Documentation Index
Fetch the complete documentation index at: https://docs.verisoul.ai/llms.txt
Use this file to discover all available pages before exploring further.
Payload Structure
When email analysis completes, Verisoul sends a POST request to your configured webhook endpoint.
Example Success Payload
{
"request_id": "d69b8d6a-06ae-4071-b6a7-f9abe000b73b",
"batch_id": null,
"project_id": "ed8fe5d7-ead9-4b81-b1b0-74190582341c",
"event_type": "email.intelligence.completed",
"created_at": "2026-03-09T18:22:10Z",
"completed_at": "2026-03-09T18:22:15Z",
"status": "success",
"data": {
"input": {
"email": "john.doe@test.verisoul.com",
"claims": {
"name": { "first": "John", "last": "Doe" },
"country": "US"
}
},
"result": {
"decision": "trusted",
"risk_score": -0.4514,
"trust_signals": [
"email_age_greater_than_5_years",
"email_known_online_history",
"online_presence_detected",
"identity_name_match"
],
"risk_signals": [],
"domain": {
"risk_score": -0.72,
"fqdn": "test.verisoul.com",
"apex": "verisoul.com",
"type": "business",
"age_years": 4.2,
"country": "US"
},
"email": {
"username": "john.doe",
"normalized": "john.doe@test.verisoul.com",
"first_seen_at": "2022-06-15",
"age_years": 3.8,
"seen_countries": ["US"]
},
"deliverability": {
"risk_score": -1,
"send_recommendation": "send"
},
"breach_intelligence": {
"breach_count": 1,
"trusted_breach_count": 0,
"breach_list": [
{
"source": "Adobe",
"breach_date": "2013-10-04",
"trust_weight": "moderate",
"country": "global",
"industry": "software"
}
]
},
"identity_intelligence": {
"match_risk_score": -0.4,
"online_accounts_count": 3,
"online_accounts": ["google", "linkedin", "github"],
"connected_names": ["John Doe"],
"connected_phones": ["+1555*******"],
"claim_matches": {
"name": "match",
"phone": "skipped",
"country": "match"
}
}
}
},
"error": null
}
The identity_intelligence section inside data.result is only present when the request was submitted with identity_intelligence: true.
Error Payload
{
"request_id": "5fee305e-4b6e-41c4-bff9-c9b53e175d70",
"batch_id": null,
"project_id": "ed8fe5d7-ead9-4b81-b1b0-74190582341c",
"event_type": "email.intelligence.completed",
"created_at": "2026-03-09T18:22:10Z",
"completed_at": "2026-03-09T18:22:15Z",
"status": "error",
"data": null,
"error": {
"email": "some.email@random.com",
"code": "timed_out",
"message": "Unable to compute score of email"
}
}
Field Reference
Top-Level Fields
| Field | Type | Description |
|---|
request_id | string | Unique identifier for this email intelligence request |
batch_id | string | null | Batch identifier, if the email was submitted as part of a batch |
project_id | string | Your Verisoul project ID |
event_type | string | Always email.intelligence.completed |
created_at | string | When analysis started (ISO 8601) |
completed_at | string | When analysis completed (ISO 8601) |
status | string | success or error |
data | object | null | Analysis results (present on success) |
error | object | null | Error details (present on failure) |
| Field | Type | Description |
|---|
email | string | The email address that was analyzed |
claims | object | Claims submitted with the request (if any) |
data.result
| Field | Type | Description |
|---|
decision | string | Risk decision: high_trust, trusted, moderate, risky, or high_risk |
risk_score | number | Overall risk score from -1 (high trust) to 1 (high risk) |
trust_signals | string[] | List of detected trust signals |
risk_signals | string[] | List of detected risk signals |
Decision Buckets
Every email receives a decision based on the overall risk_score:
| Decision | Score Range | Meaning |
|---|
| high_trust | below -0.50 | Strong trust signals across multiple dimensions |
| trusted | -0.50 to 0.00 | Positive trust indicators present |
| moderate | 0.00 to 0.25 | Neutral — no strong signals in either direction |
| risky | 0.25 to 0.75 | Some risk indicators detected |
| high_risk | above 0.75 | Strong risk signals — likely fraudulent or invalid |
data.result.domain
| Field | Type | Description |
|---|
risk_score | number | Domain risk score from -1 to 1 |
fqdn | string | Fully qualified domain name |
apex | string | Root/apex domain |
type | string | Domain classification (see domain types) |
age_years | number | Domain age in years |
country | string | Country associated with the domain |
data.result.email
| Field | Type | Description |
|---|
username | string | Local part of the email address |
normalized | string | Canonicalized email address |
first_seen_at | string | Earliest known date this email appeared in data sources |
age_years | number | Estimated age of the email address in years |
seen_countries | string[] | Countries where this email has been observed |
data.result.deliverability
| Field | Type | Description |
|---|
risk_score | number | Deliverability risk: -1 (deliverable) to 1 (not deliverable) |
send_recommendation | string | send, send_with_caution, or do_not_send |
data.result.breach_intelligence
| Field | Type | Description |
|---|
breach_count | number | Total number of data breaches this email appears in |
trusted_breach_count | number | Number of breaches from verified/trusted sources |
breach_list | object[] | Detailed list of breaches (name, date, data types exposed) |
data.result.identity_intelligence
Only present when identity_intelligence: true was set in the request.
| Field | Type | Description |
|---|
match_risk_score | number | Identity match risk from -1 (verified match) to 1 (no match / ghost identity) |
online_accounts_count | number | Number of platforms where the email is registered |
online_accounts | string[] | Platforms where the email is registered (e.g., google, facebook, linkedin) |
connected_names | string[] | Names associated with this email across data sources |
connected_phones | string[] | Phone numbers linked to this email |
claim_matches | object | Results of matching submitted claims against identity data |
data.result.identity_intelligence.claim_matches
| Field | Type | Description |
|---|
name | string | match, partial_match, no_match, or skipped |
phone | string | match, partial_match, no_match, or skipped |
country | string | match, partial_match, no_match, or skipped |
error
| Field | Type | Description |
|---|
email | string | The email address that failed during analysis |
code | string | Error code (e.g., internal_server_error) |
message | string | Human-readable description of the failure |
Signal and Domain Type Definitions
For detailed definitions of all signals and domain classifications, see:
