evaluateRisk response
The evaluateRisk response returns the status of the request to assess whether a particular sign-in event is considered risky.
evaluateRisk
evaluateRisk
output fields.Data stored on the device (device tag) takes higher precedence for risk assessment when both the device tag and the device fingerprint (canvas fingerprint) are encoded in the
IAAuthData
key.Output Field | Required? | Type | Purpose |
|---|---|---|---|
requestId | Y | String | The requestId sent with the evaluateRisk request. |
status | Y | hex string | Unique status code. 0000=Success . Any other value is an error. |
statusMessage | Y | String | Message corresponding to the status of the request. If the status is not 0000 (success), this message is an error message. |
Risky | Y | Boolean | Returns "true" if a sign-in event is considered risky. Otherwise is "false." |
RiskScore | Y | Double | An integer between 0 and 100, inclusive. The higher the value, the higher the risk of the particular sign-in event. |
RiskThreshold | Y | Double | An integer between 0 and 100, inclusive. If the risk score exceeds the threshold, the sign-in event is considered risky. |
RiskReason | Y | String | Reasons that contributed to the risk score or risk decision. Reasons increase the risk score, unless noted. Multiple reasons may appear in a single response.
|
PolicyVersion | Y | String | Version of rules and values that are used for risk analysis. |
EventId | Y | String | The ID of the current event generated by IA. |
RequestContext | Y | String | More details from the request or about the request. Returned only if IncludeRequestContext is set to true in the request.
|
KeyValuePair | N | List | A list of the key and value strings that are returned in the response. See KeyValuePair |
KeyValuePair
KeyValuePair
output fields.Output Field | Purpose |
|---|---|
external.user.id | The userId value provided in the evaluateRisk request. This field is useful for tracking the evaluateRisk request and response. |
device.friendly.name | The unique name for the device provided by the user during registration. If the user registered the device without providing a friendly name, the default friendly name is used. Only returned if the user registered the device. |
device.registered | Indicates whether IA recognizes the device as registered for the user. Value is either true or false. If false, IA determined that the device is not registered. If the evaluateRisk request does not include valid IAAuthData , this value is always false. |
device.tag | A unique tag to be stored on the device for the user to register it. Value is a string. Only returned if valid IAAuthData is present in the request, and:
|
device.tag.id | A unique identifier for the device. |
device.expired | Indicates if the device fingerprint is expired. Value is true or false. |
device.expired.reason | Indicates the reason that the device fingerprint has expired:
|
device.shared | Indicates if the device is shared by other users. Value is either true or false. |
device.registered.reason | Indicates the reason that IA did or did not detect that the device is registered. |
device.match.method | IA can identify if a specific device is registered to a user in one of two ways. During registration, VIP may store device identifying information in local storage on the client device, as a tag in the browser or device. IA may also use attributes of the device, such as the operating system, browser, or graphics capabilities (the device fingerprint) to identify the device. The device tag takes precedence when both device tag and device fingerprint (canvas fingerprint) are present in the evaluateRisk API call. This field indicates the method that IA used when attempting to identify the device:
|
device.match.reason.code | Describes how IA was able to determine the identity of the device. Only returned if VIP was able to identify the device. This field is not returned if the device engine is disabled in the IA policy, or if the IAAuthData field is not present in the request or is invalid.
|
device.fingerprint.changes | Indicates the device changes that IA identified. Only returned if device changes are found in a registered device. This field is not returned if the device engine is disabled in the IA policy, or if the IAAuthData field is not present or invalid in the request. Fingerprints with invalid components may only return a subset of the actual changes.The value string is an array of JSON objects, with each object representing a detected change to the fingerprint of a registered device. Each change returns the following values:
|
device.fingerprint.details | Includes the uncompressed details of all fingerprint data from the request. Only returned if device changes are found in a registered device and the request included a value of true for the IncludeFingerprintDetails field. This field is not returned if the device engine is disabled in the IA policy, or if the IAAuthData field is not present or invalid in the request.The value string is an array of JSON objects, with each object representing a fingerprint field value recorded as part of the fingerprint for a registered device. Each change returns the following values: Not all values are returned for all requests.
|