rpmjp/portfolio
rpmjp/projects/sentinel/api-reference.md
CompletedOctober 2025 – January 2026

Sentinel — Fraud Detection Platform

Production-grade fraud operations platform with calibrated LightGBM scoring at 8.5ms, SHAP explainability on every prediction, and $1.23M in modeled net savings from cost-aware threshold tuning.

Python 3.12FastAPILightGBMSHAPPostgreSQL 16React 19TypeScriptTailwind v4
Languages
TypeScript56.7%
Python41.6%
CSS1%
Makefile0.4%
JavaScript0.1%
Mako0.1%
HTML0.1%
api-reference.md

REST API Reference

Sentinel exposes roughly 50 endpoints across 14 router modules. Full OpenAPI documentation is auto-generated by FastAPI at /docs. Every endpoint requires a JWT bearer token and respects role-based access control.

A selection of the most important endpoints below.

Authentication

EndpointMethodDescription
/auth/loginPOSTEmail + password → JWT bearer token
/auth/meGETCurrent authenticated user

Scoring

EndpointMethodDescription
/scorePOSTScore a single transaction, returns score + SHAP top features
/score/batchPOSTScore up to 1000 transactions in one request

Analyst workflow

EndpointMethodDescription
/queueGETPaginated fraud queue with risk and decision filters
/transactions/{id}GETFull transaction detail with explanation and audit trail
/transactions/{id}/feedbackPOSTRecord analyst decision (confirmed_fraud, false_positive, escalated)
/entities/{account_id}GETAccount profile with history and counterparties
/investigateGETMulti-criteria search with stats and pagination
/investigate/export.csvGETFiltered CSV export, capped at 10K rows

Dashboard

EndpointMethodDescription
/dashboard/kpisGETOpen cases, blocked amount, throughput, average score
/dashboard/geo/worldGETPer-country transaction and fraud-rate aggregates

Case management

EndpointMethodDescription
/casesGET, POSTCase list with stats, and case creation
/cases/{id}GET, PATCHFull case detail; update status, priority, assignee, outcome
/cases/{id}/notesPOSTAdd analyst note to case timeline

Watchlists and upload

EndpointMethodDescription
/watchlistsGET, POST, DELETEBlocked/trusted account management
/upload/transactionsPOSTMultipart CSV upload, hardened and audited
/upload/auditsGETUpload audit trail for the current tenant

MLOps surface

EndpointMethodDescription
/modelsGETAll model versions for the current tenant
/models/{id}/thresholdPATCHAdmin-only threshold update
/driftGETOverall PSI, per-feature drift, score distribution
/tunerGETPrecomputed precision/recall/net-savings curves

Real-time

EndpointMethodDescription
/replay/startPOSTStart the streaming replay engine
/replay/statusGETLive replay counters (transactions_replayed, fraud_detected)

Health

EndpointMethodDescription
/healthGETLiveness check
/readyGETReadiness check (DB + model loaded)

Design notes

JWT bearer tokens, not sessions. Stateless auth means the API scales horizontally without sticky sessions. The token carries tenant_id, user_id, and role — every protected handler validates via a FastAPI dependency before running.

Multi-tenant by construction. Every query is automatically scoped by the authenticated user's tenant. There's no endpoint that can return another tenant's data — not because of handler-level checks, but because the SQLAlchemy session is pre-filtered.

OpenAPI for free. FastAPI generates the full OpenAPI spec from Pydantic schemas and type hints. The /docs endpoint renders the interactive Swagger UI, and /redoc renders a cleaner reference style. Both are live at runtime without any manual maintenance.

Cursor-based pagination on heavy endpoints. /queue, /investigate, and /cases use cursor pagination instead of offset to handle large result sets efficiently. Offset pagination is O(n) for large offsets; cursor pagination is O(1).