Fraud & Risk Prevention API Reference

Explore the details of the Stytch API. Our Fraud & Risk Prevention API is organized around REST principles and has resource-oriented URLs, returns JSON-encoded responses, and uses standard HTTP response codes, authentication, and verbs.

All fraud API resources are scoped to the Project of the API keys you provide.

API keys

The Stytch API uses basic authentication with your project_id and secret from the API Keys section in the Dashboard. You'll need to pass these values into the Authorization request header for every Stytch API call.


For every Stytch project, there are two environments, TEST and LIVE. For Device Fingerprinting calls, you must provide the project_id and secret of the project / environment of your preference.