{ "openapi": "3.0.2", "info": { "title": "Recommendations", "version": "", "description": "Recommendation APIs provided by Fraud Prevention are used to assess risk level, obtain recommendations, and provide feedback" }, "servers": [ { "url": "https://api.sbx.transmitsecurity.io/risk/v1", "description": "Sandbox environment" }, { "url": "https://api.transmitsecurity.io/risk/v1", "description": "Production environment (US)" }, { "url": "https://api.eu.transmitsecurity.io/risk/v1", "description": "Production environment (EU)" }, { "url": "https://api.ca.transmitsecurity.io/risk/v1", "description": "Production environment (CA)" }, { "url": "https://api.au.transmitsecurity.io/risk/v1", "description": "Production environment (AU)" } ], "paths": { "/recommendation": { "get": { "description": "Get a risk recommendation for a client action reported to the SDK (via `triggerActionEvent()` call)", "operationId": "getRiskRecommendation", "security": [ { "risk_access_token": [] } ], "summary": "Get recommendation", "parameters": [ { "name": "action_token", "in": "query", "required": true, "schema": { "type": "string", "default": "REPLACE_WITH_ACTION_TOKEN" }, "description": "Action token returned by the SDK when the action was reported" }, { "name": "user_id", "in": "query", "required": false, "deprecated": true, "schema": { "type": "string", "default": "REPLACE_WITH_USER_ID" }, "description": "*Deprecated – This parameter is no longer required. Identity and context should be provided during the `triggerActionEvent` or `reportActionResult` call. This API now only retrieves the calculated recommendation tied to the `action_token`." } ], "responses": { "200": { "$ref": "#/components/responses/recommendation" }, "400": { "$ref": "#/components/responses/bad_request" }, "401": { "$ref": "#/components/responses/unauthorized" }, "403": { "$ref": "#/components/responses/forbidden" }, "429": { "$ref": "#/components/responses/rate_limit_reached" }, "500": { "$ref": "#/components/responses/internal_error" } } } }, "/recommendation/rules": { "post": { "summary": "Create rule", "description": "Creates a new recommendation rule. Returns the `rule_id` used to reference the rule in subsequent requests.", "operationId": "createRule", "deprecated": true, "security": [ { "risk_access_token": [] } ], "parameters": [], "requestBody": { "required": true, "content": { "application/json": { "schema": { "$ref": "#/components/schemas/rule" } } } }, "responses": { "201": { "$ref": "#/components/responses/success_create_rule" }, "400": { "$ref": "#/components/responses/bad_request" }, "401": { "$ref": "#/components/responses/unauthorized" }, "403": { "$ref": "#/components/responses/forbidden" }, "409": { "$ref": "#/components/responses/collision" }, "429": { "$ref": "#/components/responses/rate_limit_reached" }, "500": { "$ref": "#/components/responses/internal_error" } } }, "get": { "summary": "Get all rules", "description": "Retrieves a list of all recommendation rules", "operationId": "getRules", "deprecated": true, "security": [ { "risk_access_token": [] } ], "responses": { "200": { "$ref": "#/components/responses/success_get_rules" }, "400": { "$ref": "#/components/responses/bad_request" }, "401": { "$ref": "#/components/responses/unauthorized" }, "403": { "$ref": "#/components/responses/forbidden" }, "429": { "$ref": "#/components/responses/rate_limit_reached" }, "500": { "$ref": "#/components/responses/internal_error" } } } }, "/recommendation/rules/{rule_id}": { "get": { "summary": "Get rule by ID", "description": "Retrieves a specific recommendation rule by its ID", "operationId": "getRuleById", "deprecated": true, "security": [ { "risk_access_token": [] } ], "parameters": [ { "name": "rule_id", "description": "ID of the recommendation rule", "required": true, "in": "path", "schema": { "type": "string" } } ], "responses": { "200": { "$ref": "#/components/responses/success_get_rule_by_id" }, "400": { "$ref": "#/components/responses/bad_request" }, "401": { "$ref": "#/components/responses/unauthorized" }, "403": { "$ref": "#/components/responses/forbidden" }, "404": { "$ref": "#/components/responses/not_found" }, "429": { "$ref": "#/components/responses/rate_limit_reached" }, "500": { "$ref": "#/components/responses/internal_error" } } }, "put": { "summary": "Update rule by ID", "description": "Updates a specific recommendation rule", "operationId": "updateRule", "deprecated": true, "security": [ { "risk_access_token": [] } ], "parameters": [ { "name": "rule_id", "description": "ID of the recommendation rule", "required": true, "in": "path", "schema": { "type": "string" } } ], "requestBody": { "required": true, "content": { "application/json": { "schema": { "$ref": "#/components/schemas/rule" } } } }, "responses": { "200": { "$ref": "#/components/responses/success_update_delete_rule" }, "400": { "$ref": "#/components/responses/bad_request" }, "401": { "$ref": "#/components/responses/unauthorized" }, "403": { "$ref": "#/components/responses/forbidden" }, "404": { "$ref": "#/components/responses/not_found" }, "429": { "$ref": "#/components/responses/rate_limit_reached" }, "500": { "$ref": "#/components/responses/internal_error" } } }, "delete": { "summary": "Delete rule by ID", "description": "Deletes a specific recommendation rule. Note that you can also disable rules if needed using the enabled rule attribute.", "operationId": "deleteRule", "deprecated": true, "security": [ { "risk_access_token": [] } ], "parameters": [ { "name": "rule_id", "description": "ID of the recommendation rule", "required": true, "in": "path", "schema": { "type": "string" } } ], "responses": { "200": { "$ref": "#/components/responses/success_update_delete_rule" }, "400": { "$ref": "#/components/responses/bad_request" }, "401": { "$ref": "#/components/responses/unauthorized" }, "403": { "$ref": "#/components/responses/forbidden" }, "404": { "$ref": "#/components/responses/not_found" }, "429": { "$ref": "#/components/responses/rate_limit_reached" }, "500": { "$ref": "#/components/responses/internal_error" } } } } }, "components": { "schemas": { "risk_score": { "type": "number", "description": "Used to assess the risk level of the client action", "example": 73.2, "minimum": 0, "maximum": 100 }, "recommendation": { "description": "Recommended way to handle the reported action", "type": "object", "properties": { "type": { "$ref": "#/components/schemas/recommendation_type" }, "result": { "$ref": "#/components/schemas/result_type" }, "challenge_type": { "$ref": "#/components/schemas/challenge_type" } }, "required": [ "type" ] }, "recommendation_full": { "type": "object", "description": "Recommendation", "required": [ "id", "issued_at", "recommendation", "risk_score", "context", "reasons" ], "properties": { "id": { "type": "string", "example": "385cd06b527a974982e0560b67123fe2b1b5a39fd98d8d32cdbaca8ec16fd62d", "description": "Recommendation identifier" }, "issued_at": { "type": "number", "example": 1648028118123, "description": "Unix epoch time in milliseconds this recommendation was issued at" }, "recommendation": { "$ref": "#/components/schemas/recommendation" }, "risk_score": { "$ref": "#/components/schemas/risk_score" }, "context": { "$ref": "#/components/schemas/context" }, "risk_signals": { "$ref": "#/components/schemas/risk_signals" }, "reasons": { "$ref": "#/components/schemas/reasons" }, "transaction_data": { "$ref": "#/components/schemas/transaction_data" }, "threats": { "$ref": "#/components/schemas/threats" }, "preview_rule": { "$ref": "#/components/schemas/preview_rule" } } }, "recommendation_type": { "type": "string", "description": "Recommendation type", "enum": [ "CHALLENGE", "DENY", "ALLOW", "TRUST" ] }, "result_type": { "type": "string", "description": "The outcome of the action.", "enum": [ "success", "failure", "incomplete" ] }, "challenge_type": { "type": "string", "description": "The type of challenge enforced for the reported action.", "enum": [ "email_otp", "totp", "push_otp", "voice_otp", "idv", "captcha", "invisible_captcha", "password", "passkey" ] }, "action_type": { "type": "string", "example": "login", "description": "Type of client action this recommendation was issued for" }, "context": { "type": "object", "description": "Identifies the context in which the action occurred", "properties": { "action_id": { "type": "string", "example": "885cd06b527a97498200560b67123fe221b5a39fd98d8d22cdb7ca8ec16ed62d", "description": "Identifier of the client action" }, "action_type": { "$ref": "#/components/schemas/action_type" }, "action_performed_at": { "type": "number", "example": 1648028118123, "description": "Unix epoch time in milliseconds the action event was reported" }, "device_timestamp": { "type": "number", "example": 1648028107819, "description": "Unix epoch timestamp (ms) from the device clock when the action is triggered via `triggerActionEvent()`. For backend-triggered actions, uses the server time (`Date.now()`). Used to correlate client and server events." }, "client_id": { "type": "string", "example": "d152ddd.ece93f4.c2a3d12.riskid.security", "description": "Identifies the client associated with the action" }, "application_id": { "type": "string", "example": "ece93f4", "description": "Identifies the application associated with the action" }, "tenant_id": { "type": "string", "example": "c2a3d12", "description": "Identifies your tenant within Transmit" }, "device_id": { "type": "string", "example": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIwZGE4ZmZjYy01NmE1LTRmMjgtYThkZi04NDY5MmYwYThmYTAiLCJ2ZXJzaW9uIjoxLCJpYXQiOjE2NTU3OTYzODQ1MzF9.TeGoqlCe_6eWzl9a3-vAumG4Xap8WjwsgcO2-DzGtLg", "description": "Unique device identifier. On web, stored in the cookie. On mobile, uses platform-provided identifiers such as Android ID (hex string) or iOS `identifierForVendor` (alphanumeric). Not derived from IMEI or other hardware identifiers." }, "correlation_id": { "type": "string", "example": "bcb934d8-89cb-433b-a4c7-b7d94299586b", "description": "Any ID that could help relate the action with external context or session (if set via `triggerActionEvent()` SDK calls)" }, "device_fingerprint": { "type": "string", "example": "a3c8f5ea75cb65fcdc3d0452b985f957a46e24afdc912e93dac1e115ecf408e5", "description": "Hash value on all the device data collected from the browser" }, "device_public_key": { "type": "string", "example": "625ad815e47a1a05318c98185ff8cfb35fd706d836a1ad7459842f381929a8e3", "description": "A unique and persistent identifier derived from cryptographic binding" }, "user_id": { "type": "string", "example": "5c4afa75c", "description": "Opaque identifier of the user in your system (if set via `setAuthenticatedUser()` or `init()` SDK calls)" }, "claimed_user_id": { "type": "string", "example": "5c4afa75c", "description": "User ID of the not yet authenticated user, used to enhance risk and trust assessments. Once the user is authenticated, drs.setAuthenticatedUser() should be called." }, "location": { "type": "string", "example": "https://www.amazingapp.com/shops?target=1", "description": "The place in the application in which the action was performed (such as the page URL)" }, "ip": { "type": "string", "format": "ipv4", "description": "IP address" }, "ip_country": { "type": "string", "example": "UK", "description": "Country code, specified in a two-letter format (ISO 3166-1 alpha-2)" }, "ip_region": { "type": "string", "example": "California", "description": "Location region identified by IP address" }, "ip_location_city": { "type": "string", "example": "Los Angeles", "description": "Location city identified by IP address" }, "ip_location_zip": { "type": "string", "example": 92131, "description": "Location zip code identified by IP address" }, "ip_location_longitude": { "type": "string", "example": "-117.0903", "description": "Geolocation longitude identified by IP address" }, "ip_location_latitude": { "type": "string", "example": "32.9167", "description": "Geolocation latitude identified by IP address" }, "ip_asn_name": { "type": "string", "example": "AS174 Cogent Communications", "description": "Globally unique identifier that defines a group of one or more IP prefixes" }, "ip_asn_id": { "type": "string", "example": "AS174", "description": "Globally unique identifier that defines a group of one or more IP prefixes" }, "ip_organization_name": { "type": "string", "example": "Cogent Communications", "description": "IP organization name" }, "ip_organization_type": { "type": "string", "example": "isp", "description": "Type of IP connection" }, "ip_location_timezone": { "type": "string", "example": "America/Los_Angeles", "description": "Timezone location identified by IP address" }, "device_timezone": { "type": "string", "example": "America/Los_Angeles", "description": "Timezone on device" }, "device_languages": { "description": "Languages on device", "type": "array", "items": { "type": "string" }, "example": [ "en-US", "en" ] }, "device_platform": { "type": "string", "example": "desktop", "description": "Type of device platform" }, "os_name": { "type": "string", "example": "macOS", "description": "Name of the operating system (e.g., macOS)" }, "os_version": { "type": "string", "example": "14.1.0", "description": "Operating system version" }, "browser_name": { "type": "string", "example": "Chrome", "description": "Name of the browser (e.g., Chrome)" }, "browser_version": { "type": "string", "example": "113", "description": "Browser major version" }, "user_agent": { "type": "string", "example": "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.90 Safari/537.36", "description": "User agent" } }, "required": [ "action_id", "action_type", "action_performed_at", "device_id", "device_fingerprint", "application_id" ] }, "risk_signals": { "type": "object", "description": "Additional informative signals", "properties": { "device": { "type": "object", "description": "Device relevant signals", "properties": { "ram": { "type": "number", "description": "Device memory property, a floating point number." }, "total_storage": { "type": "number", "description": "Device total storage, as received from the mobile native platform" }, "available_storage": { "type": "number", "description": "Device available storage, as received from the mobile native platform" }, "battery_level": { "type": "number", "description": "Device battery level, a floating point number" }, "device_power_state": { "type": "string", "description": "Indicates if the device is currently plugged into a power source." }, "core_number": { "type": "number", "description": "Device core number" }, "graphic_card": { "type": "string", "description": "Device graphic card, as received from the web platform" }, "model": { "type": "string", "description": "Device model" }, "screen_width": { "type": "number", "description": "Device screen width in pixels" }, "screen_height": { "type": "number", "description": "Device screen height in pixels" }, "incognito": { "type": "boolean", "description": "Was the event performed using incognito browsing" }, "tampered": { "type": "boolean", "description": "Is the device tampered (root/jailbreak)" }, "emulated": { "type": "boolean", "description": "Is the device emulated" }, "spoofed": { "type": "boolean", "description": "Is the device spoofed" }, "tz_mismatch": { "type": "boolean", "description": "Was the event performed on a device with a timezone mismatching expected" }, "esim_usage": { "type": "boolean", "description": "Was the event performed using eSIM" }, "accept_languages": { "type": "string", "description": "Value of header 'accept-language' as it was at the action request" }, "mobile_network_code": { "type": "string", "description": "A string representation of the Device Carrier Mcc & Device Carrier Mnc" }, "screen_avail_width": { "type": "number", "description": "Number represents the available width size of the screen" }, "screen_avail_height": { "type": "number", "description": "Number represents the available height size of the screen" }, "screen_pixel_depth": { "type": "number", "description": "The pixel depth of the device screen" }, "screen_color_depth": { "type": "number", "description": "The color depth of the device screen" }, "font_count": { "type": "number", "description": "Number of font used in the website where the action occured" }, "cpu_arch": { "type": "string", "description": "A string represents the device cpu architecture" }, "device_navigator_useragent": { "type": "string", "description": "The user agent string from the device's browser navigator, providing details about the browser, operating system, and device." }, "true_useragent": { "type": "string", "description": "The user agent string constructed by Mosaic, providing details about the browser, operating system, and device." }, "device_timezone_offset": { "type": "number", "description": "The time zone offset of the device used." }, "summer_timezone_offset": { "type": "number", "description": "The device’s timezone offset in minutes from UTC during daylight saving time." }, "winter_timezone_offset": { "type": "number", "description": "The device’s timezone offset in minutes from UTC during standard (non-daylight saving) time." }, "device_name": { "type": "string", "description": "The device’s name as recorded on iOS, reflecting the user-set name." } } }, "network": { "type": "object", "description": "Network relevant signals", "properties": { "vpn": { "type": "boolean", "description": "Was the event performed using VPN connection" }, "tor": { "type": "boolean", "description": "Was the event performed using Tor connection" }, "hosting": { "type": "boolean", "description": "Was the event performed using hosting connection" }, "proxy": { "type": "boolean", "description": "Was the event performed using proxy connection" }, "anonymizer": { "type": "boolean", "description": "Was the event performed using anonymized connection" }, "x_forwarded_for": { "description": "The X-Forwarded-For header value, indicating the originating IP address of the client connecting to the web server through an HTTP proxy or load balancer.", "type": "array", "items": { "type": "string" } } } }, "behavior": { "type": "object", "description": "User behavior relevant signals", "properties": { "typing_velocity": { "type": "number", "example": 0.867, "description": "Percentile of user typing speed" }, "movement_velocity": { "type": "number", "example": 10, "description": "Number of input event per second" }, "input_method": { "description": "A list of used input methods", "type": "array", "items": { "type": "string", "description": "Possible input methods" }, "example": [ "is_typing", "is_paste" ] }, "no_user_interaction": { "type": "boolean", "description": "Was there any user interaction before clicks" }, "straight_line_ratio": { "type": "number", "description": "The ratio of straight-line movements out of all movements in the context of the user action. High ratios could suggest automated or scripted behavior." }, "right_angels_ratio": { "type": "number", "description": "The ratio of right-angle movements out of all movements in the context of the user action. Unusually high ratios may indicate non-human interactions." }, "minor_angels_ratio": { "type": "number", "description": "The ratio of minor-angle movements out of all movements in the context of the user action. High ratios might suggest careful, precise movements often seen in automated processes." }, "movement_latency": { "type": "number", "description": "Measures the median delay of mouse or touchscreen movements, calculated as the time between each captured location change in milliseconds within the context of the user action" }, "corner_click": { "type": "boolean", "description": "Indicates whether there were multiple clicks on the corner of a button in the context of the user action. Corner clicks could indicate repetitive, automated clicking patterns." } } }, "history": { "type": "object", "description": "User history relevant signals", "properties": { "ip_action_rate_60_sec": { "type": "integer", "example": 1, "description": "Number of actions originating from the same client IP address within 60 seconds prior to the current action" }, "user_action_rate_60_sec": { "type": "integer", "example": 2, "description": "Number of actions with the same userId that occurred within 60 seconds prior to the current action" }, "device_action_rate_60_sec": { "type": "integer", "example": 1, "description": "Number of actions originating from the same deviceId within 60 seconds prior to the current action" }, "ip_user_count_last_hour": { "type": "integer", "example": 1, "description": "Number of userId's associated with the IP address within an hour prior to the current event" }, "linking_user_to_device_count": { "type": "integer", "example": 1, "description": "Number of userId's associated with the current deviceId" }, "linking_device_to_users_count": { "type": "integer", "example": 1, "description": "Number of deviceId's associated with the current userId" }, "ip_device_count_last_hour": { "type": "integer", "example": 1, "description": "Number of deviceId's associated with the IP address within an hour prior to the current event" } } } } }, "reasons": { "type": "array", "description": "Explains the reasons for the recommendation", "items": { "type": "string", "description": "Risk signal identifiers" }, "example": [ "BEHAVIOR_BOT", "IP_RISKY_REPUTATION", "DEVICE_SUSPICIOUS_ATTRIBUTE", "PROFILE_DEVICE_NEW" ] }, "transaction_data": { "type": "object", "description": "Transaction data-points given in the relevant action, from the SDK\n", "properties": { "amount": { "type": "integer", "description": "The amount of the transaction", "example": 120 }, "currency": { "type": "string", "description": "The currency used for the transaction", "example": "USD" }, "reason": { "type": "string", "description": "The reason for the transaction" }, "transactionDate": { "type": "integer", "description": "The transaction timestamp date" }, "payer": { "type": "object", "description": "The provided data points for the transaction payer", "properties": { "name": { "type": "string", "description": "Payer name" }, "bankIdentifier": { "type": "string", "description": "Payer bank identifier" }, "branchIdentifier": { "type": "string", "description": "Payer branch identifier" }, "accountNumber": { "type": "string", "description": "Payer account number" } } }, "payee": { "type": "object", "description": "The provided data points for the transaction payee", "properties": { "name": { "type": "string", "description": "Payee name" }, "bankIdentifier": { "type": "string", "description": "Payee bank identifier" }, "branchIdentifier": { "type": "string", "description": "Payee branch identifier" }, "accountNumber": { "type": "string", "description": "Payee account number" } } } } }, "preview_rule": { "type": "object", "description": "Rule configured in preview mode that would have determined the result of this recommendation if all enabled rules were in production. This is returned to allow you to evaluate the impact of preview rules, and did not impact the actual outcome.\n", "properties": { "rule_name": { "type": "string", "description": "The name of the preview rule" }, "recommendation": { "type": "string", "description": "The recommendation of the preview rule" } } }, "rule": { "type": "object", "description": "Recommendation rule", "required": [ "priority", "matcher", "recommendation", "enabled", "mode" ], "properties": { "name": { "type": "string", "example": "Block risky countries", "description": "Name of the recommendation rule. Must be unique across the tenant. Auto generated if not provided.\n" }, "priority": { "type": "integer", "example": 10, "minimum": 1, "maximum": 1000, "description": "Priority of the recommendation rule, which determines the order in which rules are evaluated. Rules are evaluated from smallest to biggest priority value and only the first rule to match will apply. Priority value must be unique.\n" }, "matcher": { "$ref": "#/components/schemas/matcher" }, "recommendation": { "$ref": "#/components/schemas/rule_recommendation_type" }, "enabled": { "type": "boolean", "description": "Whether or not the rule will be evaluated" }, "mode": { "$ref": "#/components/schemas/rule_mode" } } }, "matcher": { "description": "Activity field matcher. Only one matcher can be defined per rule.", "oneOf": [ { "$ref": "#/components/schemas/ip_cidrs" }, { "$ref": "#/components/schemas/device_ids" }, { "$ref": "#/components/schemas/device_fingerprints" }, { "$ref": "#/components/schemas/device_public_keys" }, { "$ref": "#/components/schemas/user_ids" }, { "$ref": "#/components/schemas/country_codes" }, { "$ref": "#/components/schemas/browser_names" }, { "$ref": "#/components/schemas/os_versions" } ] }, "ip_cidrs": { "type": "object", "properties": { "ip_cidrs": { "type": "array", "description": "List of IP ranges in CIDR notation", "items": { "type": "string" } } } }, "device_ids": { "type": "object", "properties": { "device_ids": { "type": "array", "description": "List of device identifiers generated by Transmit Security and stored by the SDK", "items": { "type": "string" } } } }, "device_fingerprints": { "type": "object", "properties": { "device_fingerprints": { "type": "array", "description": "List of device fingerprints calculated based on multiple device persistent identifiers", "items": { "type": "string" } } } }, "device_public_keys": { "type": "object", "properties": { "device_public_keys": { "type": "array", "description": "List of unique and persistent device key IDs derived from cryptographic binding", "items": { "type": "string" } } } }, "user_ids": { "type": "object", "properties": { "user_ids": { "type": "array", "description": "List of opaque identifiers of users in your system", "items": { "type": "string" } } } }, "country_codes": { "type": "object", "properties": { "country_codes": { "type": "array", "description": "List of country codes per ISO 3166-1 alpha-2 standard", "items": { "type": "string" } } } }, "browser_names": { "type": "object", "properties": { "browser_names": { "type": "array", "description": "List of browser names as presented by Transmit Security systems. e.g. `yandex`, `electron`\n", "items": { "type": "string" } } } }, "os_versions": { "type": "object", "properties": { "os_versions": { "type": "array", "description": "List of OS versions as presented by Transmit Security systems. e.g. `14.4.2`, `x86_64`\n", "items": { "type": "string" } } } }, "rule_recommendation_type": { "type": "string", "description": "Recommendation type", "enum": [ "CHALLENGE", "DENY", "TRUST" ] }, "rule_mode": { "type": "string", "description": "Allows you to simulate a rule and evaluate its impact before releasing it to production. The simulation occurs each time a recommendation is requested. If a preview rule matches the request (meaning, its priority is higher than all matching rules), the response will include this preview rule and what the recommendation would have been if all rules were in production.\n", "enum": [ "PREVIEW", "PRODUCTION" ] }, "create_rule_response": { "type": "object", "properties": { "message": { "type": "string" }, "rule_id": { "type": "string", "description": "ID of the recommendation rule, used to reference the rule" } } }, "threats": { "type": "array", "description": "List of all detected threats", "items": { "type": "string" }, "example": [ "ACCOUNT_TAKEOVER", "NEW_FRAUD_ACCOUNT" ] }, "get_all_response": { "type": "object", "properties": { "data": { "type": "array", "items": { "type": "object", "description": "Recommendation rule", "properties": { "id": { "type": "string", "description": "Rule ID" }, "name": { "$ref": "#/components/schemas/rule/properties/name" }, "priority": { "$ref": "#/components/schemas/rule/properties/priority" }, "matcher": { "$ref": "#/components/schemas/matcher" }, "recommendation": { "$ref": "#/components/schemas/rule_recommendation_type" }, "enabled": { "$ref": "#/components/schemas/rule/properties/enabled" }, "mode": { "$ref": "#/components/schemas/rule_mode" } } } } } }, "get_rule_response": { "type": "object", "properties": { "id": { "type": "string", "description": "Rule ID" }, "data": { "$ref": "#/components/schemas/rule" } } }, "update_delete_rule_response": { "type": "object", "properties": { "message": { "type": "string" } } } }, "responses": { "recommendation": { "description": "Recommendation", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/recommendation_full" } } } }, "success_get_rules": { "description": "Rules retrieved successfully", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/get_all_response" } } } }, "success_get_rule_by_id": { "description": "Rule retrieved successfully", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/get_rule_response" } } } }, "success_update_delete_rule": { "description": "Rule updated successfully", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/update_delete_rule_response" } } } }, "unauthorized": { "description": "Invalid authentication" }, "forbidden": { "description": "Invalid authorization" }, "rate_limit_reached": { "description": "Rate limit reached" }, "internal_error": { "description": "Internal error" }, "collision": { "description": "Unique field collision" }, "bad_request": { "description": "Bad request" }, "not_found": { "description": "Not found" }, "success_create_rule": { "description": "Rule created successfully", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/create_rule_response" } } } } }, "securitySchemes": { "risk_access_token": { "type": "http", "scheme": "bearer", "description": "An access token generated by the [token endpoint](/openapi/token.openapi/other/getaccesstoken)", "bearerFormat": "JWT" } } } }