Class: Stytch::Fraud::Rules

Inherits:
Object
  • Object
show all
Includes:
RequestHelper
Defined in:
lib/stytch/fraud.rb

Instance Method Summary collapse

Methods included from RequestHelper

#delete_request, #get_request, #post_request, #put_request, #request_with_query_params

Constructor Details

#initialize(connection) ⇒ Rules

Returns a new instance of Rules.



93
94
95
 
# File 'lib/stytch/fraud.rb', line 93

def initialize(connection)
  @connection = connection
end

Instance Method Details

#set(action:, visitor_id: nil, browser_id: nil, visitor_fingerprint: nil, browser_fingerprint: nil, hardware_fingerprint: nil, network_fingerprint: nil, expires_in_minutes: nil, description: nil) ⇒ Object

Set a rule for a particular ‘visitor_id`, `browser_id`, `visitor_fingerprint`, `browser_fingerprint`, `hardware_fingerprint`, or `network_fingerprint`. This is helpful in cases where you want to allow or block a specific user or fingerprint. You should be careful when setting rules for `browser_fingerprint`, `hardware_fingerprint`, or `network_fingerprint` as they can be shared across multiple users, and you could affect more users than intended.

Rules are applied in the order specified above. For example, if an end user has an ‘ALLOW` rule set for their `visitor_id` but a `BLOCK` rule set for their `hardware_fingerprint`, they will receive an `ALLOW` verdict because the `visitor_id` rule takes precedence.

Parameters:

action

The action that should be returned by a fingerprint lookup for that fingerprint or ID with a ‘RULE_MATCH` reason. The following values are valid: `ALLOW`, `BLOCK`, `CHALLENGE`, or `NONE`. If a `NONE` action is specified, it will clear the stored rule. The type of this field is RuleAction (string enum).

visitor_id

The visitor ID we want to set a rule for. Only one fingerprint or ID can be specified in the request. The type of this field is nilable String.

browser_id

The browser ID we want to set a rule for. Only one fingerprint or ID can be specified in the request. The type of this field is nilable String.

visitor_fingerprint

The visitor fingerprint we want to set a rule for. Only one fingerprint or ID can be specified in the request. The type of this field is nilable String.

browser_fingerprint

The browser fingerprint we want to set a rule for. Only one fingerprint or ID can be specified in the request. The type of this field is nilable String.

hardware_fingerprint

The hardware fingerprint we want to set a rule for. Only one fingerprint or ID can be specified in the request. The type of this field is nilable String.

network_fingerprint

The network fingerprint we want to set a rule for. Only one fingerprint or ID can be specified in the request. The type of this field is nilable String.

expires_in_minutes

The number of minutes until this rule expires. If no ‘expires_in_minutes` is specified, then the rule is kept permanently. The type of this field is nilable Integer.

description

An optional description for the rule. The type of this field is nilable String.

Returns:

An object with the following fields:

request_id

Globally unique UUID that is returned with every API call. This value is important to log for debugging purposes; we may ask for this value to help identify a specific API call when helping you debug an issue. The type of this field is String.

action

The action that will be returned for the specified fingerprint or ID. The type of this field is RuleAction (string enum).

status_code

The HTTP status code of the response. Stytch follows standard HTTP response status code patterns, e.g. 2XX values equate to success, 3XX values are redirects, 4XX are client errors, and 5XX are server errors. The type of this field is Integer.

visitor_id

The cookie stored on the user’s device that uniquely identifies them. The type of this field is nilable String.

browser_id

Combination of VisitorID and NetworkFingerprint to create a clear identifier of a browser. The type of this field is nilable String.

visitor_fingerprint

Cookie-less way of identifying a unique user. The type of this field is nilable String.

browser_fingerprint

Combination of signals to identify a browser and its specific version. The type of this field is nilable String.

hardware_fingerprint

Combinations of signals to identify an operating system and architecture. The type of this field is nilable String.

network_fingerprint

Combination of signals associated with a specific network commonly known as TLS fingerprinting. The type of this field is nilable String.

expires_at

The timestamp when the rule expires. Values conform to the RFC 3339 standard and are expressed in UTC, e.g. ‘2021-12-29T12:33:09Z`. The type of this field is nilable String.



162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
 
# File 'lib/stytch/fraud.rb', line 162

def set(
  action:,
  visitor_id: nil,
  browser_id: nil,
  visitor_fingerprint: nil,
  browser_fingerprint: nil,
  hardware_fingerprint: nil,
  network_fingerprint: nil,
  expires_in_minutes: nil,
  description: nil
)
  headers = {}
  request = {
    action: action
  }
  request[:visitor_id] = visitor_id unless visitor_id.nil?
  request[:browser_id] = browser_id unless browser_id.nil?
  request[:visitor_fingerprint] = visitor_fingerprint unless visitor_fingerprint.nil?
  request[:browser_fingerprint] = browser_fingerprint unless browser_fingerprint.nil?
  request[:hardware_fingerprint] = hardware_fingerprint unless hardware_fingerprint.nil?
  request[:network_fingerprint] = network_fingerprint unless network_fingerprint.nil?
  request[:expires_in_minutes] = expires_in_minutes unless expires_in_minutes.nil?
  request[:description] = description unless description.nil?

  post_request('/v1/rules/set', request, headers)
end