Overview
The Fraudlr API is a RESTful API that allows you to integrate fraud detection and analysis capabilities into your applications. Our API is designed to be simple, predictable, and easy to integrate.
All API requests are made to https://api.fraudlr.com and all responses are returned in JSON format.
REST-based
Standard HTTP methods and status codes
JSON responses
All data returned in JSON format
Secure
JWT-based authentication
Rate limited
Fair usage policies applied
Quick Start
1. Sign Up
Create your account
2. Authenticate
Get your JWT token
3. Make Requests
Call API endpoints
4. Integrate
Build your solution
Your First Request
Here's a complete example of authenticating and creating a case
# 1. Login to get token
curl -X POST https://api.fraudlr.com/api/auth/login \
-H "Content-Type: application/json" \
-d '{
"email": "user@example.com",
"password": "your-password"
}'
# 2. Create a case with the token
curl -X POST https://api.fraudlr.com/api/cases \
-H "Authorization: Bearer YOUR_TOKEN_HERE" \
-H "Content-Type: application/json" \
-d '{
"name": "Transaction Analysis",
"description": "Analyzing suspicious transactions",
"priority": "HIGH"
}'Authentication
JWT Bearer Authentication
Fraudlr uses JSON Web Tokens (JWT) for API authentication. To authenticate your requests:
- Create an account via the signup endpoint or web interface
- Login with your credentials to receive a JWT token
- Include the token in the Authorization header of subsequent requests
AUTHORIZATION HEADER
Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...Token Expiration
Tokens are valid for 7 days. After expiration, you'll need to login again to obtain a new token. Store tokens securely and never expose them in client-side code.
API Endpoints
Request Format
All API requests must include the following headers:
Content-Type: application/json
Authorization: Bearer YOUR_TOKEN_HERE (for protected endpoints)Request bodies should be valid JSON and match the schema defined for each endpoint.
Response Format
All responses are returned in JSON format with appropriate HTTP status codes.
Success Response
{
"id": "case_123",
"name": "Transaction Analysis",
"status": "PENDING",
"createdAt": "2026-01-28T10:00:00Z"
}Error Response
{
"error": "Validation Error",
"message": "Name is required",
"statusCode": 400
}Error Handling
HTTP Status Codes
The API uses standard HTTP status codes to indicate success or failure
OK
Request successful
Created
Resource created successfully
Bad Request
Invalid request parameters
Unauthorized
Missing or invalid authentication token
Forbidden
Insufficient permissions
Not Found
Resource not found
Too Many Requests
Rate limit exceeded
Server Error
Internal server error
Code Examples
Complete Authentication Flow
// Complete authentication and case creation flow
async function createFraudCase() {
try {
// 1. Login
const loginRes = await fetch('https://api.fraudlr.com/api/auth/login', {
method: 'POST',
headers: { 'Content-Type': 'application/json' },
body: JSON.stringify({
email: 'user@example.com',
password: 'your-password'
})
});
if (!loginRes.ok) throw new Error('Login failed');
const { token } = await loginRes.json();
// 2. Create case
const caseRes = await fetch('https://api.fraudlr.com/api/cases', {
method: 'POST',
headers: {
'Authorization': `Bearer ${token}`,
'Content-Type': 'application/json'
},
body: JSON.stringify({
name: 'Q1 Analysis',
description: 'Quarterly fraud detection',
priority: 'HIGH'
})
});
const newCase = await caseRes.json();
console.log('Case created:', newCase);
return newCase;
} catch (error) {
console.error('Error:', error.message);
}
}Retrieving Case Information
// Get all cases
const getAllCases = async (token) => {
const response = await fetch('https://api.fraudlr.com/api/cases', {
headers: { 'Authorization': `Bearer ${token}` }
});
return await response.json();
};
// Get specific case
const getCase = async (token, caseId) => {
const response = await fetch(`https://api.fraudlr.com/api/cases/${caseId}`, {
headers: { 'Authorization': `Bearer ${token}` }
});
return await response.json();
};Rate Limiting
To ensure fair usage and system stability, the Fraudlr API implements rate limiting:
Standard Tier
100
requests per minute
Pro Tier
500
requests per minute
Enterprise
Custom
tailored to your needs
Rate Limit Headers
All API responses include headers indicating your current rate limit status:
X-RateLimit-Limit: 100
X-RateLimit-Remaining: 95
X-RateLimit-Reset: 1706437200Rate Limit Exceeded
When you exceed your rate limit, you'll receive a 429 status code. Implement exponential backoff in your applications to handle this gracefully.
Best Practices
Security
- Never expose your JWT tokens in client-side code or public repositories
- Use environment variables to store sensitive credentials
- Implement token refresh logic before expiration
- Always use HTTPS for API requests in production
Error Handling
- Always check HTTP status codes before processing responses
- Implement proper error handling for network failures
- Use try-catch blocks or equivalent error handling in your language
- Log errors for debugging but avoid logging sensitive data
Performance
- Implement caching for frequently accessed data
- Use batch operations when available to reduce API calls
- Respect rate limits and implement exponential backoff
- Monitor your API usage and optimize requests
Webhooks
Coming Soon
Webhook support for real-time notifications is currently in development.
SDKs
Coming Soon
Official SDKs for popular languages are in development:
Need Help?
Our developer support team is here to help you build amazing fraud detection solutions.