This topic describes the common request and response parameters for Fraud Detection API operations.
Common request parameters
The request parameters for Fraud Detection API operations include common request parameters and service-specific event parameters. Common request parameters are required for every API operation. The following table describes the common request parameters.
Name | Type | Required | Description |
Format | String | Yes | The format of the returned message. Valid values:
|
Version | String | Yes | The API version number. Use the YYYY-MM-DD date format. The current version is 2019-05-21. |
AccessKeyId | String | Yes | The AccessKey ID issued to you by Alibaba Cloud to access the service. |
Signature | String | Yes | The signature string. For more information about how to calculate the signature, see Section 2.0 of Signature Mechanism: SDK-based Calls. |
SignatureMethod | String | Yes | The signature method. Only HMAC-SHA1 is supported. |
Timestamp | String | Yes | The timestamp of the request. The time must be in UTC and comply with the ISO 8601 standard. The format is yyyy-MM-ddTHH:mm:ssZ. For example, 09:44:35 on August 22, 2019 (UTC+8) is represented as 2019-08-22T01:44:35Z. |
SignatureVersion | String | Yes | The version of the signature algorithm. The value is 1.0. |
SignatureNonce | String | Yes | A unique random number that is used to prevent replay attacks. You must use a different random number for each request. |
Action | String | Yes | Valid values are ExecuteRequestSG (Singapore) and ExecuteRequestML (Malaysia). |
Service | String | Yes |
|
ServiceParameters | String | Yes | A list of service parameters in JSON format. Example: |
The following code provides a sample request for the Device Risk Detection - Advanced Service:
https://saf.{region}.aliyuncs.com/
?Format=JSON
&Version=2020-07-06
&Signature=vpEEL0zFHfxXYzSFV0n7%2FZiFL9o%3D
&SignatureMethod=Hmac-SHA1
&SignatureNonce=15215528852396
&SignatureVersion=1.0
&Action=ExecuteRequest
&AccessKeyId=123****saf
&Timestamp=2018-06-01T12:00:00Z
&Service=device_risk_pro
&ServiceParameters={"deviceToken":1012****}Common response parameters
Every API request returns a unique request ID, `RequestId`, regardless of whether the call is successful. Other response parameters include `score`, `tags`, and `extend` (custom response parameters). The returned parameters vary depending on the service. For more information, see the documentation for the specific service.
The following code provides a sample response in JSON format for the Device Risk Detection - Advanced Service:
{
// service: device_risk_pro
"RequestId": "52E3208D-E7BF-32F0-9913-2A168894D2D9",
"Message": "OK",
"Data": {
"extend": "0f533f6056f50664b48f2b3866220f0f", // Unique device ID
"tags": "is_rooted" // Reason code
},
"Code": 200 // The request is successful.
} The sample responses in this topic are formatted for readability. Actual responses are not formatted with line breaks or indentation.
Error codes
Code | Description |
200 | The request is successful. |
400 | The value of the `ServiceParameters` parameter is invalid. |
402 | The number of queries per second (QPS) exceeds the purchased specifications. Throttling is enabled. |
403 | The request does not have the required permissions. The service is not activated or has expired. |
404 | The value of the `Service` parameter is invalid. |
500 | An internal server error occurred. |