Get risk decisions for authenticated users with account context
The Authenticate endpoint is the core of Verisoul’s fraud prevention system. It allows your backend to verify the risk level of a user session and make informed decisions about allowing or blocking actions when a user is authenticated or associated with an account.
The Authenticate endpoint provides comprehensive risk assessment by combining session signals with account-specific intelligence. This makes it the most powerful option for protecting user accounts, sensitive actions, and high-value transactions.
Use the Authenticate endpoint when a session is associated with a user account. This is ideal for:
To avoid false positives, do not authenticate sessions that have been impersonated or are from your internal team members. Authenticating these sessions can result in legitimate accounts being incorrectly flagged for multi-accounting.
Parameter | Type | Description |
---|---|---|
session_id | string | The Verisoul session ID obtained from the client SDK |
account | object | A valid Verisoul account object |
The account object is a JSON object that contains the following fields:
Parameter | Required | Type | Description |
---|---|---|---|
id | Yes | string | Your internal user/account identifier |
email | No | string | User’s email address for reputation checks |
phone | No | string | User’s phone number in E.164 format (e.g., +12125551234) |
metadata | No | object | Additional context about the user or session |