denyRisk Request

Send the
denyRisk
request if the
evaluateRisk
API determines a sign-in event was risky, but the site's user challenge response has been successful.
Send the request to: https://userservices-auth.vip.symantec.com/vipuserservices/AuthenticationService_1_10
denyRisk
input fields
provides details about the
denyRisk
input fields.
denyRisk
input fields
Input Field
Required?
Type
Purpose
requestId
Y
String
A unique identifier of the request for the enterprise application. The request ID accepts from 4 to 40 alphanumeric characters and underscores.
This identifier may be useful for troubleshooting purposes.
UserId
Y
String
Unique ID for the user, such as the user email address, the user logon name, or a unique ID that maps to user logon name. The user ID accepts from 1 to 128 international characters.
The user ID is not case-sensitive in look-up operations.
EventId
Y
String
The ID of the current event generated by IA.
VerifyMethod
N
String
Method that is used to challenge a risky sign-in event, from 1 to 64 characters.
IAAuthData
N
String
"Fingerprint" of the device.
Sending no
IAAuthData
field or an empty
IAAuthData
field does not return an error. However, in this case, the
RememberDevice
field is always set to
false
. Further, the device is not remembered even if the user has chosen to always have the device recognized.
RememberDevice
N
Boolean
Sets "true" if the user has chosen to always have device recognized. The device tag is then bound to the user. If the user elects not to have the device recognized, this value is "false."
This field is ignored if an empty
IAAuthData
field is sent or if an
IAAuthData
field is not present in the request.
FriendlyName
N
String
A descriptive name provided by the user during registration. If the user did not provide a name, a default friendly name is used.
KeyValuePair
N
List
List of key and value strings.