> ## Documentation Index
> Fetch the complete documentation index at: https://stytch.com/docs/llms.txt
> Use this file to discover all available pages before exploring further.

# Fingerprint Lookup

> Lookup the associated fingerprint for the `telemetry_id` returned from the `GetTelemetryID()` function.
Learn more about the different fingerprint types and verdicts in our [DFP guide](https://stytch.com/docs/fraud/guides/device-fingerprinting/overview).

You can make a decision based on the recommended `verdict` in the response:
* `ALLOW` - This is a known valid device grouping or device profile that is part of the default `ALLOW` listed set of known devices by Stytch. This grouping is made up of  verified device profiles that match the characteristics of known/authentic traffic origins.
* `BLOCK` - This is a known bad or malicious device profile that is undesirable and should be blocked from completing the privileged action in question.
* `CHALLENGE` - This is an unknown or potentially malicious device that should be put through increased friction such as 2FA or other forms of extended user verification before allowing the privileged action to proceed.

If the `telemetry_id` is expired or not found, this endpoint returns a 404 `telemetry_id_not_found` [error](https://stytch.com/docs/fraud/api/errors/404#telemetry_id_not_found).
We recommend treating 404 errors as a `BLOCK`, since it could be a sign of an attacker trying to bypass DFP protections.
See [Attacker-controlled telemetry IDs](https://stytch.com/docs/fraud/guides/device-fingerprinting/integration-steps/test-your-integration#attacker-controlled-telemetry-ids) for more information.



## OpenAPI

````yaml POST /v1/fingerprint/lookup
openapi: 3.0.3
info:
  title: Stytch API
  description: The Stytch API provides endpoints for authentication and user management.
  version: 2.1.1
  contact:
    name: Stytch Support
    url: https://stytch.com/docs
    email: support@stytch.com
servers:
  - url: https://api.stytch.com
    description: Production server
  - url: https://test.stytch.com
    description: Test server
security:
  - basicAuth: []
paths:
  /v1/fingerprint/lookup:
    servers:
      - url: https://telemetry.stytch.com
    post:
      tags:
        - Fraud
      summary: Lookup
      description: >-
        Lookup the associated fingerprint for the `telemetry_id` returned from
        the `GetTelemetryID()` function.

        Learn more about the different fingerprint types and verdicts in our
        [DFP
        guide](https://stytch.com/docs/fraud/guides/device-fingerprinting/overview).


        You can make a decision based on the recommended `verdict` in the
        response:

        * `ALLOW` - This is a known valid device grouping or device profile that
        is part of the default `ALLOW` listed set of known devices by Stytch.
        This grouping is made up of  verified device profiles that match the
        characteristics of known/authentic traffic origins.

        * `BLOCK` - This is a known bad or malicious device profile that is
        undesirable and should be blocked from completing the privileged action
        in question.

        * `CHALLENGE` - This is an unknown or potentially malicious device that
        should be put through increased friction such as 2FA or other forms of
        extended user verification before allowing the privileged action to
        proceed.


        If the `telemetry_id` is expired or not found, this endpoint returns a
        404 `telemetry_id_not_found`
        [error](https://stytch.com/docs/fraud/api/errors/404#telemetry_id_not_found).

        We recommend treating 404 errors as a `BLOCK`, since it could be a sign
        of an attacker trying to bypass DFP protections.

        See [Attacker-controlled telemetry
        IDs](https://stytch.com/docs/fraud/guides/device-fingerprinting/integration-steps/test-your-integration#attacker-controlled-telemetry-ids)
        for more information.
      operationId: api_fraud_v1_fraud_fingerprint_Lookup
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: >-
                #/components/schemas/api_fraud_v1_fraud_fingerprint_LookupRequest
      responses:
        '200':
          description: Successful response
          content:
            application/json:
              schema:
                $ref: >-
                  #/components/schemas/api_fraud_v1_fraud_fingerprint_LookupResponse
        '400':
          description: Bad request
        '401':
          description: Unauthorized
          content:
            application/json:
              example:
                status_code: 401
                request_id: request-id-test-b05c992f-ebdc-489d-a754-c7e70ba13141
                error_type: unauthorized_credentials
                error_message: Unauthorized credentials.
                error_url: https://stytch.com/docs/api/errors/401
        '429':
          description: Too Many Requests
          content:
            application/json:
              example:
                status_code: 429
                request_id: request-id-test-b05c992f-ebdc-489d-a754-c7e70ba13141
                error_type: too_many_requests
                error_message: Too many requests have been made.
                error_url: https://stytch.com/docs/api/errors/429
        '500':
          description: Internal server error
          content:
            application/json:
              example:
                status_code: 500
                request_id: request-id-test-b05c992f-ebdc-489d-a754-c7e70ba13141
                error_type: internal_server_error
                error_message: >-
                  Oops, something seems to have gone wrong, please reach out to
                  support@stytch.com to let us know what went wrong.
                error_url: https://stytch.com/docs/api/errors/500
      x-code-samples:
        - lang: csharp
          label: C#
          source: |-
            // POST /v1/fingerprint/lookup
            const stytch = require('stytch');

            const client = new stytch.B2BClient({
              project_id: '${projectId}',
              secret: '${secret}',
            });

            const params = {
              telemetry_id: "026ac93b-8cdf-4fcb-bfa6-36a31cfecac1",
            };

            client.Fraud.Fingerprint.Lookup(params)
              .then(resp => { console.log(resp) })
              .catch(err => { console.log(err) });
        - lang: go
          label: Go
          source: "// POST /v1/fingerprint/lookup\npackage main\n\nimport (\n\t\"context\"\n\t\"log\"\n\n\t\"github.com/stytchauth/stytch-go/v18/stytch/consumer/fraud/fingerprint\"\n\t\"github.com/stytchauth/stytch-go/v18/stytch/consumer/stytchapi\"\n)\n\nfunc main() {\n\tclient, err := stytchapi.NewClient(\n\t\t\"${projectId}\",\n\t\t\"${secret}\",\n\t)\n\tif err != nil {\n\t\tlog.Fatalf(\"error instantiating client: %v\", err)\n\t}\n\n\tparams := &fingerprint.LookupParams{\n\t\tTelemetryID: \"026ac93b-8cdf-4fcb-bfa6-36a31cfecac1\",\n\t}\n\n\tresp, err := client.Fraud.Fingerprint.Lookup(context.Background(), params)\n\tif err != nil {\n\t\tlog.Fatalf(\"error in method call: %v\", err)\n\t}\n\n\tlog.Println(resp)\n}\n"
        - lang: java
          label: Java
          source: >-
            // POST /v1/fingerprint/lookup

            package com.example;


            import com.stytch.java.common.StytchResult;

            import
            com.stytch.java.consumer.models.fraudfingerprint.LookupRequest;

            import com.stytch.java.consumer.StytchClient;


            public class Main {
                public static void main(String[] args) {
                    StytchClient.configure("${projectId}", "${secret}");

                    LookupRequest params = new LookupRequest();
                    params.setTelemetryId("026ac93b-8cdf-4fcb-bfa6-36a31cfecac1");

                    Object result = StytchClient.getFraud().getFingerprint().lookup(params);
                    if (result instanceof StytchResult.Success) {
                      System.out.println(((StytchResult.Success) result).getValue());
                    } else {
                      System.out.println(((StytchResult.Error) result).getException());
                    }
                }
            }
        - lang: kotlin
          label: Kotlin
          source: >
            // POST /v1/fingerprint/lookup

            package com.example


            import com.stytch.java.consumer.StytchClient

            import
            com.stytch.java.consumer.models.fraudfingerprint.LookupRequest


            fun main() {
                StytchClient.configure(
                    projectId = "${projectId}",
                    secret = "${secret}",
                )

                when (
                    val result =
                        StytchClient.fraud.fingerprint.lookup(
                            LookupRequest(
                                telemetryId = "026ac93b-8cdf-4fcb-bfa6-36a31cfecac1",
                            ),
                        )
                ) {
                    is StytchResult.Success -> println(result.value)
                    is StytchResult.Error -> println(result.exception)
                }
            }
        - lang: javascript
          label: Node.js
          source: |-
            // POST /v1/fingerprint/lookup
            const stytch = require('stytch');

            const client = new stytch.Client({
              project_id: '${projectId}',
              secret: '${secret}',
            });

            const params = {
              telemetry_id: "026ac93b-8cdf-4fcb-bfa6-36a31cfecac1",
            };

            client.fraud.fingerprint.lookup(params)
              .then(resp => { console.log(resp) })
              .catch(err => { console.log(err) });
        - lang: php
          label: PHP
          source: |-
            $response = $client->fraud->fingerprint->lookup([
                'telemetry_id' => '026ac93b-8cdf-4fcb-bfa6-36a31cfecac1',
            ]);
        - lang: python
          label: Python
          source: |
            # POST /v1/fingerprint/lookup
            from stytch import Client

            client = Client(
                project_id="${projectId}",
                secret="${secret}",
            )

            resp = client.fraud.fingerprint.lookup(
                telemetry_id="026ac93b-8cdf-4fcb-bfa6-36a31cfecac1",
            )

            print(resp)
        - lang: ruby
          label: Ruby
          source: |-
            # frozen_string_literal: true

            # POST /v1/fingerprint/lookup
            require 'stytch'

            client = Stytch::Client.new(
              project_id: "${projectId}",
              secret: "${secret}"
            )

            resp = client.fraud.fingerprint.lookup(
              telemetry_id: "026ac93b-8cdf-4fcb-bfa6-36a31cfecac1"
              
            )

            puts resp
        - lang: rust
          label: Rust
          source: |-
            // POST /v1/fingerprint/lookup
            use stytch::consumer::client::Client;
            use stytch::consumer::fraud_fingerprint::LookupRequest;

            fn main() {
                let client = Client::new("${projectId}", "${secret}").unwrap();
                let resp = client.fraud.fingerprint.lookup(
                    LookupRequest{
                        telemetry_id: "026ac93b-8cdf-4fcb-bfa6-36a31cfecac1",
                        ..Default::default()
                    }
                ).await;
                println!("The response is {:?}", resp);
            }
        - lang: bash
          label: cURL
          source: |-
            # POST /v1/fingerprint/lookup
            curl --request POST \
              --url https://telemetry.stytch.com/v1/fingerprint/lookup \
              -u '${projectId}:${secret}' \
              -H 'Content-Type: application/json' \
              -d '{
                "telemetry_id": "026ac93b-8cdf-4fcb-bfa6-36a31cfecac1"
              }'
components:
  schemas:
    api_fraud_v1_fraud_fingerprint_LookupRequest:
      type: object
      properties:
        telemetry_id:
          type: string
          description: The telemetry ID associated with the fingerprint getting looked up.
        external_metadata:
          $ref: '#/components/schemas/api_fraud_v1_Metadata'
          description: >-
            External identifiers that you wish to associate with the given
            telemetry ID. You will be able to search for fingerprint results by
            these identifiers in the DFP analytics dashboard. External metadata
            fields may not exceed 65 characters. They may only contain
            alphanumerics and the characters `_` `-` `+` `.` or `@`.
      description: Request type
      required:
        - telemetry_id
    api_fraud_v1_fraud_fingerprint_LookupResponse:
      type: object
      properties:
        request_id:
          type: string
          description: >-
            Globally unique UUID that is returned with every API call. This
            value is important to log for debugging purposes; we may ask for
            this value to help identify a specific API call when helping you
            debug an issue.
        telemetry_id:
          type: string
          description: The telemetry ID associated with the fingerprint getting looked up.
        fingerprints:
          $ref: '#/components/schemas/api_fraud_v1_Fingerprints'
          description: 'A Stytch fingerprint consists of the following identifiers:'
        verdict:
          $ref: '#/components/schemas/api_fraud_v1_Verdict'
          description: The metadata associated with each fingerprint
        external_metadata:
          $ref: '#/components/schemas/api_fraud_v1_Metadata'
          description: >-
            External identifiers that you wish to associate with the given
            telemetry ID. You will be able to search for fingerprint results by
            these identifiers in the DFP analytics dashboard. External metadata
            fields may not exceed 65 characters. They may only contain
            alphanumerics and the characters `_` `-` `+` `.` or `@`.
        created_at:
          type: string
          description: >-
            The time when the fingerprint was taken. Values conform to the RFC
            3339 standard and are expressed in UTC, e.g. `2021-12-29T12:33:09Z`.
        expires_at:
          type: string
          description: >-
            The timestamp when the fingerprint expires. Values conform to the
            RFC 3339 standard and are expressed in UTC, e.g.
            `2021-12-29T12:33:09Z`.
        status_code:
          type: integer
          format: int32
          description: >-
            The HTTP status code of the response. Stytch follows standard HTTP
            response status code patterns, e.g. 2XX values equate to success,
            3XX values are redirects, 4XX are client errors, and 5XX are server
            errors.
        properties:
          $ref: '#/components/schemas/api_fraud_v1_Properties'
          description: Additional information about the user's browser and network.
        raw_signals:
          type: object
          additionalProperties: true
          description: >-
            The raw device attributes, such as screen size, that were collected
            by the Device Fingerprinting product to generate the fingerprints
            and verdict. You must be specifically enabled for the raw signals
            feature to see this field. You can find documentation for the
            specific fields in the
            [guides](https://stytch.com/docs/fraud/guides/device-fingerprinting/reference/raw-signals).
      required:
        - request_id
        - telemetry_id
        - fingerprints
        - verdict
        - external_metadata
        - created_at
        - expires_at
        - status_code
    api_fraud_v1_Metadata:
      type: object
      properties:
        external_id:
          type: string
          description: >-
            An external ID, such as a user ID, that you wish to associate with
            the telemetry ID.
        organization_id:
          type: string
          description: The organization ID you wish to associate with the telemetry ID.
        user_action:
          type: string
          description: >-
            The user action, such as 'login', that you wish to associate with
            the telemetry ID.
    api_fraud_v1_Fingerprints:
      type: object
      properties:
        network_fingerprint:
          type: string
          description: >-
            Combination of signals associated with a specific network commonly
            known as TLS fingerprinting. 
        hardware_fingerprint:
          type: string
          description: >-
            Combinations of signals to identify an operating system and
            architecture.
        browser_fingerprint:
          type: string
          description: >-
            Combination of signals to identify a browser and its specific
            version.
        visitor_fingerprint:
          type: string
          description: Cookie-less way of identifying a unique user.
        visitor_id:
          type: string
          description: >-
            The cookie stored on the user's device that uniquely identifies
            them.
        browser_id:
          type: string
          description: >-
            Combination of VisitorID and NetworkFingerprint to create a clear
            identifier of a browser.
      required:
        - network_fingerprint
        - hardware_fingerprint
        - browser_fingerprint
        - visitor_fingerprint
    api_fraud_v1_Verdict:
      type: object
      properties:
        action:
          $ref: '#/components/schemas/api_fraud_v1_fraud_VerdictAction'
          description: >-
            The suggested action based on the fingerprint review. The available
            actions are:
              * `ALLOW` - This is a known valid device grouping or device profile that is part of the default ALLOW listed set of known devices by Stytch. This grouping is made up of verified device profiles that match the characteristics of known/authentic traffic origins
              * `BLOCK` - This is a known bad or malicious device profile that is undesirable and should be blocked from completing the privileged action in question
              * `CHALLENGE` - This is an unknown or potentially malicious device that should be put through increased friction such as 2FA or other forms of extended user verification before allowing the privileged action to proceed
              
        reasons:
          type: array
          items:
            type: string
          description: >-
            A set of contextual clues to inform why a `CHALLENGE` or `BLOCK`
            action was suggested. For a list of possible Reasons, see [Warning
            Flags (Verdict
            Reasons)](https://stytch.com/docs/docs/fraud/guides/device-fingerprinting/reference/warning-flags-verdict-reasons).
        detected_device_type:
          type: string
          description: The operating system and architecture that took the fingerprint.
        is_authentic_device:
          type: boolean
          description: >-
            The assessment of whether this is an authentic device. It will be
            false if hardware or browser deception is detected.
        verdict_reason_overrides:
          type: array
          items:
            $ref: '#/components/schemas/api_fraud_v1_VerdictReasonOverride'
          description: A list of verdict reason overrides that were applied, if any.
        rule_match_type:
          $ref: '#/components/schemas/api_fraud_v1_RuleType'
          description: >-
            The type of rule match that was applied (e.g. `VISITOR_ID`), if any.
            This field will only be present if there is a `RULE_MATCH` reason in
            the list of verdict reasons.
        rule_match_identifier:
          type: string
          description: >-
            The rule that was applied (e.g. a specific visitor ID value), if
            any. This field will only be present if there is a `RULE_MATCH`
            reason in the list of verdict reasons.
      required:
        - action
        - reasons
        - detected_device_type
        - is_authentic_device
        - verdict_reason_overrides
    api_fraud_v1_Properties:
      type: object
      properties:
        network_properties:
          $ref: '#/components/schemas/api_fraud_v1_NetworkProperties'
        browser_properties:
          $ref: '#/components/schemas/api_fraud_v1_BrowserProperties'
      required:
        - network_properties
        - browser_properties
    api_fraud_v1_fraud_VerdictAction:
      type: string
      enum:
        - ALLOW
        - CHALLENGE
        - BLOCK
    api_fraud_v1_VerdictReasonOverride:
      type: object
      properties:
        verdict_reason:
          type: string
          description: The verdict reason that was overridden.
        override_action:
          $ref: '#/components/schemas/api_fraud_v1_fraud_VerdictReasonOverrideAction'
          description: The action that was applied for the given verdict reason.
      required:
        - verdict_reason
        - override_action
    api_fraud_v1_RuleType:
      type: string
      enum:
        - VISITOR_ID
        - BROWSER_ID
        - VISITOR_FINGERPRINT
        - BROWSER_FINGERPRINT
        - HARDWARE_FINGERPRINT
        - NETWORK_FINGERPRINT
        - CIDR_BLOCK
        - ASN
        - COUNTRY_CODE
    api_fraud_v1_NetworkProperties:
      type: object
      properties:
        ip_address:
          type: string
          description: The IP address of the client.
        asn:
          $ref: '#/components/schemas/api_fraud_v1_ASNProperties'
          description: Information about the network's ASN (Autonomous System Number).
        ip_geolocation:
          $ref: '#/components/schemas/api_fraud_v1_IPGeoProperties'
          description: Information about the geolocation of the user's IP address.
        is_proxy:
          type: boolean
          description: Whether the user is using a proxy.
        is_vpn:
          type: boolean
          description: Whether the user is using a VPN.
      required:
        - ip_address
        - asn
        - ip_geolocation
        - is_proxy
        - is_vpn
    api_fraud_v1_BrowserProperties:
      type: object
      properties:
        user_agent:
          type: string
          description: The user agent of the user's browser.
      required:
        - user_agent
    api_fraud_v1_fraud_VerdictReasonOverrideAction:
      type: string
      enum:
        - ALLOW
        - CHALLENGE
        - BLOCK
    api_fraud_v1_ASNProperties:
      type: object
      properties:
        asn:
          type: string
          description: The Autonomous System Number of the user's network.
        name:
          type: string
          description: Public name associated with the ASN.
        network:
          type: string
          description: The CIDR block associated with the ASN.
      required:
        - asn
        - name
        - network
    api_fraud_v1_IPGeoProperties:
      type: object
      properties:
        city:
          type: string
          description: The city where the IP is located.
        region:
          type: string
          description: The region where the IP is located.
        country:
          type: string
          description: The country where the IP is located.
      required:
        - city
        - region
        - country
  securitySchemes:
    basicAuth:
      type: http
      scheme: basic

````