Fraud and Risk Prevention

/

API reference

/

Device Fingerprinting

/

Set Rule

Set Rule

POSThttps://telemetry.stytch.com/v1/rules/set

Set a rule for a particular visitor_id, browser_id, visitor_fingerprint, browser_fingerprint, hardware_fingerprint, or network_fingerprint. This is helpful in cases where you want to allow or block a specific user or fingerprint. You should be careful when setting rules for browser_fingerprint, hardware_fingerprint, or network_fingerprint as they can be shared across multiple users, and you could affect more users than intended.

Rules are applied in the order specified above. For example, if an end user has an ALLOW rule set for their visitor_id but a BLOCK rule set for their hardware_fingerprint, they will receive an ALLOW verdict because the visitor_id rule takes precedence.

Body parameters

visitor_idstring
browser_idstring
visitor_fingerprintstring
browser_fingerprintstring
hardware_fingerprintstring
network_fingerprintstring
action*string
expires_in_minutesint

Response fields

request_idstring
status_codeint
actionstring
browser_idstring
visitor_idstring
visitor_fingerprintstring
browser_fingerprintstring
hardware_fingerprintstring
network_fingerprintstring
curl --request POST \
  --url https://telemetry.stytch.com/v1/rules/set \
  -u 'PROJECT_ID:SECRET' \
  --data '{
	"visitor_id": "visitor-6139cbcc-4dda-4b1f-b1c0-13c08ec64d72",
	"action": "CHALLENGE",
	"expires_in_minutes": 120
}'

RESPONSE

200
{
  "action": "CHALLENGE",
  "browser_id": "browser-id-99cffb93-6378-48a5-aa90-d680232a7979",
  "visitor_id": "",
  "visitor_fingerprint": "",
  "browser_fingerprint": "",
  "hardware_fingerprint": "",
  "network_fingerprint": "",
  "expires_at": "2033-01-01T00:00:00Z",
  "request_id": "request-id-test-b05c992f-ebdc-489d-a754-c7e70ba13141",
  "status_code": 200
}