URL https://<fraud-data-baseurl>/securityData/<tid>

Request

GET with URL path parameter tid for the authentication session is question (Transaction ID from the ID Token)

Authentication Access Token as Bearer Token in Authorization Header

Response

`202`	`Accepted`	A new process for retrieval of fraud data for `tid` is accepted
`204`	`No Content`	A process for retrieval of fraud data for `tid` is still ongoing (not yet completed)
`200`	`OK`	A process for retrieval of fraud data for `tid` has completed. The body contains a JSON with fraud data response elements.
`400`	`Bad request`	The `tid` value does not correspond to a session associated with the requesting OIDC client
`401`	`Unauthorized`	Bearer token is missing or not accepted for any reason
`403`	`Forbidden`	Bearer token has insufficient scope
`404`	`Not found`	The `tid` is an unknown value for the OIDC Provider.
`410`	`Gone`	Fraud data for `tid` is no longer available
`429`	`Too many requests`	The fraud data service is currently too busy to serve the request
`500`	`Internal server error`	Any other error condition

Error responses contains further information on the reason according to standard.

Example See below

This method provides data (security data / fraud data) that can be used for risk scoring on a recent authentication session via the OIDC Provider. The tid claim from the ID Token works as the reference to the session in question. At first invocation of this method for a given tid, the Fraud Data service starts a process to retrieve all relevant data for the transaction in question. When all available fraud data for the given transaction has been retrieved, the set of available data may be returned to the requesting OIDC Client upon request. The typical usage pattern for an OIDC Client is to receive a 202 in response to the initial request, followed by one or more 204 responses on subsequent polling requests, before the service eventually responds with a 200 along with the actual fraud data in the body.

The Fraud Data service is classified as a near-realtime service. Retrieval of a full set of fraud data may take up to 10 seconds to complete. After completion fraud data will be available for an extended time period of 3600 seconds. The polling interval while waiting for data should not be more frequent that once every 1-5 seconds.

Response elements

The set of fraud data is returned as JSON containing supported fraud data claims for the Identity Provider in question.

Example

The following is an example for a request to the Fraud Data service for a given tid value

seurityData request

TBC

The following is a truncated JSON example from the response from the Fraud Data service for an authentication session with BankID netcentric. A complete JSON example is not included in this documentation for security reasons. A complete example can be provided upon request.

seurityData JSON response

{
  "tid": "754a1771-8f6a-4fa5-b6d7-47d81dda493d",
  "transaction_data": {
    ...
    "BankID_browserName": "Chrome",
    "BankID_timeZone": "Europe/Oslo",
    "BankID_osName": "Linux",
    "BankID_osVersion": "Unknown",
    "BankID_userAgent": "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.186 Safari/537.36",
    "BankID_language": "\"en-US\"",
	...
   },
  "derived_data": {
	...
    "BankID_User_IP": "195.18.161.2",
    "BankID_Alarm_IDx": "No alarms",
    "BankID_fpf": "0",
    "BankID_fpf_classification": "Unknown",
    "BankID_env": "0",
    "BankID_env_classification": "Unknown",
    "BankID_irs": "0",
    "BankID_irs_classification": "Unknown",
    "BankID_dms": "0",
    "BankID_dms_classification": "Unknown",
    "BankID_ips": "0",
    "BankID_ips_classification": "Unknown",
	...
  }
}

Page tree

securityData

Response elements

Example