Your suggested change has been received. Thank you.

close

Suggest A Change

https://thales.na.market.dpondemand.io/docs/dpod/services/kmo….

Thales Logo

All

  • All
back

Evaluate risk with auth feedback

Risk Evaluation

search

Please Note:

Risk Evaluation

This request requests the risk evaluation for the end user's operation. In the example below, several values need to be updated with your configuration.

  • eyJ0…3jig - the base 64 encoded JWT used to authorise the request to the OIP Risk Management service.
  • 12345678-90ab-cdef-1234-567890abcdef : The API key identifies a customer to IdCloud for quota and monitoring purposes.
  • visitId: The value must be the one returned from the signal collection done in step 1
  • userAttributes and risk objects: Provides the context of the operation used to apply the proper policies.
POST /scs/v1/scenarios
Accept: application/json
Content-Type: application/json
Authorization: Bearer eyJ0...3jig
X-API-KEY: 12345678-90ab-cdef-1234-567890abcdef

{
"input":
  {
    "userId": "testUser",
    "userAttributes":
    {
      "email" : "testUser@gmail.com",
      "groups"   : ["default"]
    },
    "risk": {
      "visitId": "6e7d4ebf-8f67-4d6d-990d-208e0e0477ac",
      "destinationAccountNumber" : "RO49AAAA1B31007593840000"
    }
  },
  "name": "Evaluate_Risk_With_Authentication_Feedback"
}

The response contains several important values that must be parsed.

  • HTTP/1.1 201 - The overall result of the call. 201 means the execution was successful. Other values mean an error happened (for example: 400 Bad Request – A client-related error occurred).
  • status: waiting - This status is normal. The first call performed the risk evaluation and now the scenario is waiting for the authentication result.
  • state.result.code: 0 - In case of an error during the risk evaluation, an error code will be returned.
  • state.result.object.risk.decision: The decision from the policy manager. This dictates what are the next steps for the bank. See step 3 for more details.
HTTP/1.1 201
status: 201
Date: Thu, 20 Dec 2018 15:53:22 GMT
Content-Type: application/json;charset=UTF-8
Content-Length: XXX


{
    "id": "447578be-6d5a-4b37-a6fd-6673dcd608f3",
    "name": "Evaluate_Risk_With_Authentication_Feedback",
    "status": "Waiting",
    "state": {
        "steps": [
            {
                "id": "WaitForAuth",
                "name": "Waiting for Authentication",
                "status": "Waiting"
            }
        ],
        "result": {
            "code": "0",
            "message": "Risk operation completed",
            "type": "Risk_Response",
            "object": {
                "risk": {
                    "status": "SUCCESS",
                    "decision": {
                        "access": "allowed",
                        "auth": [
                            {
                                "type": "password"
                            }
                        ]
                    },
                    "decisionDetails": {
                        "gemaltoRiskEngine": [...],
                        "threatmetrix": [...]
                    },
                    "policy": {
                        "name": "BHV_test",
                        "id": "9eca761b-29cc-4bcd-f310-731e7db7cc13"
                    }
                }
            }
        }
    }
}

REST API documentation

This API is documented in the following page: Evaluate risk with authentication feedback

Next

Authenticating

On this page