Overview

if your implementation engineer has created a custom version of forter’s api for your integration, log in to forter portal to view your https //portal forter com/app/integration/docs/api reference api reference forter's apis can be leveraged for a variety of use cases throughout the user journey the api reference documentation includes synchronous api endpoints for real time decisions as well as supplementary apis used to provide forter with subsequent status updates after forter has provided a binary decision and/or recommendation core api path please send all api requests to a dedicated path for your account, by appending your site id to the beginning of the url https //{site id} api forter secure com/{endpoint} note that there is a different path for forter's tokenization api authentication all requests to forter’s apis must be made over https in order to authenticate, include both the site id and api key, which can be found in credentials, in the request headers forter uses basic authentication credentials in the form of a username and password, where the api key is the username and the password is empty note that your site id and api key are different for your forter test site and production site curl x post "https //{site id} api forter secure com/{endpoint}" u "{api key} " h "api version 10 1" h "content type application/json" h "x forter siteid {site id}" d @filepost data headers true unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type http codes forter uses conventional http response codes to indicate the success or failure of an api request in general, codes in the 2xx range indicate success, codes in the 4xx range indicate an error that resulted from the provided information, while codes in the 5xx range indicate an error with forter's servers true unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type timeouts in order to prevent connection failovers due to internet network failures, set a client side timeout of 2 seconds on the http request retries in the following cases we recommend that you retry the request once client side timeout 5xx error code 429 error code the retry can be immediate or at a later stage if relevant and possible (for example after capturing the money and before shipping) in any case we prefer that you backfill the request to forter in order for us to have a complete picture of good/bad customers in a case of an additional failure on the retry, we recommend that you alert us and diagnose load testing your test site is limited to 10 rps (requests per seconds) requests beyond this limit will result in a 429 error code you can exceed this rate limit by including the header x forter disable persistence = true in your load test requests requests made with this header will not be visible in forter’s decision dashboard, so you should not include this header in real production requests tls session reuse for low latency applications, every millisecond counts one common source of unnecessary latency is the repeated tls handshake process when making api requests if your application does not reuse tls sessions, it incurs extra latency and computational overhead for every new connection to mitigate this, we strongly recommend https //docs forter com/reference/tls session reuse conditional fields note that some fields in the api reference will be marked as conditional instead of required this is intended to denote that the field is dependentrequired or oneof excluding conditional fields will not result in an error response, but may be checked during by forter during the testing phase test response handling api requests made with your test site id will return a randomized decision in order to test your response handling, you can trigger a specific decision or recommendation by using a specific email address as the customer’s email, a specific credit card number as the payment method, and/or a specific ip address fraud management true unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type abuse prevention true unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type 3ds recommendation true unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type 3ds execution no challenge required true unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type challenge executed true unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type account protection true unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type true unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type