01HXY...",
"name": "Internal mule blocklist",
"keyType": "nik",
"class": "block",
"lane": "transaction",
"entryCount": 4827,
"lastSyncedAt": "2026-05-24T03:00:00Z",
"syncStatus": "active",
"connectorId": "con_01HXY..."
}
]
}/api/lists{
"name": "Disposable email domains",
"keyType": "email",
"class": "block",
"lane": "onboarding"
}Adding entries
/api/lists/{id}/entries{
"entries": [
{ "value": "3201234567890099", "reason": "Confirmed mule via Q1 investigation", "addedBy": "fraud-ops@bankxyz.co.id" },
{ "value": "3201234567890123", "reason": "Same-as-above" }
]
}Up to 1,000 entries per request. Hashes the value at rest if keyType is nik or phone; raw values are not queryable back from the API.
Removing entries
/api/lists/{id}/entries/{entryId}Requires a reason query param for audit:
curl -X DELETE ".../api/lists/lst_01HXY.../entries/ent_01HXY...?reason=customer+reinstated+after+appeal" \
-H "Authorization: Bearer $QE_API_KEY"Bulk CSV import
/api/lists/{id}/importmultipart/form-data with a CSV file:
value,reason,added_by
3201234567890099,Confirmed mule,fraud-ops@bankxyz.co.id
3201234567890123,Same-as-above,fraud-ops@bankxyz.co.idReturns a job ID. Imports run async; poll status or subscribe to list.import.completed webhook.
External DB connectors
For lists that live in your data warehouse (e.g. analyst-curated mule database), configure a connector once and have us sync on a schedule:
| Connector type | Status |
|---|---|
| PostgreSQL | Stable |
| MySQL | Stable |
| Microsoft SQL Server | Stable |
| Oracle | Stable |
| Snowflake | Stable |
| BigQuery | Stable |
| Databricks | Beta |
| S3 + CSV | Stable |
Configure from the dashboard's Lists → Connectors page (the API for connector setup is intentionally dashboard-only because of credential handling).
Sync cadences: manual · hourly · daily · weekly. Connector errors surface in syncStatus (failing · paused) and via the list.sync.failed webhook.
One list, multiple lanes
A list created with lane: "onboarding" only applies to onboarding evaluations. Most banks duplicate critical block lists across both lanes — keep one canonical list in your warehouse, sync it into two Quantum Elixir lists (-ob and -tx).