Skip to content

Rules

Rules APIs provided by Fraud Prevention are used to fine-tune Fraud Prevention decisions.

Download OpenAPI description
rules.openapi.json
rules.openapi.yaml
Languages
Servers
Sandbox environment
https://api.sbx.transmitsecurity.io/risk/v1/
Production environment (US)
https://api.transmitsecurity.io/risk/v1/
Production environment (EU)
https://api.eu.transmitsecurity.io/risk/v1/
Production environment (CA)
https://api.ca.transmitsecurity.io/risk/v1/
Production environment (AU)
https://api.au.transmitsecurity.io/risk/v1/

Create rule

Request

Creates a new recommendation rule. Returns the rule_id used to reference the rule in subsequent requests, along with the rule data.

Security
risk_access_token
Bodyapplication/jsonrequired
namestring

Name of the recommendation rule. Must be unique across the tenant. Autogenerated if not provided.

Example: "Block risky countries"
priorityinteger[ 1 .. 1000 ]required

Priority of the recommendation rule, which determines the order in which rules are evaluated. Rules are evaluated from smallest to biggest priority value and only the first rule to match will apply. Priority value must be unique.

Example: 10
recommendationstringrequired

Recommendation type

Enum"challenge""deny""trust""allow"
enabledboolean

Whether or not the rule will be evaluated.

Default false
modestringrequired

Allows you to simulate a rule and evaluate its impact before releasing it to production. The simulation occurs each time a recommendation is requested. If a preview rule matches the request (meaning, its priority is higher than all matching rules), the response will include this preview rule and what the recommendation would have been if all rules were in production.

Enum"preview""production"
typestringrequired

Default type, must be "risk"

Value"risk"
descriptionstring

Description for the rule

matchersArray of objectsrequired

Contains a set of activity matchers that define the rule matching logic

matchers[].​ip_cidrsobject

Matches based on IP address

matchers[].​device_idsobject

Matches based on the device ID

matchers[].​device_fingerprintsobject

Matches based on device fingerprint

matchers[].​device_public_keysobject

Matches based on device public key

matchers[].​user_idsobject

Matches based on user identifier

matchers[].​country_codesobject

Matches based on the country in which the device is located

matchers[].​browser_namesobject

Matches based on browser name

matchers[].​os_versionsobject

Matches based on the device OS version

matchers[].​action_typeobject

Matches based on the client action for which the recommendation is requested

matchers[].​client_idobject

Matches based on client ID

matchers[].​application_idobject

Matches based on app ID

matchers[].​asn_idobject

Matches based on the ASN detected using the IP address

matchers[].​organization_nameobject

Matches based on the organization name associated with the IP address

matchers[].​organization_typeobject

Matches based on the organization type associated with the IP address

matchers[].​ip_timezoneobject

Matches based on the timezone detected by Transmit using IP address

matchers[].​device_timezoneobject

Matches based on the timezone detected by Transmit using device telemetry

matchers[].​device_platformobject

Matches based on device type, as classified by Transmit (e.g., desktop, mobile, wearable)

matchers[].​user_agentobject

Matches based on user agent

matchers[].​locationobject

Matches based on the place in the application in which the action was performed (such as page URL)

curl -i -X POST \
  https://api.sbx.transmitsecurity.io/risk/v1/rules \
  -H 'Authorization: Bearer <YOUR_JWT_HERE>' \
  -H 'Content-Type: application/json' \
  -d '{
    "name": "Block risky countries",
    "priority": 10,
    "recommendation": "challenge",
    "enabled": false,
    "mode": "preview",
    "type": "risk",
    "description": "string",
    "matchers": [
      {
        "ip_cidrs": {
          "op": "ip_in",
          "value": [
            "string"
          ]
        },
        "device_ids": {
          "op": "in",
          "value": [
            "string"
          ]
        },
        "device_fingerprints": {
          "op": "in",
          "value": [
            "string"
          ]
        },
        "device_public_keys": {
          "op": "in",
          "value": [
            "string"
          ]
        },
        "user_ids": {
          "op": "in",
          "value": [
            "string"
          ]
        },
        "country_codes": {
          "op": "in",
          "value": [
            "string"
          ]
        },
        "browser_names": {
          "op": "in",
          "value": [
            "string"
          ]
        },
        "os_versions": {
          "op": "in",
          "value": [
            "string"
          ]
        },
        "action_type": {
          "op": "in",
          "value": [
            "string"
          ]
        },
        "client_id": {
          "op": "in",
          "value": [
            "string"
          ]
        },
        "application_id": {
          "op": "in",
          "value": [
            "string"
          ]
        },
        "asn_id": {
          "op": "in",
          "value": [
            "string"
          ]
        },
        "organization_name": {
          "op": "in",
          "value": [
            "string"
          ]
        },
        "organization_type": {
          "op": "in",
          "value": [
            "string"
          ]
        },
        "ip_timezone": {
          "op": "in",
          "value": [
            "string"
          ]
        },
        "device_timezone": {
          "op": "in",
          "value": [
            "string"
          ]
        },
        "device_platform": {
          "op": "in",
          "value": [
            "string"
          ]
        },
        "user_agent": {
          "op": "contains",
          "value": [
            "string"
          ]
        },
        "location": {
          "op": "contains",
          "value": [
            "string"
          ]
        }
      }
    ]
  }'

Responses

Rules created and stored successfully

Bodyapplication/json
messagestring
rule_idstring(uuid)

ID of the recommendation rule, used to reference the rule

dataobject
Response
application/json
{
  "message": "string",
  "rule_id": "728c1541-d6d1-4290-9a53-cdf01dd32d60",
  "data": {
    "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
    "name": "Block risky countries",
    "priority": 10,
    "recommendation": "challenge",
    "enabled": false,
    "mode": "preview",
    "type": "risk",
    "description": "string",
    "matchers": [ … ],
    "created_date": "2019-08-24",
    "updated_date": "2019-08-24"
  }
}

Get all rules

Request

Retrieves a list of all recommendation rules

Security
risk_access_token
curl -i -X GET \
  https://api.sbx.transmitsecurity.io/risk/v1/rules \
  -H 'Authorization: Bearer <YOUR_JWT_HERE>'

Responses

Rules retrieved successfully

Bodyapplication/json
dataArray of objects
Response
application/json
{
  "data": [
    { … }
  ]
}

Get rule by ID

Request

Retrieves a specific recommendation rule by its ID

Security
risk_access_token
Path
rule_idstringrequired

ID of the recommendation rule

curl -i -X GET \
  'https://api.sbx.transmitsecurity.io/risk/v1/rules/{rule_id}' \
  -H 'Authorization: Bearer <YOUR_JWT_HERE>'

Responses

Rule retrieved successfully

Bodyapplication/json
idstring

Rule ID

dataobject
Response
application/json
{
  "id": "string",
  "data": {
    "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
    "name": "Block risky countries",
    "priority": 10,
    "recommendation": "challenge",
    "enabled": false,
    "mode": "preview",
    "type": "risk",
    "description": "string",
    "matchers": [ … ],
    "created_date": "2019-08-24",
    "updated_date": "2019-08-24"
  }
}

Update rule by ID

Request

Updates a specific recommendation rule

Security
risk_access_token
Path
rule_idstringrequired

ID of the recommendation rule

Bodyapplication/jsonrequired
namestring

Name of the recommendation rule. Must be unique across the tenant. Autogenerated if not provided.

Example: "Block risky countries"
priorityinteger[ 1 .. 1000 ]required

Priority of the recommendation rule, which determines the order in which rules are evaluated. Rules are evaluated from smallest to biggest priority value and only the first rule to match will apply. Priority value must be unique.

Example: 10
recommendationstringrequired

Recommendation type

Enum"challenge""deny""trust""allow"
enabledboolean

Whether or not the rule will be evaluated.

Default false
modestringrequired

Allows you to simulate a rule and evaluate its impact before releasing it to production. The simulation occurs each time a recommendation is requested. If a preview rule matches the request (meaning, its priority is higher than all matching rules), the response will include this preview rule and what the recommendation would have been if all rules were in production.

Enum"preview""production"
typestringrequired

Default type, must be "risk"

Value"risk"
descriptionstring

Description for the rule

matchersArray of objectsrequired

Contains a set of activity matchers that define the rule matching logic

matchers[].​ip_cidrsobject

Matches based on IP address

matchers[].​device_idsobject

Matches based on the device ID

matchers[].​device_fingerprintsobject

Matches based on device fingerprint

matchers[].​device_public_keysobject

Matches based on device public key

matchers[].​user_idsobject

Matches based on user identifier

matchers[].​country_codesobject

Matches based on the country in which the device is located

matchers[].​browser_namesobject

Matches based on browser name

matchers[].​os_versionsobject

Matches based on the device OS version

matchers[].​action_typeobject

Matches based on the client action for which the recommendation is requested

matchers[].​client_idobject

Matches based on client ID

matchers[].​application_idobject

Matches based on app ID

matchers[].​asn_idobject

Matches based on the ASN detected using the IP address

matchers[].​organization_nameobject

Matches based on the organization name associated with the IP address

matchers[].​organization_typeobject

Matches based on the organization type associated with the IP address

matchers[].​ip_timezoneobject

Matches based on the timezone detected by Transmit using IP address

matchers[].​device_timezoneobject

Matches based on the timezone detected by Transmit using device telemetry

matchers[].​device_platformobject

Matches based on device type, as classified by Transmit (e.g., desktop, mobile, wearable)

matchers[].​user_agentobject

Matches based on user agent

matchers[].​locationobject

Matches based on the place in the application in which the action was performed (such as page URL)

curl -i -X PUT \
  'https://api.sbx.transmitsecurity.io/risk/v1/rules/{rule_id}' \
  -H 'Authorization: Bearer <YOUR_JWT_HERE>' \
  -H 'Content-Type: application/json' \
  -d '{
    "name": "Block risky countries",
    "priority": 10,
    "recommendation": "challenge",
    "enabled": false,
    "mode": "preview",
    "type": "risk",
    "description": "string",
    "matchers": [
      {
        "ip_cidrs": {
          "op": "ip_in",
          "value": [
            "string"
          ]
        },
        "device_ids": {
          "op": "in",
          "value": [
            "string"
          ]
        },
        "device_fingerprints": {
          "op": "in",
          "value": [
            "string"
          ]
        },
        "device_public_keys": {
          "op": "in",
          "value": [
            "string"
          ]
        },
        "user_ids": {
          "op": "in",
          "value": [
            "string"
          ]
        },
        "country_codes": {
          "op": "in",
          "value": [
            "string"
          ]
        },
        "browser_names": {
          "op": "in",
          "value": [
            "string"
          ]
        },
        "os_versions": {
          "op": "in",
          "value": [
            "string"
          ]
        },
        "action_type": {
          "op": "in",
          "value": [
            "string"
          ]
        },
        "client_id": {
          "op": "in",
          "value": [
            "string"
          ]
        },
        "application_id": {
          "op": "in",
          "value": [
            "string"
          ]
        },
        "asn_id": {
          "op": "in",
          "value": [
            "string"
          ]
        },
        "organization_name": {
          "op": "in",
          "value": [
            "string"
          ]
        },
        "organization_type": {
          "op": "in",
          "value": [
            "string"
          ]
        },
        "ip_timezone": {
          "op": "in",
          "value": [
            "string"
          ]
        },
        "device_timezone": {
          "op": "in",
          "value": [
            "string"
          ]
        },
        "device_platform": {
          "op": "in",
          "value": [
            "string"
          ]
        },
        "user_agent": {
          "op": "contains",
          "value": [
            "string"
          ]
        },
        "location": {
          "op": "contains",
          "value": [
            "string"
          ]
        }
      }
    ]
  }'

Responses

Rule updated successfully

Bodyapplication/json
messagestring
dataobject
Response
application/json
{
  "message": "string",
  "data": {
    "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
    "name": "Block risky countries",
    "priority": 10,
    "recommendation": "challenge",
    "enabled": false,
    "mode": "preview",
    "type": "risk",
    "description": "string",
    "matchers": [ … ],
    "created_date": "2019-08-24",
    "updated_date": "2019-08-24"
  }
}

Delete rule by ID

Request

Deletes a specific recommendation rule. Note that you can also disable rules if needed using the enabled rule attribute.

Security
risk_access_token
Path
rule_idstringrequired

ID of the recommendation rule

curl -i -X DELETE \
  'https://api.sbx.transmitsecurity.io/risk/v1/rules/{rule_id}' \
  -H 'Authorization: Bearer <YOUR_JWT_HERE>'

Responses

Rule updated successfully

Bodyapplication/json
messagestring
Response
application/json
{
  "message": "string"
}