Knogin
[Developers]

Source Domain

A piece of intelligence arrives in a case: a financial transaction record pulled from an automated banking feed. Six months later, a defence barrister asks where that record came from and whether the feed has a known rel

Back to All Modules
Category: Api DomainsLast Updated: Feb 5, 2026
api-domainscompliance

Overview#

A piece of intelligence arrives in a case: a financial transaction record pulled from an automated banking feed. Six months later, a defence barrister asks where that record came from and whether the feed has a known reliability score. The investigating analyst opens the source record linked to the transaction, sees the registered data source for the banking integration, its description, and its provenance metadata. The Source domain is what makes that answer possible: a catalogue of every data source connected to the platform, giving every piece of evidence and intelligence a traceable origin.

Key Features#

  • Source Registration: Register and catalogue data sources with descriptive names and details, providing a clear record of where information originates for provenance tracking.

  • Source Directory: Maintain a browsable directory of all data sources connected to the platform, making it easy for analysts to understand available data streams.

  • Source Lookup: Retrieve detailed information about any registered source to understand its nature, reliability, and the type of data it provides.

  • Provenance Tracking: Link evidence, intelligence, and investigation data back to their originating source to support chain of custody and source reliability assessments.

  • Programmable API Access: Create, retrieve, and list data sources through a structured API for integration with automated data ingestion workflows.

Use Cases#

Source provenance tracking matters wherever evidence admissibility, audit requirements, or data quality assessments depend on knowing exactly where information came from. Relevant industries include law enforcement, financial intelligence, and regulatory compliance.

  • Evidence Provenance: Track the origin of every piece of evidence and intelligence to support legal admissibility and reliability assessments.

  • Source Management: Maintain an organised catalogue of all data feeds, integrations, and manual entry points that contribute information to the platform.

  • Data Quality Assessment: Associate source metadata with incoming data to enable reliability scoring and quality assessments based on source characteristics.

  • Integration Documentation: Document which external systems and services are connected to the platform and what data they provide.

Integration#

The Source domain supports data provenance across the platform:

  • Evidence Management: Evidence items link to their originating source
  • Investigation Management: Intelligence sources are tracked within investigations
  • Analytics: Source data supports data quality and reliability analysis
  • Integration Management: External system connections are documented as sources

Open Standards#

  • GraphQL (June 2018 specification): All source catalogue queries and mutations are exposed through a GraphQL API, enabling structured discovery, creation, and retrieval of source records by client applications.
  • W3C PROV-DM / PROV-O (W3C Recommendation, April 2013): Source records feed the platform-wide provenance graph, where PROV-DM entity, activity, and agent relationships are used to trace every piece of evidence or intelligence back to its registered origin; the provenance chain is serialisable as PROV-O JSON-LD.
  • W3C Verifiable Credentials Data Model v2.0: Evidence items linked to registered sources can be issued signed Verifiable Credentials that attest provenance, supporting legal admissibility and chain-of-custody requirements.
  • RFC 4122 (UUID): Every source record is identified by a version-4 UUID, ensuring globally unique, collision-resistant identifiers across distributed tenants without a central registry.
  • ISO 8601 / RFC 3339 (date and time): Source creation and update timestamps are stored and exchanged in UTC-normalised ISO 8601 format, providing unambiguous temporal provenance metadata.
  • JSON Web Token, RFC 7519 (JWT): API access to source catalogue operations is protected by RS256-signed JWTs verified against a JWKS endpoint, so only authenticated, authorised users can register or retrieve sources.
  • OAuth 2.0, RFC 6749: The bearer-token authentication framework underlying JWT issuance governs which principals may perform read or write operations on the source catalogue.

Last Reviewed: 2026-02-05 Last Updated: 2026-04-14

Ready to Build?

Get started with our APIs or contact our integration team for support.