Knogin
[Developers]

Note Domain

During a complex fraud investigation, one analyst spots a pattern in a corporate entity's transaction dates and needs to record the observation before briefing the team. Another analyst adds a follow-up action item to th

Back to All Modules
Category: Api DomainsLast Updated: Feb 5, 2026
api-domains

Overview#

During a complex fraud investigation, one analyst spots a pattern in a corporate entity's transaction dates and needs to record the observation before briefing the team. Another analyst adds a follow-up action item to the same entity, and a third attaches a reference to an external intelligence report. The Note domain holds all of that structured commentary, searchable and audited, attached directly to the entities that prompted it.

Key Features#

  • Note creation and management with entity attachment
  • Multiple note types: analysis, observation, comment, action item, and reference
  • Author tracking and access control for note visibility
  • Full audit trail for creation, updates, deletions, and access
  • Entity association supporting notes on any profile type
  • Full-text search across notes for rapid information retrieval

Use Cases#

Relevant sectors include law enforcement, financial crime investigation, and intelligence agencies.

  • Adding analytical findings and observations to entities during investigations
  • Recording field notes and documenting evidence references for case building
  • Facilitating team collaboration through discussion comments on shared entities
  • Tracking action items and follow-up tasks linked to specific investigation elements

Integration#

The Note domain integrates with Profile for entity attachment, Investigation for case context, Timeline for activity history, Export for report inclusion, and Search for full-text note discovery.

Open Standards#

  • GraphQL (June 2018 specification): all note operations (create, read, update, delete) are exposed as typed GraphQL queries and mutations, enabling strongly-typed, schema-driven API access for clients.
  • JSON (RFC 8259): note metadata is serialised and stored as JSON, and the GraphQL API exposes a JSON scalar type for flexible structured payloads on each note record.
  • OAuth 2.0 (RFC 6749) and JSON Web Tokens (RFC 7519): every note API call requires a valid JWT Bearer token issued by the platform's authorisation server; issuer and audience claims are validated on each request.
  • RFC 4122 (UUID): all note identifiers are generated as UUID v4 values, ensuring globally unique, collision-resistant record identifiers without centralised coordination.
  • ISO 8601: note creation and update timestamps are stored and returned in UTC-anchored ISO 8601 datetime format, ensuring unambiguous temporal ordering across time zones.
  • Traffic Light Protocol (TLP): notes inherit the TLP classification of their parent investigation (WHITE, GREEN, AMBER, RED), and access is filtered at retrieval time so recipients only see notes at or below their clearance.
  • NATO Security Policy C-M(2002)49: the platform's classification hierarchy (RESTRICTED through COSMIC TOP SECRET) is enforced when serving notes attached to NATO-classified investigations, preventing disclosure to users without the requisite clearance rank.

Last Reviewed: 2026-02-05 Last Updated: 2026-04-14

Ready to Build?

Get started with our APIs or contact our integration team for support.