fraud
/fraud
/fraud
The Fraud API (alpha) lets you manage UltraCart's fraud rule engine over plain HTTP. Fraud rules inspect incoming orders and take an action (flag for review, decline, exempt, etc.) when their conditions match. The API also exposes the lookup values you need to build rules and a quick way to decline a known-bad email address.
Every request needs two headers:
-H "X-UltraCart-Api-Version: 2017-03-01"
-H "x-ultracart-simple-key:
The simple key below has fraud_read and fraud_write rights and only works in the UltraCart development system. Create your own Simple Key: https://ultracart.atlassian.net/wiki/spaces/ucdoc/pages/38688545/API+Simple+Key
The samples in this directory: getFraudLookupValues.curl - GET /rest/v2/fraud/lookup_values searchFraudRules.curl - POST /rest/v2/fraud/rules/search insertFraudRule.curl - POST /rest/v2/fraud/rules deleteFraudRule.curl - DELETE /rest/v2/fraud/rules/{fraud_rule_oid} declineEmail.curl - POST /rest/v2/fraud/decline_email
using System;
using System.Reflection;
namespace SdkSample.fraud
{
/// <summary>
/// The Fraud API (alpha) lets you manage UltraCart's fraud rule engine programmatically.
/// Fraud rules inspect incoming orders and take an action (flag for review, decline, exempt,
/// etc.) when their conditions match. The API also exposes the lookup values you need to build
/// rules and a quick way to decline a known-bad email address.
///
/// The samples in this directory:
/// GetFraudLookupValues.cs - retrieve the lookup values (countries, affiliates, rule types,
/// ip range types, rule groups) used when building rules.
/// SearchFraudRules.cs - search existing fraud rules by criteria.
/// InsertFraudRule.cs - create several fraud rules of different types.
/// DeleteFraudRule.cs - delete a fraud rule by its oid (self-contained: inserts one first).
/// DeclineEmail.cs - decline a specific email address.
///
/// This key has fraud_read and fraud_write rights. Create a Simple Key:
/// https://ultracart.atlassian.net/wiki/spaces/ucdoc/pages/38688545/API+Simple+Key
/// </summary>
public class Introduction
{
public static void Execute()
{
Console.WriteLine("--- " + MethodBase.GetCurrentMethod()?.DeclaringType?.Name + " ---");
Console.WriteLine("See the other samples in this directory for fraud API usage.");
}
}
}
package fraud;
/**
* The Fraud API (alpha) lets you manage UltraCart's fraud rule engine programmatically.
* Fraud rules inspect incoming orders and take an action (flag for review, decline, exempt,
* etc.) when their conditions match. The API also exposes the lookup values you need to build
* rules and a quick way to decline a known-bad email address.
*
* The samples in this directory:
* GetFraudLookupValues.java - retrieve the lookup values (countries, affiliates, rule types,
* ip range types, rule groups) used when building rules.
* SearchFraudRules.java - search existing fraud rules by criteria.
* InsertFraudRule.java - create several fraud rules of different types.
* DeleteFraudRule.java - delete a fraud rule by its oid (self-contained: inserts one first).
* DeclineEmail.java - decline a specific email address.
*
* This key has fraud_read and fraud_write rights. Create a Simple Key:
* https://ultracart.atlassian.net/wiki/spaces/ucdoc/pages/38688545/API+Simple+Key
*/
public class Introduction {
public static void execute() {
System.out.println("--- Introduction ---");
System.out.println("See the other samples in this directory for fraud API usage.");
}
}
/**
* The Fraud API (alpha) lets you manage UltraCart's fraud rule engine programmatically.
* Fraud rules inspect incoming orders and take an action (flag for review, decline, exempt,
* etc.) when their conditions match. The API also exposes the lookup values you need to build
* rules and a quick way to decline a known-bad email address.
*
* The samples in this directory:
* getFraudLookupValues.js - retrieve the lookup values (countries, affiliates, rule types,
* ip range types, rule groups) used when building rules.
* searchFraudRules.js - search existing fraud rules by criteria.
* insertFraudRule.js - create several fraud rules of different types.
* deleteFraudRule.js - delete a fraud rule by its oid (self-contained: inserts one first).
* declineEmail.js - decline a specific email address.
*
* This key has fraud_read and fraud_write rights. Create a Simple Key:
* https://ultracart.atlassian.net/wiki/spaces/ucdoc/pages/38688545/API+Simple+Key
*/
<?php
/*
* The Fraud API (alpha) lets you manage UltraCart's fraud rule engine programmatically.
* Fraud rules inspect incoming orders and take an action (flag for review, decline, exempt,
* etc.) when their conditions match. The API also exposes the lookup values you need to build
* rules and a quick way to decline a known-bad email address.
*
* The samples in this directory:
* getFraudLookupValues.php - retrieve the lookup values (countries, affiliates, rule types,
* ip range types, rule groups) used when building rules.
* searchFraudRules.php - search existing fraud rules by criteria.
* insertFraudRule.php - create several fraud rules of different types.
* deleteFraudRule.php - delete a fraud rule by its oid (self-contained: inserts one first).
* declineEmail.php - decline a specific email address.
*
* This key has fraud_read and fraud_write rights. Create a Simple Key:
* https://ultracart.atlassian.net/wiki/spaces/ucdoc/pages/38688545/API+Simple+Key
*/
# The Fraud API (alpha) lets you manage UltraCart's fraud rule engine programmatically.
# Fraud rules inspect incoming orders and take an action (flag for review, decline, exempt,
# etc.) when their conditions match. The API also exposes the lookup values you need to build
# rules and a quick way to decline a known-bad email address.
#
# The samples in this directory:
# get_fraud_lookup_values.py - retrieve the lookup values (countries, affiliates, rule types,
# ip range types, rule groups) used when building rules.
# search_fraud_rules.py - search existing fraud rules by criteria.
# insert_fraud_rule.py - create several fraud rules of different types.
# delete_fraud_rule.py - delete a fraud rule by its oid (self-contained: inserts one first).
# decline_email.py - decline a specific email address.
#
# This key has fraud_read and fraud_write rights. Create a Simple Key:
# https://ultracart.atlassian.net/wiki/spaces/ucdoc/pages/38688545/API+Simple+Key
# frozen_string_literal: true
# The Fraud API (alpha) lets you manage UltraCart's fraud rule engine programmatically.
# Fraud rules inspect incoming orders and take an action (flag for review, decline, exempt,
# etc.) when their conditions match. The API also exposes the lookup values you need to build
# rules and a quick way to decline a known-bad email address.
#
# The samples in this directory:
# get_fraud_lookup_values.rb - retrieve the lookup values (countries, affiliates, rule types,
# ip range types, rule groups) used when building rules.
# search_fraud_rules.rb - search existing fraud rules by criteria.
# insert_fraud_rule.rb - create several fraud rules of different types.
# delete_fraud_rule.rb - delete a fraud rule by its oid (self-contained: inserts one first).
# decline_email.rb - decline a specific email address.
#
# This key has fraud_read and fraud_write rights. Create a Simple Key:
# https://ultracart.atlassian.net/wiki/spaces/ucdoc/pages/38688545/API+Simple+Key
/**
* The Fraud API (alpha) lets you manage UltraCart's fraud rule engine programmatically.
* Fraud rules inspect incoming orders and take an action (flag for review, decline, exempt,
* etc.) when their conditions match. The API also exposes the lookup values you need to build
* rules and a quick way to decline a known-bad email address.
*
* The samples in this directory:
* GetFraudLookupValues.ts - retrieve the lookup values (countries, affiliates, rule types,
* ip range types, rule groups) used when building rules.
* SearchFraudRules.ts - search existing fraud rules by criteria.
* InsertFraudRule.ts - create several fraud rules of different types.
* DeleteFraudRule.ts - delete a fraud rule by its oid (self-contained: inserts one first).
* DeclineEmail.ts - decline a specific email address.
*
* This key has fraud_read and fraud_write rights. Create a Simple Key:
* https://ultracart.atlassian.net/wiki/spaces/ucdoc/pages/38688545/API+Simple+Key
*/
export {};
Adds one email address to the fraud decline list for this merchant account.
SDK Function Name: declineEmail
| Parameter | Description | Location | Data Type | Required |
|---|---|---|---|---|
| fraud_decline_emails_request | Fraud decline emails request | body | FraudDeclineEmailRequest | required |
Request [Create API Key]
declineEmail is a shortcut for telling UltraCart to decline orders from a specific email address. It is the quick alternative to building a full "address email" fraud rule by hand. A successful call returns 204 No Content with an empty body.
curl -X POST "https://secure.ultracart.com/rest/v2/fraud/decline_email" \
-H "Accept: application/json" \
-H "Content-Type: application/json; charset=utf-8" \
-H "X-UltraCart-Api-Version: 2017-03-01" \
-H "x-ultracart-simple-key: fbfa455fa3bc2e019e456ffe06200100122d966fc28870019e456ffe08200100" \
-d $'{
"email": "chargeback-charlie@example.com"
}'
Response Headers
Status: 204 No Content
Response Body
(empty)
using System;
using System.Reflection;
using com.ultracart.admin.v2.Api;
using com.ultracart.admin.v2.Model;
namespace SdkSample.fraud
{
public class DeclineEmail
{
public static void Execute()
{
Console.WriteLine("--- " + MethodBase.GetCurrentMethod()?.DeclaringType?.Name + " ---");
try
{
// declineEmail is a shortcut for telling UltraCart to decline orders from a specific
// email address. It is the quick alternative to building a full "address email" fraud
// rule by hand.
FraudApi fraudApi = new FraudApi(Constants.ApiKey);
FraudDeclineEmailRequest declineRequest = new FraudDeclineEmailRequest();
declineRequest.Email = "chargeback-charlie@example.com";
fraudApi.DeclineEmail(declineRequest);
Console.WriteLine("Declined email: " + declineRequest.Email);
}
catch (Exception e)
{
Console.WriteLine("Exception: " + e.Message);
}
}
}
}
package fraud;
import com.ultracart.admin.v2.FraudApi;
import com.ultracart.admin.v2.models.FraudDeclineEmailRequest;
import com.ultracart.admin.v2.util.ApiException;
import common.Constants;
/**
* declineEmail is a shortcut for telling UltraCart to decline orders from a specific email
* address. It is the quick alternative to building a full "address email" fraud rule by hand.
*/
public class DeclineEmail {
public static void execute() {
System.out.println("--- DeclineEmail ---");
try {
FraudApi fraudApi = new FraudApi(Constants.API_KEY);
FraudDeclineEmailRequest declineRequest = new FraudDeclineEmailRequest();
declineRequest.setEmail("chargeback-charlie@example.com");
fraudApi.declineEmail(declineRequest);
System.out.println("Declined email: " + declineRequest.getEmail());
} catch (ApiException e) {
System.out.println("Exception: " + e.getMessage());
}
}
}
import { fraudApi } from "../api.js";
/**
* declineEmail is a shortcut for telling UltraCart to decline orders from a specific email
* address. It is the quick alternative to building a full "address email" fraud rule by hand.
*/
export async function declineEmail() {
console.log(`--- ${declineEmail.name} ---`);
const declineRequest = {
email: "chargeback-charlie@example.com",
};
try {
await new Promise((resolve, reject) => {
fraudApi.declineEmail(declineRequest, function (error, data, response) {
if (error) {
reject(error);
} else {
resolve(data, response);
}
});
});
console.log(`Declined email: ${declineRequest.email}`);
} catch (error) {
console.error(`Error: ${error instanceof Error ? error.message : 'Unknown error'}`);
console.error(error instanceof Error ? error.stack : error);
}
}
// Optional: If you want to call the function
// declineEmail().catch(console.error);
<?php
ini_set('display_errors', 1);
/*
* declineEmail is a shortcut for telling UltraCart to decline orders from a specific email
* address. It is the quick alternative to building a full "address email" fraud rule by hand.
*/
require_once '../vendor/autoload.php';
require_once '../samples.php';
use ultracart\v2\models\FraudDeclineEmailRequest;
$fraud_api = Samples::getFraudApi();
$decline_request = new FraudDeclineEmailRequest();
$decline_request->setEmail('chargeback-charlie@example.com');
$fraud_api->declineEmail($decline_request);
echo "Declined email: " . $decline_request->getEmail() . "\n";
from ultracart.apis import FraudApi
from ultracart.models import FraudDeclineEmailRequest
from samples import api_client
# decline_email is a shortcut for telling UltraCart to decline orders from a specific email
# address. It is the quick alternative to building a full "address email" fraud rule by hand.
def decline_email():
fraud_api = FraudApi(api_client())
decline_request = FraudDeclineEmailRequest()
decline_request.email = 'chargeback-charlie@example.com'
fraud_api.decline_email(decline_request)
print(f"Declined email: {decline_request.email}")
if __name__ == "__main__":
decline_email()
# frozen_string_literal: true
require 'ultracart_api'
require_relative '../constants'
# decline_email is a shortcut for telling UltraCart to decline orders from a specific email
# address. It is the quick alternative to building a full "address email" fraud rule by hand.
fraud_api = UltracartClient::FraudApi.new_using_api_key(Constants::API_KEY, Constants::VERIFY_SSL, Constants::DEBUG_MODE)
decline_request = UltracartClient::FraudDeclineEmailRequest.new(
email: 'chargeback-charlie@example.com'
)
fraud_api.decline_email(decline_request)
puts "Declined email: #{decline_request.email}"
import { fraudApi } from "../api";
/**
* declineEmail is a shortcut for telling UltraCart to decline orders from a specific email
* address. It is the quick alternative to building a full "address email" fraud rule by hand.
*/
export async function declineEmail(): Promise<void> {
console.log(`--- ${declineEmail.name} ---`);
const email = "chargeback-charlie@example.com";
try {
await fraudApi.declineEmail({ fraudDeclineEmailsRequest: { email } });
console.log(`Declined email: ${email}`);
} catch (error) {
console.error(`Error: ${error instanceof Error ? error.message : 'Unknown error'}`);
console.error(error instanceof Error ? error.stack : error);
}
}
// Optional: If you want to call the function
// declineEmail().catch(console.error);
Returns the dropdown values required to build valid fraud rule insert and search requests. Includes rule types, failure actions, user actions, IP range types, AVS match types, the merchant's rotating transaction gateways, screen branding themes, countries, and affiliates.
SDK Function Name: getFraudLookupValues
| Status Code | Reason | Response Model |
|---|---|---|
200 |
Successful response | FraudLookupValuesResponse |
401 |
Unauthorized | 401 |
410 |
Authorized Application Disabled | 410 |
429 |
Too Many Requests | 429 |
500 |
Server Side | 500 |
Request [Create API Key]
getFraudLookupValues returns the lookup values used when building fraud rules: the allowed rule types, rule groups, failure actions, user actions, ip range types, countries, and affiliates. Call this first when constructing a rule so you supply valid values.
curl -X GET "https://secure.ultracart.com/rest/v2/fraud/lookup_values" \
-H "Accept: application/json" \
-H "X-UltraCart-Api-Version: 2017-03-01" \
-H "x-ultracart-simple-key: fbfa455fa3bc2e019e456ffe06200100122d966fc28870019e456ffe08200100"
Response Headers
Status: 200 OK
Content-Type: application/json; charset=UTF-8
Response Body
{
"fraud_lookup_values": {
"rule_types": [
"credit card single transaction exceeds",
"ip matches",
"address email",
"address not in country",
"credit card block prepaid",
"ip daily transaction count exceeds"
],
"rule_groups": [
"exemptRules",
"creditCardRules",
"ipRules",
"addressRules",
"affiliateRules",
"itemRules",
"orderRules",
"browserRules"
],
"failure_actions": [
"Flag For Review",
"Process Payment and Modify",
"Process Payment and Review",
"Decline Transaction",
"Exempt"
],
"ip_range_types": [
"address",
"subnet"
]
},
"success": true,
"metadata": {}
}
using System;
using System.Reflection;
using com.ultracart.admin.v2.Api;
using com.ultracart.admin.v2.Model;
namespace SdkSample.fraud
{
public class GetFraudLookupValues
{
public static void Execute()
{
Console.WriteLine("--- " + MethodBase.GetCurrentMethod()?.DeclaringType?.Name + " ---");
try
{
// getFraudLookupValues returns the lookup values used when building fraud rules:
// the allowed countries, affiliates, ip range types, rule groups, and rule types.
// Call this first when constructing a rule so you supply valid values.
FraudApi fraudApi = new FraudApi(Constants.ApiKey);
FraudLookupValuesResponse apiResponse = fraudApi.GetFraudLookupValues();
FraudLookupValues lookupValues = apiResponse.FraudLookupValues;
Console.WriteLine("Rule types: " + lookupValues.RuleTypes);
Console.WriteLine("Rule groups: " + lookupValues.RuleGroups);
Console.WriteLine("IP range types: " + lookupValues.IpRangeTypes);
Console.WriteLine("Countries: " + lookupValues.Countries);
}
catch (Exception e)
{
Console.WriteLine("Exception: " + e.Message);
}
}
}
}
package fraud;
import com.ultracart.admin.v2.FraudApi;
import com.ultracart.admin.v2.models.FraudLookupValues;
import com.ultracart.admin.v2.models.FraudLookupValuesResponse;
import com.ultracart.admin.v2.util.ApiException;
import common.Constants;
/**
* getFraudLookupValues returns the lookup values used when building fraud rules:
* the allowed countries, affiliates, ip range types, rule groups, and rule types.
* Call this first when constructing a rule so you supply valid values.
*/
public class GetFraudLookupValues {
public static void execute() {
System.out.println("--- GetFraudLookupValues ---");
try {
FraudApi fraudApi = new FraudApi(Constants.API_KEY);
FraudLookupValuesResponse apiResponse = fraudApi.getFraudLookupValues();
FraudLookupValues lookupValues = apiResponse.getFraudLookupValues();
System.out.println("Rule types: " + lookupValues.getRuleTypes());
System.out.println("Rule groups: " + lookupValues.getRuleGroups());
System.out.println("IP range types: " + lookupValues.getIpRangeTypes());
System.out.println("Countries: " + lookupValues.getCountries());
} catch (ApiException e) {
System.out.println("Exception: " + e.getMessage());
}
}
}
import { fraudApi } from "../api.js";
/**
* getFraudLookupValues returns the lookup values used when building fraud rules:
* the allowed countries, affiliates, ip range types, rule groups, and rule types.
* Call this first when constructing a rule so you supply valid values.
*/
export async function getFraudLookupValues() {
console.log(`--- ${getFraudLookupValues.name} ---`);
try {
const apiResponse = await new Promise((resolve, reject) => {
fraudApi.getFraudLookupValues(function (error, data, response) {
if (error) {
reject(error);
} else {
resolve(data, response);
}
});
});
const lookupValues = apiResponse.fraud_lookup_values || {};
console.log("Rule types:", lookupValues.rule_types);
console.log("Rule groups:", lookupValues.rule_groups);
console.log("IP range types:", lookupValues.ip_range_types);
console.log("Countries:", lookupValues.countries);
} catch (error) {
console.error(`Error: ${error instanceof Error ? error.message : 'Unknown error'}`);
console.error(error instanceof Error ? error.stack : error);
}
}
// Optional: If you want to call the function
// getFraudLookupValues().catch(console.error);
<?php
ini_set('display_errors', 1);
/*
* getFraudLookupValues returns the lookup values used when building fraud rules:
* the allowed countries, affiliates, ip range types, rule groups, and rule types.
* Call this first when constructing a rule so you supply valid values.
*/
require_once '../vendor/autoload.php';
require_once '../samples.php';
$fraud_api = Samples::getFraudApi();
$api_response = $fraud_api->getFraudLookupValues();
$lookup_values = $api_response->getFraudLookupValues();
echo "Rule types:\n";
var_dump($lookup_values->getRuleTypes());
echo "Rule groups:\n";
var_dump($lookup_values->getRuleGroups());
echo "IP range types:\n";
var_dump($lookup_values->getIpRangeTypes());
echo "Countries:\n";
var_dump($lookup_values->getCountries());
from ultracart.apis import FraudApi
from samples import api_client
# get_fraud_lookup_values returns the lookup values used when building fraud rules:
# the allowed countries, affiliates, ip range types, rule groups, and rule types.
# Call this first when constructing a rule so you supply valid values.
def get_fraud_lookup_values():
fraud_api = FraudApi(api_client())
api_response = fraud_api.get_fraud_lookup_values()
lookup_values = api_response.fraud_lookup_values
print("Rule types:")
print(lookup_values.rule_types)
print("Rule groups:")
print(lookup_values.rule_groups)
print("IP range types:")
print(lookup_values.ip_range_types)
print("Countries:")
print(lookup_values.countries)
if __name__ == "__main__":
get_fraud_lookup_values()
# frozen_string_literal: true
require 'ultracart_api'
require_relative '../constants'
# get_fraud_lookup_values returns the lookup values used when building fraud rules:
# the allowed countries, affiliates, ip range types, rule groups, and rule types.
# Call this first when constructing a rule so you supply valid values.
fraud_api = UltracartClient::FraudApi.new_using_api_key(Constants::API_KEY, Constants::VERIFY_SSL, Constants::DEBUG_MODE)
api_response = fraud_api.get_fraud_lookup_values
lookup_values = api_response.fraud_lookup_values
puts 'Rule types:'
puts lookup_values.rule_types.inspect
puts 'Rule groups:'
puts lookup_values.rule_groups.inspect
puts 'IP range types:'
puts lookup_values.ip_range_types.inspect
puts 'Countries:'
puts lookup_values.countries.inspect
import { fraudApi } from "../api";
/**
* getFraudLookupValues returns the lookup values used when building fraud rules:
* the allowed countries, affiliates, ip range types, rule groups, and rule types.
* Call this first when constructing a rule so you supply valid values.
*/
export async function getFraudLookupValues(): Promise<void> {
console.log(`--- ${getFraudLookupValues.name} ---`);
try {
const apiResponse = await fraudApi.getFraudLookupValues();
const lookupValues = apiResponse.fraud_lookup_values || {};
console.log("Rule types:", lookupValues.rule_types);
console.log("Rule groups:", lookupValues.rule_groups);
console.log("IP range types:", lookupValues.ip_range_types);
console.log("Countries:", lookupValues.countries);
} catch (error) {
console.error(`Error: ${error instanceof Error ? error.message : 'Unknown error'}`);
console.error(error instanceof Error ? error.stack : error);
}
}
// Optional: If you want to call the function
// getFraudLookupValues().catch(console.error);
Creates a fraud rule for this merchant account. Field names in the request body are semantic (eg amount_threshold, email, ip_address). Call GET /v2/fraud/lookup_values for the list of valid rule_type, failure_action, and related dropdown values. The 'credit card matches' rule type is not supported via REST.
SDK Function Name: insertFraudRule
| Parameter | Description | Location | Data Type | Required |
|---|---|---|---|---|
| fraud_rule_insert_request | Fraud rule insert request | body | FraudRuleInsertRequest | required |
Request [Create API Key]
insertFraudRule creates a single fraud rule. Each rule has a rule_type (what it inspects), a failure_action (what happens when it matches), and type-specific fields such as an amount threshold, country code, ip address, or email. This example flags large single credit card transactions over $1,000 for manual review. Call getFraudLookupValues.curl to see every valid rule_type and the other lookup values.
curl -X POST "https://secure.ultracart.com/rest/v2/fraud/rules" \
-H "Accept: application/json" \
-H "Content-Type: application/json; charset=utf-8" \
-H "X-UltraCart-Api-Version: 2017-03-01" \
-H "x-ultracart-simple-key: fbfa455fa3bc2e019e456ffe06200100122d966fc28870019e456ffe08200100" \
-d $'{
"rule_type": "credit card single transaction exceeds",
"amount_threshold": 1000.00,
"failure_action": "Flag For Review",
"auto_note": "Large single transaction - review before shipping"
}'
Response Headers
Status: 200 OK
Content-Type: application/json; charset=UTF-8
Response Body
{
"fraud_rule": {
"fraud_rule_oid": 2706022,
"rule_type": "credit card single transaction exceeds",
"rule_group": "creditCardRules",
"failure_action": "Flag For Review",
"auto_note": "Large single transaction - review before shipping",
"description": "If transaction amount exceeds 1000.00, then flag for review",
"amount_threshold": 1000.0,
"created_by": "API",
"created_dts": "2026-06-03T06:56:28-04:00"
},
"success": true,
"metadata": {}
}
using System;
using System.Collections.Generic;
using System.Reflection;
using com.ultracart.admin.v2.Api;
using com.ultracart.admin.v2.Model;
namespace SdkSample.fraud
{
public class InsertFraudRule
{
public static void Execute()
{
Console.WriteLine("--- " + MethodBase.GetCurrentMethod()?.DeclaringType?.Name + " ---");
try
{
// insertFraudRule creates a single fraud rule. Each rule has a rule_type (what it
// inspects), a failure_action (what happens when it matches), and type-specific fields
// such as an amount threshold, country code, ip address, or email.
//
// This sample has some fun and inserts several rules of different types in one run.
// Call GetFraudLookupValues.cs to see every valid rule_type and the other lookup values.
FraudApi fraudApi = new FraudApi(Constants.ApiKey);
List<FraudRuleInsertRequest> rules = new List<FraudRuleInsertRequest>();
// 1. Decline any order placed with a known-bad email address.
FraudRuleInsertRequest emailRule = new FraudRuleInsertRequest();
emailRule.RuleType = FraudRuleInsertRequest.RuleTypeEnum.Addressemail;
emailRule.Email = "chargeback-charlie@example.com";
emailRule.FailureAction = FraudRuleInsertRequest.FailureActionEnum.DeclineTransaction;
emailRule.AutoNote = "Known chargeback email - decline on sight";
rules.Add(emailRule);
// 2. Flag large single credit card transactions over $1,000 for manual review.
FraudRuleInsertRequest largeTxnRule = new FraudRuleInsertRequest();
largeTxnRule.RuleType = FraudRuleInsertRequest.RuleTypeEnum.Creditcardsingletransactionexceeds;
largeTxnRule.AmountThreshold = 1000.00m;
largeTxnRule.FailureAction = FraudRuleInsertRequest.FailureActionEnum.FlagForReview;
largeTxnRule.AutoNote = "Large single transaction - review before shipping";
rules.Add(largeTxnRule);
// 3. Decline orders that ship outside the United States.
FraudRuleInsertRequest countryRule = new FraudRuleInsertRequest();
countryRule.RuleType = FraudRuleInsertRequest.RuleTypeEnum.Addressnotincountry;
countryRule.CountryCode = "US";
countryRule.FailureAction = FraudRuleInsertRequest.FailureActionEnum.DeclineTransaction;
countryRule.AutoNote = "Domestic shipping only";
rules.Add(countryRule);
// 4. Decline transactions originating from a specific bad IP address.
FraudRuleInsertRequest ipRule = new FraudRuleInsertRequest();
ipRule.RuleType = FraudRuleInsertRequest.RuleTypeEnum.Ipmatches;
ipRule.IpAddress = "203.0.113.66";
ipRule.IpRangeType = FraudRuleInsertRequest.IpRangeTypeEnum.Address;
ipRule.FailureAction = FraudRuleInsertRequest.FailureActionEnum.DeclineTransaction;
ipRule.AutoNote = "Blocked IP address";
rules.Add(ipRule);
// 5. Flag prepaid credit cards for review.
FraudRuleInsertRequest prepaidRule = new FraudRuleInsertRequest();
prepaidRule.RuleType = FraudRuleInsertRequest.RuleTypeEnum.Creditcardblockprepaid;
prepaidRule.FailureAction = FraudRuleInsertRequest.FailureActionEnum.FlagForReview;
prepaidRule.AutoNote = "Prepaid card - take a closer look";
rules.Add(prepaidRule);
// 6. Flag a customer IP making more than 10 transactions in a single day.
FraudRuleInsertRequest velocityRule = new FraudRuleInsertRequest();
velocityRule.RuleType = FraudRuleInsertRequest.RuleTypeEnum.Ipdailytransactioncountexceeds;
velocityRule.CountThreshold = 10;
velocityRule.IpRangeType = FraudRuleInsertRequest.IpRangeTypeEnum.Address;
velocityRule.UserAction = FraudRuleInsertRequest.UserActionEnum.Attempted;
velocityRule.FailureAction = FraudRuleInsertRequest.FailureActionEnum.FlagForReview;
velocityRule.AutoNote = "IP velocity - more than 10 orders in a day";
rules.Add(velocityRule);
foreach (FraudRuleInsertRequest rule in rules)
{
FraudRuleResponse apiResponse = fraudApi.InsertFraudRule(rule);
FraudRulePublic created = apiResponse.FraudRule;
Console.WriteLine("Inserted '" + rule.RuleType + "' rule, oid = " + created.FraudRuleOid);
}
}
catch (Exception e)
{
Console.WriteLine("Exception: " + e.Message);
}
}
}
}
package fraud;
import com.ultracart.admin.v2.FraudApi;
import com.ultracart.admin.v2.models.FraudRuleInsertRequest;
import com.ultracart.admin.v2.models.FraudRulePublic;
import com.ultracart.admin.v2.models.FraudRuleResponse;
import com.ultracart.admin.v2.util.ApiException;
import common.Constants;
import java.math.BigDecimal;
import java.util.ArrayList;
import java.util.List;
/**
* insertFraudRule creates a single fraud rule. Each rule has a rule_type (what it inspects),
* a failure_action (what happens when it matches), and type-specific fields such as an amount
* threshold, country code, ip address, or email.
*
* This sample has some fun and inserts several rules of different types in one run. Call
* GetFraudLookupValues.java to see every valid rule_type and the other lookup values.
*/
public class InsertFraudRule {
public static void execute() {
System.out.println("--- InsertFraudRule ---");
try {
FraudApi fraudApi = new FraudApi(Constants.API_KEY);
List<FraudRuleInsertRequest> rules = new ArrayList<>();
// 1. Decline any order placed with a known-bad email address.
FraudRuleInsertRequest emailRule = new FraudRuleInsertRequest();
emailRule.setRuleType(FraudRuleInsertRequest.RuleTypeEnum.ADDRESS_EMAIL);
emailRule.setEmail("chargeback-charlie@example.com");
emailRule.setFailureAction(FraudRuleInsertRequest.FailureActionEnum.DECLINE_TRANSACTION);
emailRule.setAutoNote("Known chargeback email - decline on sight");
rules.add(emailRule);
// 2. Flag large single credit card transactions over $1,000 for manual review.
FraudRuleInsertRequest largeTxnRule = new FraudRuleInsertRequest();
largeTxnRule.setRuleType(FraudRuleInsertRequest.RuleTypeEnum.CREDIT_CARD_SINGLE_TRANSACTION_EXCEEDS);
largeTxnRule.setAmountThreshold(BigDecimal.valueOf(1000.00));
largeTxnRule.setFailureAction(FraudRuleInsertRequest.FailureActionEnum.FLAG_FOR_REVIEW);
largeTxnRule.setAutoNote("Large single transaction - review before shipping");
rules.add(largeTxnRule);
// 3. Decline orders that ship outside the United States.
FraudRuleInsertRequest countryRule = new FraudRuleInsertRequest();
countryRule.setRuleType(FraudRuleInsertRequest.RuleTypeEnum.ADDRESS_NOT_IN_COUNTRY);
countryRule.setCountryCode("US");
countryRule.setFailureAction(FraudRuleInsertRequest.FailureActionEnum.DECLINE_TRANSACTION);
countryRule.setAutoNote("Domestic shipping only");
rules.add(countryRule);
// 4. Decline transactions originating from a specific bad IP address.
FraudRuleInsertRequest ipRule = new FraudRuleInsertRequest();
ipRule.setRuleType(FraudRuleInsertRequest.RuleTypeEnum.IP_MATCHES);
ipRule.setIpAddress("203.0.113.66");
ipRule.setIpRangeType(FraudRuleInsertRequest.IpRangeTypeEnum.ADDRESS);
ipRule.setFailureAction(FraudRuleInsertRequest.FailureActionEnum.DECLINE_TRANSACTION);
ipRule.setAutoNote("Blocked IP address");
rules.add(ipRule);
// 5. Flag prepaid credit cards for review.
FraudRuleInsertRequest prepaidRule = new FraudRuleInsertRequest();
prepaidRule.setRuleType(FraudRuleInsertRequest.RuleTypeEnum.CREDIT_CARD_BLOCK_PREPAID);
prepaidRule.setFailureAction(FraudRuleInsertRequest.FailureActionEnum.FLAG_FOR_REVIEW);
prepaidRule.setAutoNote("Prepaid card - take a closer look");
rules.add(prepaidRule);
// 6. Flag a customer IP making more than 10 transactions in a single day.
FraudRuleInsertRequest velocityRule = new FraudRuleInsertRequest();
velocityRule.setRuleType(FraudRuleInsertRequest.RuleTypeEnum.IP_DAILY_TRANSACTION_COUNT_EXCEEDS);
velocityRule.setCountThreshold(10);
velocityRule.setIpRangeType(FraudRuleInsertRequest.IpRangeTypeEnum.ADDRESS);
velocityRule.setUserAction(FraudRuleInsertRequest.UserActionEnum.ATTEMPTED);
velocityRule.setFailureAction(FraudRuleInsertRequest.FailureActionEnum.FLAG_FOR_REVIEW);
velocityRule.setAutoNote("IP velocity - more than 10 orders in a day");
rules.add(velocityRule);
for (FraudRuleInsertRequest rule : rules) {
FraudRuleResponse apiResponse = fraudApi.insertFraudRule(rule);
FraudRulePublic created = apiResponse.getFraudRule();
System.out.println("Inserted '" + rule.getRuleType() + "' rule, oid = " + created.getFraudRuleOid());
}
} catch (ApiException e) {
System.out.println("Exception: " + e.getMessage());
}
}
}
import { fraudApi } from "../api.js";
/**
* insertFraudRule creates a single fraud rule. Each rule has a rule_type (what it inspects),
* a failure_action (what happens when it matches), and type-specific fields such as an amount
* threshold, country code, ip address, or email.
*
* This sample has some fun and inserts several rules of different types in one run. Call
* getFraudLookupValues.js to see every valid rule_type and the other lookup values.
*/
export async function insertFraudRule() {
console.log(`--- ${insertFraudRule.name} ---`);
// Build a handful of rules covering different rule types.
const rules = [
// 1. Decline any order placed with a known-bad email address.
{
rule_type: "address email",
email: "chargeback-charlie@example.com",
failure_action: "Decline Transaction",
auto_note: "Known chargeback email - decline on sight",
},
// 2. Flag large single credit card transactions over $1,000 for manual review.
{
rule_type: "credit card single transaction exceeds",
amount_threshold: 1000.0,
failure_action: "Flag For Review",
auto_note: "Large single transaction - review before shipping",
},
// 3. Decline orders that ship outside the United States.
{
rule_type: "address not in country",
country_code: "US",
failure_action: "Decline Transaction",
auto_note: "Domestic shipping only",
},
// 4. Decline transactions originating from a specific bad IP address.
{
rule_type: "ip matches",
ip_address: "203.0.113.66",
ip_range_type: "address",
failure_action: "Decline Transaction",
auto_note: "Blocked IP address",
},
// 5. Flag prepaid credit cards for review.
{
rule_type: "credit card block prepaid",
failure_action: "Flag For Review",
auto_note: "Prepaid card - take a closer look",
},
// 6. Flag a customer IP making more than 10 transactions in a single day.
{
rule_type: "ip daily transaction count exceeds",
count_threshold: 10,
ip_range_type: "address",
user_action: "Attempted",
failure_action: "Flag For Review",
auto_note: "IP velocity - more than 10 orders in a day",
},
];
try {
for (const rule of rules) {
const apiResponse = await new Promise((resolve, reject) => {
fraudApi.insertFraudRule(rule, function (error, data, response) {
if (error) {
reject(error);
} else {
resolve(data, response);
}
});
});
const created = apiResponse.fraud_rule || {};
console.log(`Inserted '${rule.rule_type}' rule, oid = ${created.fraud_rule_oid}`);
}
} catch (error) {
console.error(`Error: ${error instanceof Error ? error.message : 'Unknown error'}`);
console.error(error instanceof Error ? error.stack : error);
}
}
// Optional: If you want to call the function
// insertFraudRule().catch(console.error);
<?php
ini_set('display_errors', 1);
/*
* insertFraudRule creates a single fraud rule. Each rule has a rule_type (what it inspects),
* a failure_action (what happens when it matches), and type-specific fields such as an amount
* threshold, country code, ip address, or email.
*
* This sample has some fun and inserts several rules of different types in one run. Call
* getFraudLookupValues.php to see every valid rule_type and the other lookup values.
*/
require_once '../vendor/autoload.php';
require_once '../samples.php';
use ultracart\v2\models\FraudRuleInsertRequest;
$fraud_api = Samples::getFraudApi();
// Build a handful of rules covering different rule types.
$rules = [];
// 1. Decline any order placed with a known-bad email address.
$rule = new FraudRuleInsertRequest();
$rule->setRuleType('address email');
$rule->setEmail('chargeback-charlie@example.com');
$rule->setFailureAction('Decline Transaction');
$rule->setAutoNote('Known chargeback email - decline on sight');
$rules[] = $rule;
// 2. Flag large single credit card transactions over $1,000 for manual review.
$rule = new FraudRuleInsertRequest();
$rule->setRuleType('credit card single transaction exceeds');
$rule->setAmountThreshold(1000.00);
$rule->setFailureAction('Flag For Review');
$rule->setAutoNote('Large single transaction - review before shipping');
$rules[] = $rule;
// 3. Decline orders that ship outside the United States.
$rule = new FraudRuleInsertRequest();
$rule->setRuleType('address not in country');
$rule->setCountryCode('US');
$rule->setFailureAction('Decline Transaction');
$rule->setAutoNote('Domestic shipping only');
$rules[] = $rule;
// 4. Decline transactions originating from a specific bad IP address.
$rule = new FraudRuleInsertRequest();
$rule->setRuleType('ip matches');
$rule->setIpAddress('203.0.113.66');
$rule->setIpRangeType('address');
$rule->setFailureAction('Decline Transaction');
$rule->setAutoNote('Blocked IP address');
$rules[] = $rule;
// 5. Flag prepaid credit cards for review.
$rule = new FraudRuleInsertRequest();
$rule->setRuleType('credit card block prepaid');
$rule->setFailureAction('Flag For Review');
$rule->setAutoNote('Prepaid card - take a closer look');
$rules[] = $rule;
// 6. Flag a customer IP making more than 10 transactions in a single day.
$rule = new FraudRuleInsertRequest();
$rule->setRuleType('ip daily transaction count exceeds');
$rule->setCountThreshold(10);
$rule->setIpRangeType('address');
$rule->setUserAction('Attempted');
$rule->setFailureAction('Flag For Review');
$rule->setAutoNote('IP velocity - more than 10 orders in a day');
$rules[] = $rule;
foreach ($rules as $rule) {
$api_response = $fraud_api->insertFraudRule($rule);
$created = $api_response->getFraudRule();
echo "Inserted '" . $rule->getRuleType() . "' rule, oid = " . $created->getFraudRuleOid() . "\n";
}
from ultracart.apis import FraudApi
from ultracart.models import FraudRuleInsertRequest
from samples import api_client
# insert_fraud_rule creates a single fraud rule. Each rule has a rule_type (what it inspects),
# a failure_action (what happens when it matches), and type-specific fields such as an amount
# threshold, country code, ip address, or email.
#
# This sample has some fun and inserts several rules of different types in one run. Call
# get_fraud_lookup_values.py to see every valid rule_type and the other lookup values.
def insert_fraud_rule():
fraud_api = FraudApi(api_client())
rules = []
# 1. Decline any order placed with a known-bad email address.
rule = FraudRuleInsertRequest()
rule.rule_type = 'address email'
rule.email = 'chargeback-charlie@example.com'
rule.failure_action = 'Decline Transaction'
rule.auto_note = 'Known chargeback email - decline on sight'
rules.append(rule)
# 2. Flag large single credit card transactions over $1,000 for manual review.
rule = FraudRuleInsertRequest()
rule.rule_type = 'credit card single transaction exceeds'
rule.amount_threshold = 1000.00
rule.failure_action = 'Flag For Review'
rule.auto_note = 'Large single transaction - review before shipping'
rules.append(rule)
# 3. Decline orders that ship outside the United States.
rule = FraudRuleInsertRequest()
rule.rule_type = 'address not in country'
rule.country_code = 'US'
rule.failure_action = 'Decline Transaction'
rule.auto_note = 'Domestic shipping only'
rules.append(rule)
# 4. Decline transactions originating from a specific bad IP address.
rule = FraudRuleInsertRequest()
rule.rule_type = 'ip matches'
rule.ip_address = '203.0.113.66'
rule.ip_range_type = 'address'
rule.failure_action = 'Decline Transaction'
rule.auto_note = 'Blocked IP address'
rules.append(rule)
# 5. Flag prepaid credit cards for review.
rule = FraudRuleInsertRequest()
rule.rule_type = 'credit card block prepaid'
rule.failure_action = 'Flag For Review'
rule.auto_note = 'Prepaid card - take a closer look'
rules.append(rule)
# 6. Flag a customer IP making more than 10 transactions in a single day.
rule = FraudRuleInsertRequest()
rule.rule_type = 'ip daily transaction count exceeds'
rule.count_threshold = 10
rule.ip_range_type = 'address'
rule.user_action = 'Attempted'
rule.failure_action = 'Flag For Review'
rule.auto_note = 'IP velocity - more than 10 orders in a day'
rules.append(rule)
for rule in rules:
api_response = fraud_api.insert_fraud_rule(rule)
created = api_response.fraud_rule
print(f"Inserted '{rule.rule_type}' rule, oid = {created.fraud_rule_oid}")
if __name__ == "__main__":
insert_fraud_rule()
# frozen_string_literal: true
require 'ultracart_api'
require_relative '../constants'
# insert_fraud_rule creates a single fraud rule. Each rule has a rule_type (what it inspects),
# a failure_action (what happens when it matches), and type-specific fields such as an amount
# threshold, country code, ip address, or email.
#
# This sample has some fun and inserts several rules of different types in one run. Call
# get_fraud_lookup_values.rb to see every valid rule_type and the other lookup values.
fraud_api = UltracartClient::FraudApi.new_using_api_key(Constants::API_KEY, Constants::VERIFY_SSL, Constants::DEBUG_MODE)
rules = []
# 1. Decline any order placed with a known-bad email address.
rules << UltracartClient::FraudRuleInsertRequest.new(
rule_type: 'address email',
email: 'chargeback-charlie@example.com',
failure_action: 'Decline Transaction',
auto_note: 'Known chargeback email - decline on sight'
)
# 2. Flag large single credit card transactions over $1,000 for manual review.
rules << UltracartClient::FraudRuleInsertRequest.new(
rule_type: 'credit card single transaction exceeds',
amount_threshold: 1000.00,
failure_action: 'Flag For Review',
auto_note: 'Large single transaction - review before shipping'
)
# 3. Decline orders that ship outside the United States.
rules << UltracartClient::FraudRuleInsertRequest.new(
rule_type: 'address not in country',
country_code: 'US',
failure_action: 'Decline Transaction',
auto_note: 'Domestic shipping only'
)
# 4. Decline transactions originating from a specific bad IP address.
rules << UltracartClient::FraudRuleInsertRequest.new(
rule_type: 'ip matches',
ip_address: '203.0.113.66',
ip_range_type: 'address',
failure_action: 'Decline Transaction',
auto_note: 'Blocked IP address'
)
# 5. Flag prepaid credit cards for review.
rules << UltracartClient::FraudRuleInsertRequest.new(
rule_type: 'credit card block prepaid',
failure_action: 'Flag For Review',
auto_note: 'Prepaid card - take a closer look'
)
# 6. Flag a customer IP making more than 10 transactions in a single day.
rules << UltracartClient::FraudRuleInsertRequest.new(
rule_type: 'ip daily transaction count exceeds',
count_threshold: 10,
ip_range_type: 'address',
user_action: 'Attempted',
failure_action: 'Flag For Review',
auto_note: 'IP velocity - more than 10 orders in a day'
)
rules.each do |rule|
api_response = fraud_api.insert_fraud_rule(rule)
created = api_response.fraud_rule
puts "Inserted '#{rule.rule_type}' rule, oid = #{created.fraud_rule_oid}"
end
import { fraudApi } from "../api";
import { FraudRuleInsertRequest } from 'ultracart_rest_api_v2_typescript';
/**
* insertFraudRule creates a single fraud rule. Each rule has a rule_type (what it inspects),
* a failure_action (what happens when it matches), and type-specific fields such as an amount
* threshold, country code, ip address, or email.
*
* This sample has some fun and inserts several rules of different types in one run. Call
* GetFraudLookupValues.ts to see every valid rule_type and the other lookup values.
*/
export async function insertFraudRule(): Promise<void> {
console.log(`--- ${insertFraudRule.name} ---`);
// Build a handful of rules covering different rule types.
const rules: FraudRuleInsertRequest[] = [
// 1. Decline any order placed with a known-bad email address.
{
rule_type: "address email",
email: "chargeback-charlie@example.com",
failure_action: "Decline Transaction",
auto_note: "Known chargeback email - decline on sight",
},
// 2. Flag large single credit card transactions over $1,000 for manual review.
{
rule_type: "credit card single transaction exceeds",
amount_threshold: 1000.0,
failure_action: "Flag For Review",
auto_note: "Large single transaction - review before shipping",
},
// 3. Decline orders that ship outside the United States.
{
rule_type: "address not in country",
country_code: "US",
failure_action: "Decline Transaction",
auto_note: "Domestic shipping only",
},
// 4. Decline transactions originating from a specific bad IP address.
{
rule_type: "ip matches",
ip_address: "203.0.113.66",
ip_range_type: "address",
failure_action: "Decline Transaction",
auto_note: "Blocked IP address",
},
// 5. Flag prepaid credit cards for review.
{
rule_type: "credit card block prepaid",
failure_action: "Flag For Review",
auto_note: "Prepaid card - take a closer look",
},
// 6. Flag a customer IP making more than 10 transactions in a single day.
{
rule_type: "ip daily transaction count exceeds",
count_threshold: 10,
ip_range_type: "address",
user_action: "Attempted",
failure_action: "Flag For Review",
auto_note: "IP velocity - more than 10 orders in a day",
},
];
try {
for (const rule of rules) {
const apiResponse = await fraudApi.insertFraudRule({ fraudRuleInsertRequest: rule });
const created = apiResponse.fraud_rule;
console.log(`Inserted '${rule.rule_type}' rule, oid = ${created?.fraud_rule_oid}`);
}
} catch (error) {
console.error(`Error: ${error instanceof Error ? error.message : 'Unknown error'}`);
console.error(error instanceof Error ? error.stack : error);
}
}
// Optional: If you want to call the function
// insertFraudRule().catch(console.error);
Creates one or more fraud rules for this merchant account derived from an existing order, mirroring the 'establish fraud filter' action in the order processing screen. Select which filters to establish; all values are taken from the order. The IP rule is created against the order's /24 subnet (last octet masked). The credit card filter duplicates the order's stored card vault token, so no card number is sent through the API. Filters whose order data is missing (no stored card, no email, no usable IP, or no numeric street) are skipped and reported in the warning slot rather than failing the request.
SDK Function Name: establishFraudRulesFromOrder
| Parameter | Description | Location | Data Type | Required |
|---|---|---|---|---|
| fraud_rule_from_order_request | Fraud rule from order request | body | FraudRuleFromOrderRequest | required |
using System;
using System.Reflection;
using com.ultracart.admin.v2.Api;
using com.ultracart.admin.v2.Model;
namespace SdkSample.fraud
{
public class EstablishFraudRulesFromOrder
{
public static void Execute()
{
Console.WriteLine("--- " + MethodBase.GetCurrentMethod()?.DeclaringType?.Name + " ---");
try
{
// establishFraudRulesFromOrder is a shortcut that derives fraud rules from an existing
// order. Point it at an order you have identified as fraudulent and tell it which
// attributes of that order to turn into rules: the email, the credit card, the ip
// address, and/or the address. It creates the matching rules and returns them. This is
// the fast way to "block everything associated with this bad order" instead of building
// each rule by hand.
//
// Not every filter produces a rule; the order must actually have that attribute. For
// example an order with no stored card data will not produce a credit card rule.
FraudApi fraudApi = new FraudApi(Constants.ApiKey);
FraudRuleFromOrderRequest request = new FraudRuleFromOrderRequest();
request.OrderId = "DEMO-0009104434";
request.EstablishEmailFilter = true;
request.EstablishCardFilter = true;
request.EstablishIpFilter = true;
request.EstablishAddressFilter = true;
request.FailureAction = FraudRuleFromOrderRequest.FailureActionEnum.FlagForReview;
request.AutoNote = "Established from fraudulent order DEMO-0009104434";
FraudRulesResponse apiResponse = fraudApi.EstablishFraudRulesFromOrder(request);
Console.WriteLine("Established " + apiResponse.FraudRules.Count + " rule(s) from the order:");
foreach (FraudRulePublic fraudRule in apiResponse.FraudRules)
{
Console.WriteLine(" oid " + fraudRule.FraudRuleOid + " - " + fraudRule.RuleType + " - " + fraudRule.AutoNote);
}
}
catch (Exception e)
{
Console.WriteLine("Exception: " + e.Message);
}
}
}
}
package fraud;
import com.ultracart.admin.v2.FraudApi;
import com.ultracart.admin.v2.models.FraudRuleFromOrderRequest;
import com.ultracart.admin.v2.models.FraudRulePublic;
import com.ultracart.admin.v2.models.FraudRulesResponse;
import com.ultracart.admin.v2.util.ApiException;
import common.Constants;
/**
* establishFraudRulesFromOrder is a shortcut that derives fraud rules from an existing order.
* Point it at an order you have identified as fraudulent and tell it which attributes of that
* order to turn into rules: the email, the credit card, the ip address, and/or the address.
* It creates the matching rules and returns them. This is the fast way to "block everything
* associated with this bad order" instead of building each rule by hand.
*
* Not every filter produces a rule; the order must actually have that attribute. For example an
* order with no stored card data will not produce a credit card rule.
*/
public class EstablishFraudRulesFromOrder {
public static void execute() {
System.out.println("--- EstablishFraudRulesFromOrder ---");
try {
FraudApi fraudApi = new FraudApi(Constants.API_KEY);
FraudRuleFromOrderRequest request = new FraudRuleFromOrderRequest();
request.setOrderId("DEMO-0009104434");
request.setEstablishEmailFilter(true);
request.setEstablishCardFilter(true);
request.setEstablishIpFilter(true);
request.setEstablishAddressFilter(true);
request.setFailureAction(FraudRuleFromOrderRequest.FailureActionEnum.FLAG_FOR_REVIEW);
request.setAutoNote("Established from fraudulent order DEMO-0009104434");
FraudRulesResponse apiResponse = fraudApi.establishFraudRulesFromOrder(request);
System.out.println("Established " + apiResponse.getFraudRules().size() + " rule(s) from the order:");
for (FraudRulePublic fraudRule : apiResponse.getFraudRules()) {
System.out.println(" oid " + fraudRule.getFraudRuleOid() + " - " + fraudRule.getRuleType() + " - " + fraudRule.getAutoNote());
}
} catch (ApiException e) {
System.out.println("Exception: " + e.getMessage());
}
}
}
import { fraudApi } from "../api.js";
/**
* establishFraudRulesFromOrder is a shortcut that derives fraud rules from an existing order.
* Point it at an order you have identified as fraudulent and tell it which attributes of that
* order to turn into rules: the email, the credit card, the ip address, and/or the address.
* It creates the matching rules and returns them. This is the fast way to "block everything
* associated with this bad order" instead of building each rule by hand.
*
* Not every filter produces a rule; the order must actually have that attribute. For example an
* order with no stored card data will not produce a credit card rule.
*/
export async function establishFraudRulesFromOrder() {
console.log(`--- ${establishFraudRulesFromOrder.name} ---`);
const request = {
order_id: "DEMO-0009104434",
establish_email_filter: true,
establish_card_filter: true,
establish_ip_filter: true,
establish_address_filter: true,
failure_action: "Flag For Review",
auto_note: "Established from fraudulent order DEMO-0009104434",
};
try {
const apiResponse = await new Promise((resolve, reject) => {
fraudApi.establishFraudRulesFromOrder(request, function (error, data, response) {
if (error) {
reject(error);
} else {
resolve(data, response);
}
});
});
const fraudRules = apiResponse.fraud_rules || [];
console.log(`Established ${fraudRules.length} rule(s) from the order:`);
fraudRules.forEach((fraudRule) => {
console.log(` oid ${fraudRule.fraud_rule_oid} - ${fraudRule.rule_type} - ${fraudRule.auto_note || ''}`);
});
} catch (error) {
console.error(`Error: ${error instanceof Error ? error.message : 'Unknown error'}`);
console.error(error instanceof Error ? error.stack : error);
}
}
// Optional: If you want to call the function
// establishFraudRulesFromOrder().catch(console.error);
<?php
ini_set('display_errors', 1);
/*
* establishFraudRulesFromOrder is a shortcut that derives fraud rules from an existing order.
* Point it at an order you have identified as fraudulent and tell it which attributes of that
* order to turn into rules: the email, the credit card, the ip address, and/or the address.
* It creates the matching rules and returns them. This is the fast way to "block everything
* associated with this bad order" instead of building each rule by hand.
*
* Not every filter produces a rule; the order must actually have that attribute. For example an
* order with no stored card data will not produce a credit card rule.
*/
require_once '../vendor/autoload.php';
require_once '../samples.php';
use ultracart\v2\models\FraudRuleFromOrderRequest;
$fraud_api = Samples::getFraudApi();
$request = new FraudRuleFromOrderRequest();
$request->setOrderId('DEMO-0009104434');
$request->setEstablishEmailFilter(true);
$request->setEstablishCardFilter(true);
$request->setEstablishIpFilter(true);
$request->setEstablishAddressFilter(true);
$request->setFailureAction('Flag For Review');
$request->setAutoNote('Established from fraudulent order DEMO-0009104434');
$api_response = $fraud_api->establishFraudRulesFromOrder($request);
$fraud_rules = $api_response->getFraudRules();
echo 'Established ' . count($fraud_rules) . " rule(s) from the order:\n";
foreach ($fraud_rules as $fraud_rule) {
echo ' oid ' . $fraud_rule->getFraudRuleOid() . ' - ' . $fraud_rule->getRuleType()
. ' - ' . $fraud_rule->getAutoNote() . "\n";
}
from ultracart.apis import FraudApi
from ultracart.models import FraudRuleFromOrderRequest
from samples import api_client
# establish_fraud_rules_from_order is a shortcut that derives fraud rules from an existing order.
# Point it at an order you have identified as fraudulent and tell it which attributes of that
# order to turn into rules: the email, the credit card, the ip address, and/or the address.
# It creates the matching rules and returns them. This is the fast way to "block everything
# associated with this bad order" instead of building each rule by hand.
#
# Not every filter produces a rule; the order must actually have that attribute. For example an
# order with no stored card data will not produce a credit card rule.
def establish_fraud_rules_from_order():
fraud_api = FraudApi(api_client())
request = FraudRuleFromOrderRequest()
request.order_id = 'DEMO-0009104434'
request.establish_email_filter = True
request.establish_card_filter = True
request.establish_ip_filter = True
request.establish_address_filter = True
request.failure_action = 'Flag For Review'
request.auto_note = 'Established from fraudulent order DEMO-0009104434'
api_response = fraud_api.establish_fraud_rules_from_order(request)
fraud_rules = api_response.fraud_rules
print(f"Established {len(fraud_rules)} rule(s) from the order:")
for fraud_rule in fraud_rules:
rule = fraud_rule.to_dict()
print(f" oid {rule.get('fraud_rule_oid')} - {rule.get('rule_type')} - {rule.get('auto_note', '')}")
if __name__ == "__main__":
establish_fraud_rules_from_order()
# frozen_string_literal: true
require 'ultracart_api'
require_relative '../constants'
# establish_fraud_rules_from_order is a shortcut that derives fraud rules from an existing order.
# Point it at an order you have identified as fraudulent and tell it which attributes of that
# order to turn into rules: the email, the credit card, the ip address, and/or the address.
# It creates the matching rules and returns them. This is the fast way to "block everything
# associated with this bad order" instead of building each rule by hand.
#
# Not every filter produces a rule; the order must actually have that attribute. For example an
# order with no stored card data will not produce a credit card rule.
fraud_api = UltracartClient::FraudApi.new_using_api_key(Constants::API_KEY, Constants::VERIFY_SSL, Constants::DEBUG_MODE)
request = UltracartClient::FraudRuleFromOrderRequest.new(
order_id: 'DEMO-0009104434',
establish_email_filter: true,
establish_card_filter: true,
establish_ip_filter: true,
establish_address_filter: true,
failure_action: 'Flag For Review',
auto_note: 'Established from fraudulent order DEMO-0009104434'
)
api_response = fraud_api.establish_fraud_rules_from_order(request)
fraud_rules = api_response.fraud_rules
puts "Established #{fraud_rules.length} rule(s) from the order:"
fraud_rules.each do |fraud_rule|
puts " oid #{fraud_rule.fraud_rule_oid} - #{fraud_rule.rule_type} - #{fraud_rule.auto_note}"
end
import { fraudApi } from "../api";
import { FraudRuleFromOrderRequest } from 'ultracart_rest_api_v2_typescript';
/**
* establishFraudRulesFromOrder is a shortcut that derives fraud rules from an existing order.
* Point it at an order you have identified as fraudulent and tell it which attributes of that
* order to turn into rules: the email, the credit card, the ip address, and/or the address.
* It creates the matching rules and returns them. This is the fast way to "block everything
* associated with this bad order" instead of building each rule by hand.
*
* Not every filter produces a rule; the order must actually have that attribute. For example an
* order with no stored card data will not produce a credit card rule.
*/
export async function establishFraudRulesFromOrder(): Promise<void> {
console.log(`--- ${establishFraudRulesFromOrder.name} ---`);
const request: FraudRuleFromOrderRequest = {
order_id: "DEMO-0009104434",
establish_email_filter: true,
establish_card_filter: true,
establish_ip_filter: true,
establish_address_filter: true,
failure_action: "Flag For Review",
auto_note: "Established from fraudulent order DEMO-0009104434",
};
try {
const apiResponse = await fraudApi.establishFraudRulesFromOrder({ fraudRuleFromOrderRequest: request });
const fraudRules = apiResponse.fraud_rules || [];
console.log(`Established ${fraudRules.length} rule(s) from the order:`);
fraudRules.forEach((fraudRule) => {
console.log(` oid ${fraudRule.fraud_rule_oid} - ${fraudRule.rule_type} - ${fraudRule.auto_note || ''}`);
});
} catch (error) {
console.error(`Error: ${error instanceof Error ? error.message : 'Unknown error'}`);
console.error(error instanceof Error ? error.stack : error);
}
}
// Optional: If you want to call the function
// establishFraudRulesFromOrder().catch(console.error);
Searches fraud rules for this merchant account using semantic filter fields. Pagination and sort are passed as query parameters (_limit, _offset, _sort). You will need to make multiple API calls in order to retrieve the entire result set since this API performs result set pagination. Results are capped at 10,000 records by ElasticSearch and the warning slot indicates when that cap was hit. Use more selective filters in that case.
SDK Function Name: searchFraudRules
| Parameter | Description | Location | Data Type | Required |
|---|---|---|---|---|
| fraud_rule_search_request | Fraud rule search request | body | FraudRuleSearchRequest | required |
| _limit | The maximum number of records to return on this one API call. (Maximum 200)
Default: 100 |
query | integer | optional |
| _offset | Pagination of the record set. Offset is a zero based index.
Default: 0 |
query | integer | optional |
| _sort | The sort order of the fraud rules. See Sorting documentation for examples of using multiple values and sorting by ascending and descending.
Allowed Values
|
query | string | optional |
Request [Create API Key]
searchFraudRules returns the fraud rules that match the supplied criteria. Every field in the JSON body is optional; supply only the ones you want to filter on. Pagination and sort are passed as query parameters (_limit, _offset, _sort); _limit may not exceed 200. This example searches for every rule whose action is "Decline Transaction".
curl -X POST "https://secure.ultracart.com/rest/v2/fraud/rules/search?_limit=200&_offset=0" \
-H "Accept: application/json" \
-H "Content-Type: application/json; charset=utf-8" \
-H "X-UltraCart-Api-Version: 2017-03-01" \
-H "x-ultracart-simple-key: fbfa455fa3bc2e019e456ffe06200100122d966fc28870019e456ffe08200100" \
-d $'{
"failure_action": "Decline Transaction"
}'
Response Headers
Status: 200 OK
Content-Type: application/json; charset=UTF-8
Response Body
{
"fraud_rules": [
{
"fraud_rule_oid": 2532451,
"rule_type": "address email",
"rule_group": "addressRules",
"failure_action": "Decline Transaction",
"auto_note": "Fraudulent order"
}
],
"success": true,
"metadata": {}
}
using System;
using System.Reflection;
using com.ultracart.admin.v2.Api;
using com.ultracart.admin.v2.Model;
namespace SdkSample.fraud
{
public class SearchFraudRules
{
public static void Execute()
{
Console.WriteLine("--- " + MethodBase.GetCurrentMethod()?.DeclaringType?.Name + " ---");
try
{
// searchFraudRules returns the fraud rules that match the supplied criteria. Every field
// on the FraudRuleSearchRequest is optional; supply only the ones you want to filter on.
// Pagination and sort are passed as the limit, offset, and sort parameters.
//
// This sample searches for every rule whose action is "Decline Transaction".
FraudApi fraudApi = new FraudApi(Constants.ApiKey);
FraudRuleSearchRequest searchRequest = new FraudRuleSearchRequest();
searchRequest.FailureAction = FraudRuleSearchRequest.FailureActionEnum.DeclineTransaction;
FraudRulesResponse apiResponse = fraudApi.SearchFraudRules(searchRequest, 200, 0, null);
Console.WriteLine("Found " + apiResponse.FraudRules.Count + " rule(s) with action 'Decline Transaction'");
foreach (FraudRulePublic fraudRule in apiResponse.FraudRules)
{
Console.WriteLine(" oid " + fraudRule.FraudRuleOid + " - " + fraudRule.RuleType + " - " + fraudRule.AutoNote);
}
}
catch (Exception e)
{
Console.WriteLine("Exception: " + e.Message);
}
}
}
}
package fraud;
import com.ultracart.admin.v2.FraudApi;
import com.ultracart.admin.v2.models.FraudRulePublic;
import com.ultracart.admin.v2.models.FraudRuleSearchRequest;
import com.ultracart.admin.v2.models.FraudRulesResponse;
import com.ultracart.admin.v2.util.ApiException;
import common.Constants;
/**
* searchFraudRules returns the fraud rules that match the supplied criteria. Every field on the
* FraudRuleSearchRequest is optional; supply only the ones you want to filter on. Pagination and
* sort are passed as the limit, offset, and sort parameters.
*
* This sample searches for every rule whose action is "Decline Transaction".
*/
public class SearchFraudRules {
public static void execute() {
System.out.println("--- SearchFraudRules ---");
try {
FraudApi fraudApi = new FraudApi(Constants.API_KEY);
FraudRuleSearchRequest searchRequest = new FraudRuleSearchRequest();
searchRequest.setFailureAction(FraudRuleSearchRequest.FailureActionEnum.DECLINE_TRANSACTION);
Integer limit = 200;
Integer offset = 0;
String sort = null;
FraudRulesResponse apiResponse = fraudApi.searchFraudRules(searchRequest, limit, offset, sort);
System.out.println("Found " + apiResponse.getFraudRules().size() + " rule(s) with action 'Decline Transaction'");
for (FraudRulePublic fraudRule : apiResponse.getFraudRules()) {
System.out.println(" oid " + fraudRule.getFraudRuleOid() + " - " + fraudRule.getRuleType() + " - " + fraudRule.getAutoNote());
}
} catch (ApiException e) {
System.out.println("Exception: " + e.getMessage());
}
}
}
import { fraudApi } from "../api.js";
/**
* searchFraudRules returns the fraud rules that match the supplied criteria. Every field on the
* search request is optional; supply only the ones you want to filter on. Pagination and sort
* are passed as options (_limit, _offset, _sort).
*
* This sample searches for every rule whose action is "Decline Transaction".
*/
export async function searchFraudRules() {
console.log(`--- ${searchFraudRules.name} ---`);
const searchRequest = {
failure_action: "Decline Transaction",
};
const opts = {
_limit: 200,
_offset: 0,
};
try {
const apiResponse = await new Promise((resolve, reject) => {
fraudApi.searchFraudRules(searchRequest, opts, function (error, data, response) {
if (error) {
reject(error);
} else {
resolve(data, response);
}
});
});
const fraudRules = apiResponse.fraud_rules || [];
console.log(`Found ${fraudRules.length} rule(s) with action 'Decline Transaction'`);
fraudRules.forEach((fraudRule) => {
console.log(` oid ${fraudRule.fraud_rule_oid} - ${fraudRule.rule_type} - ${fraudRule.auto_note || ''}`);
});
} catch (error) {
console.error(`Error: ${error instanceof Error ? error.message : 'Unknown error'}`);
console.error(error instanceof Error ? error.stack : error);
}
}
// Optional: If you want to call the function
// searchFraudRules().catch(console.error);
<?php
ini_set('display_errors', 1);
/*
* searchFraudRules returns the fraud rules that match the supplied criteria. Every field on the
* FraudRuleSearchRequest is optional; supply only the ones you want to filter on. The call also
* takes limit, offset, and sort parameters for paging the results.
*
* This sample searches for every rule whose action is "Decline Transaction".
*/
require_once '../vendor/autoload.php';
require_once '../samples.php';
use ultracart\v2\models\FraudRuleSearchRequest;
$fraud_api = Samples::getFraudApi();
$search_request = new FraudRuleSearchRequest();
$search_request->setFailureAction('Decline Transaction');
$limit = 100;
$offset = 0;
$sort = null;
$api_response = $fraud_api->searchFraudRules($search_request, $limit, $offset, $sort);
$fraud_rules = $api_response->getFraudRules();
echo "Found " . count($fraud_rules) . " rule(s) with action 'Decline Transaction'\n";
foreach ($fraud_rules as $fraud_rule) {
echo " oid " . $fraud_rule->getFraudRuleOid() . " - " . $fraud_rule->getRuleType()
. " - " . $fraud_rule->getAutoNote() . "\n";
}
from ultracart.apis import FraudApi
from ultracart.models import FraudRuleSearchRequest
from samples import api_client
# search_fraud_rules returns the fraud rules that match the supplied criteria. Every field on the
# FraudRuleSearchRequest is optional; supply only the ones you want to filter on. Pagination and
# sort are passed as keyword arguments (limit, offset, sort).
#
# This sample searches for every rule whose action is "Decline Transaction".
def search_fraud_rules():
fraud_api = FraudApi(api_client())
search_request = FraudRuleSearchRequest()
search_request.failure_action = 'Decline Transaction'
api_response = fraud_api.search_fraud_rules(search_request, limit=200, offset=0)
fraud_rules = api_response.fraud_rules
print(f"Found {len(fraud_rules)} rule(s) with action 'Decline Transaction'")
# Optional fields (such as auto_note) are not always present on a returned rule, so read
# from to_dict() to avoid AttributeError on rules that do not have them set.
for fraud_rule in fraud_rules:
rule = fraud_rule.to_dict()
print(f" oid {rule.get('fraud_rule_oid')} - {rule.get('rule_type')} - {rule.get('auto_note', '')}")
if __name__ == "__main__":
search_fraud_rules()
# frozen_string_literal: true
require 'ultracart_api'
require_relative '../constants'
# search_fraud_rules returns the fraud rules that match the supplied criteria. Every field on the
# FraudRuleSearchRequest is optional; supply only the ones you want to filter on. Pagination and
# sort are passed as options (_limit, _offset, _sort).
#
# This sample searches for every rule whose action is "Decline Transaction".
fraud_api = UltracartClient::FraudApi.new_using_api_key(Constants::API_KEY, Constants::VERIFY_SSL, Constants::DEBUG_MODE)
search_request = UltracartClient::FraudRuleSearchRequest.new(
failure_action: 'Decline Transaction'
)
api_response = fraud_api.search_fraud_rules(search_request, { _limit: 200, _offset: 0 })
fraud_rules = api_response.fraud_rules
puts "Found #{fraud_rules.length} rule(s) with action 'Decline Transaction'"
fraud_rules.each do |fraud_rule|
puts " oid #{fraud_rule.fraud_rule_oid} - #{fraud_rule.rule_type} - #{fraud_rule.auto_note}"
end
import { fraudApi } from "../api";
/**
* searchFraudRules returns the fraud rules that match the supplied criteria. Every field on the
* search request is optional; supply only the ones you want to filter on. Pagination and sort
* are passed as the limit, offset, and sort parameters.
*
* This sample searches for every rule whose action is "Decline Transaction".
*/
export async function searchFraudRules(): Promise<void> {
console.log(`--- ${searchFraudRules.name} ---`);
try {
const apiResponse = await fraudApi.searchFraudRules({
fraudRuleSearchRequest: { failure_action: "Decline Transaction" },
limit: 200,
offset: 0,
});
const fraudRules = apiResponse.fraud_rules || [];
console.log(`Found ${fraudRules.length} rule(s) with action 'Decline Transaction'`);
fraudRules.forEach((fraudRule) => {
console.log(` oid ${fraudRule.fraud_rule_oid} - ${fraudRule.rule_type} - ${fraudRule.auto_note || ''}`);
});
} catch (error) {
console.error(`Error: ${error instanceof Error ? error.message : 'Unknown error'}`);
console.error(error instanceof Error ? error.stack : error);
}
}
// Optional: If you want to call the function
// searchFraudRules().catch(console.error);
Deletes a fraud rule for this merchant account.
SDK Function Name: deleteFraudRule
| Parameter | Description | Location | Data Type | Required |
|---|---|---|---|---|
| fraud_rule_oid | path | integer (int32) | optional |
Request [Create API Key]
deleteFraudRule removes a fraud rule by its oid. The oid is the fraud_rule_oid returned from insertFraudRule or searchFraudRules. Replace 2706022 below with the oid you want to delete. A successful delete returns 204 No Content with an empty body.
curl -X DELETE "https://secure.ultracart.com/rest/v2/fraud/rules/2706022" \
-H "Accept: application/json" \
-H "X-UltraCart-Api-Version: 2017-03-01" \
-H "x-ultracart-simple-key: fbfa455fa3bc2e019e456ffe06200100122d966fc28870019e456ffe08200100"
Response Headers
Status: 204 No Content
Response Body
(empty)
using System;
using System.Reflection;
using com.ultracart.admin.v2.Api;
using com.ultracart.admin.v2.Model;
namespace SdkSample.fraud
{
public class DeleteFraudRule
{
public static void Execute()
{
Console.WriteLine("--- " + MethodBase.GetCurrentMethod()?.DeclaringType?.Name + " ---");
try
{
// deleteFraudRule removes a fraud rule by its oid.
//
// To keep this sample self-contained it first inserts a throwaway rule, then deletes it
// using the oid returned from the insert. In your own code you would already have the oid
// of the rule you want to remove (for example from SearchFraudRules).
FraudApi fraudApi = new FraudApi(Constants.ApiKey);
// Insert a rule so we have something to delete.
FraudRuleInsertRequest rule = new FraudRuleInsertRequest();
rule.RuleType = FraudRuleInsertRequest.RuleTypeEnum.Creditcardsingletransactionexceeds;
rule.AmountThreshold = 2500.00m;
rule.FailureAction = FraudRuleInsertRequest.FailureActionEnum.FlagForReview;
rule.AutoNote = "Temporary rule created by the DeleteFraudRule sample";
FraudRuleResponse insertResponse = fraudApi.InsertFraudRule(rule);
int fraudRuleOid = insertResponse.FraudRule.FraudRuleOid;
Console.WriteLine("Inserted temporary rule, oid = " + fraudRuleOid);
// Now delete it.
fraudApi.DeleteFraudRule(fraudRuleOid);
Console.WriteLine("Deleted fraud rule oid = " + fraudRuleOid);
}
catch (Exception e)
{
Console.WriteLine("Exception: " + e.Message);
}
}
}
}
package fraud;
import com.ultracart.admin.v2.FraudApi;
import com.ultracart.admin.v2.models.FraudRuleInsertRequest;
import com.ultracart.admin.v2.models.FraudRuleResponse;
import com.ultracart.admin.v2.util.ApiException;
import common.Constants;
import java.math.BigDecimal;
/**
* deleteFraudRule removes a fraud rule by its oid.
*
* To keep this sample self-contained it first inserts a throwaway rule, then deletes it using
* the oid returned from the insert. In your own code you would already have the oid of the rule
* you want to remove (for example from SearchFraudRules).
*/
public class DeleteFraudRule {
public static void execute() {
System.out.println("--- DeleteFraudRule ---");
try {
FraudApi fraudApi = new FraudApi(Constants.API_KEY);
// Insert a rule so we have something to delete.
FraudRuleInsertRequest rule = new FraudRuleInsertRequest();
rule.setRuleType(FraudRuleInsertRequest.RuleTypeEnum.CREDIT_CARD_SINGLE_TRANSACTION_EXCEEDS);
rule.setAmountThreshold(BigDecimal.valueOf(2500.00));
rule.setFailureAction(FraudRuleInsertRequest.FailureActionEnum.FLAG_FOR_REVIEW);
rule.setAutoNote("Temporary rule created by the DeleteFraudRule sample");
FraudRuleResponse insertResponse = fraudApi.insertFraudRule(rule);
Integer fraudRuleOid = insertResponse.getFraudRule().getFraudRuleOid();
System.out.println("Inserted temporary rule, oid = " + fraudRuleOid);
// Now delete it.
fraudApi.deleteFraudRule(fraudRuleOid);
System.out.println("Deleted fraud rule oid = " + fraudRuleOid);
} catch (ApiException e) {
System.out.println("Exception: " + e.getMessage());
}
}
}
import { fraudApi } from "../api.js";
/**
* deleteFraudRule removes a fraud rule by its oid.
*
* To keep this sample self-contained it first inserts a throwaway rule, then deletes it using
* the oid returned from the insert. In your own code you would already have the oid of the rule
* you want to remove (for example from searchFraudRules).
*/
export async function deleteFraudRule() {
console.log(`--- ${deleteFraudRule.name} ---`);
try {
// Insert a rule so we have something to delete.
const rule = {
rule_type: "credit card single transaction exceeds",
amount_threshold: 2500.0,
failure_action: "Flag For Review",
auto_note: "Temporary rule created by the deleteFraudRule sample",
};
const insertResponse = await new Promise((resolve, reject) => {
fraudApi.insertFraudRule(rule, function (error, data, response) {
if (error) {
reject(error);
} else {
resolve(data, response);
}
});
});
const fraudRuleOid = insertResponse.fraud_rule.fraud_rule_oid;
console.log(`Inserted temporary rule, oid = ${fraudRuleOid}`);
// Now delete it.
await new Promise((resolve, reject) => {
fraudApi.deleteFraudRule(fraudRuleOid, function (error, data, response) {
if (error) {
reject(error);
} else {
resolve(data, response);
}
});
});
console.log(`Deleted fraud rule oid = ${fraudRuleOid}`);
} catch (error) {
console.error(`Error: ${error instanceof Error ? error.message : 'Unknown error'}`);
console.error(error instanceof Error ? error.stack : error);
}
}
// Optional: If you want to call the function
// deleteFraudRule().catch(console.error);
<?php
ini_set('display_errors', 1);
/*
* deleteFraudRule removes a fraud rule by its oid.
*
* To keep this sample self-contained it first inserts a throwaway rule, then deletes it using
* the oid returned from the insert. In your own code you would already have the oid of the rule
* you want to remove (for example from searchFraudRules).
*/
require_once '../vendor/autoload.php';
require_once '../samples.php';
use ultracart\v2\models\FraudRuleInsertRequest;
$fraud_api = Samples::getFraudApi();
// Insert a rule so we have something to delete.
$rule = new FraudRuleInsertRequest();
$rule->setRuleType('credit card single transaction exceeds');
$rule->setAmountThreshold(2500.00);
$rule->setFailureAction('Flag For Review');
$rule->setAutoNote('Temporary rule created by the deleteFraudRule sample');
$insert_response = $fraud_api->insertFraudRule($rule);
$fraud_rule_oid = $insert_response->getFraudRule()->getFraudRuleOid();
echo "Inserted temporary rule, oid = " . $fraud_rule_oid . "\n";
// Now delete it.
$fraud_api->deleteFraudRule($fraud_rule_oid);
echo "Deleted fraud rule oid = " . $fraud_rule_oid . "\n";
from ultracart.apis import FraudApi
from ultracart.models import FraudRuleInsertRequest
from samples import api_client
# delete_fraud_rule removes a fraud rule by its oid.
#
# To keep this sample self-contained it first inserts a throwaway rule, then deletes it using
# the oid returned from the insert. In your own code you would already have the oid of the rule
# you want to remove (for example from search_fraud_rules).
def delete_fraud_rule():
fraud_api = FraudApi(api_client())
# Insert a rule so we have something to delete.
rule = FraudRuleInsertRequest()
rule.rule_type = 'credit card single transaction exceeds'
rule.amount_threshold = 2500.00
rule.failure_action = 'Flag For Review'
rule.auto_note = 'Temporary rule created by the delete_fraud_rule sample'
insert_response = fraud_api.insert_fraud_rule(rule)
fraud_rule_oid = insert_response.fraud_rule.fraud_rule_oid
print(f"Inserted temporary rule, oid = {fraud_rule_oid}")
# Now delete it.
fraud_api.delete_fraud_rule(fraud_rule_oid)
print(f"Deleted fraud rule oid = {fraud_rule_oid}")
if __name__ == "__main__":
delete_fraud_rule()
# frozen_string_literal: true
require 'ultracart_api'
require_relative '../constants'
# delete_fraud_rule removes a fraud rule by its oid.
#
# To keep this sample self-contained it first inserts a throwaway rule, then deletes it using
# the oid returned from the insert. In your own code you would already have the oid of the rule
# you want to remove (for example from search_fraud_rules).
fraud_api = UltracartClient::FraudApi.new_using_api_key(Constants::API_KEY, Constants::VERIFY_SSL, Constants::DEBUG_MODE)
# Insert a rule so we have something to delete.
rule = UltracartClient::FraudRuleInsertRequest.new(
rule_type: 'credit card single transaction exceeds',
amount_threshold: 2500.00,
failure_action: 'Flag For Review',
auto_note: 'Temporary rule created by the delete_fraud_rule sample'
)
insert_response = fraud_api.insert_fraud_rule(rule)
fraud_rule_oid = insert_response.fraud_rule.fraud_rule_oid
puts "Inserted temporary rule, oid = #{fraud_rule_oid}"
# Now delete it.
fraud_api.delete_fraud_rule(fraud_rule_oid)
puts "Deleted fraud rule oid = #{fraud_rule_oid}"
import { fraudApi } from "../api";
import { FraudRuleInsertRequest } from 'ultracart_rest_api_v2_typescript';
/**
* deleteFraudRule removes a fraud rule by its oid.
*
* To keep this sample self-contained it first inserts a throwaway rule, then deletes it using
* the oid returned from the insert. In your own code you would already have the oid of the rule
* you want to remove (for example from searchFraudRules).
*/
export async function deleteFraudRule(): Promise<void> {
console.log(`--- ${deleteFraudRule.name} ---`);
try {
// Insert a rule so we have something to delete.
const rule: FraudRuleInsertRequest = {
rule_type: "credit card single transaction exceeds",
amount_threshold: 2500.0,
failure_action: "Flag For Review",
auto_note: "Temporary rule created by the DeleteFraudRule sample",
};
const insertResponse = await fraudApi.insertFraudRule({ fraudRuleInsertRequest: rule });
const fraudRuleOid = insertResponse.fraud_rule?.fraud_rule_oid;
console.log(`Inserted temporary rule, oid = ${fraudRuleOid}`);
if (fraudRuleOid !== undefined) {
// Now delete it.
await fraudApi.deleteFraudRule({ fraudRuleOid });
console.log(`Deleted fraud rule oid = ${fraudRuleOid}`);
}
} catch (error) {
console.error(`Error: ${error instanceof Error ? error.message : 'Unknown error'}`);
console.error(error instanceof Error ? error.stack : error);
}
}
// Optional: If you want to call the function
// deleteFraudRule().catch(console.error);
| Name | Data Type | Description |
|---|---|---|
| developer_message | string | A technical message meant to be read by a developer |
| error_code | string | HTTP status code |
| more_info | string | Additional information often a link to additional documentation |
| object_id | string | Object id that the error is associated with |
| user_message | string | An end-user friendly message suitable for display to the customer |
| Name | Data Type | Description |
|---|---|---|
| error | Error | Error object if unsuccessful |
| metadata | ResponseMetadata | Meta-data about the response such as payload or paging information |
| success | boolean | Indicates if API call was successful |
| warning | Warning | Warning object if a non-fatal issue or side-effect occurs |
| Name | Data Type | Description |
|---|---|---|
| string | email to decline during checkout fraud review |
| Name | Data Type | Description |
|---|---|---|
| affiliate_oid | integer (int32) | Oid of the affiliate. Use this value in affiliate_oid on insert for the 'affiliate matches' rule type. |
| string | Email of the affiliate. May also be supplied as affiliate_email on insert in place of affiliate_oid. |
| Name | Data Type | Description |
|---|---|---|
| code | string | Code of the rotating transaction gateway. |
| name | string | Display name of the rotating transaction gateway. |
| rotating_transaction_gateway_oid | integer (int32) | Oid of the rotating transaction gateway. Use this value in rotating_transaction_gateway_filters on insert. |
| Name | Data Type | Description |
|---|---|---|
| code | string | Code of the screen branding theme. |
| screen_branding_theme_oid | integer (int32) | Oid of the screen branding theme. Use this value in screen_branding_theme_filters on insert. |
| storefront_hostname | string | Storefront hostname associated with this theme, when available. |
| Name | Data Type | Description |
|---|---|---|
| affiliates | array of FraudLookupAffiliate | Affiliates with non-empty email, sorted by email. |
| avs_match_types | array of string | Valid values for avs_match_type on the 'address street and zip avs' rule type. |
| countries | array of string | ISO country codes available to this merchant. |
| failure_actions | array of string | Valid values for failure_action on insert and search requests. |
| ip_range_types | array of string | Valid values for ip_range_type on IP-based rules. |
| linked_accounts | boolean | True when this merchant has at least one linked merchant account. |
| rotating_transaction_gateways | array of FraudLookupGateway | Rotating transaction gateways configured for this merchant. Use the oid as a value in rotating_transaction_gateway_filters on insert. |
| rule_groups | array of string | Valid values for rule_group on search requests. |
| rule_types | array of string | Valid values for rule_type on insert and search requests. |
| screen_branding_themes | array of FraudLookupTheme | Screen branding themes configured for this merchant. Use the oid as a value in screen_branding_theme_filters on insert. |
| user_actions | array of string | Valid values for user_action on rule types that distinguish between attempted and approved transactions. |
| Name | Data Type | Description |
|---|---|---|
| error | Error | Error object if unsuccessful |
| fraud_lookup_values | FraudLookupValues | fraud_lookup_values |
| metadata | ResponseMetadata | Meta-data about the response such as payload or paging information |
| success | boolean | Indicates if API call was successful |
| warning | Warning | Warning object if a non-fatal issue or side-effect occurs |
| Name | Data Type | Description |
|---|---|---|
| auto_note | string | Note automatically appended to the order's merchant note when these rules fire. |
| establish_address_filter | boolean | Establish an 'address street and zip avs' rule from the order's ship-to street and zip. |
| establish_card_filter | boolean | Establish a 'credit card matches' rule by duplicating the order's stored card vault token. Skipped if the order has no stored card. |
| establish_email_filter | boolean | Establish an 'address email' rule from the order's email address. |
| establish_ip_filter | boolean | Establish an 'ip matches' subnet rule from the order's customer IP address (last octet masked to a subnet). |
| failure_action | string | Action to take when these rules fire. Defaults to 'Flag For Review' when omitted.
Allowed Values
|
| order_id | string | The order id to establish the fraud rule(s) from. |
| Name | Data Type | Description |
|---|---|---|
| affiliate_email | string | Affiliate email. Used by the 'affiliate matches' rule type when affiliate_oid is not supplied. |
| affiliate_oid | integer (int32) | Affiliate OID. Used by the 'affiliate matches' rule type. If omitted, affiliate_email is required. |
| amount_threshold | number | Monetary or score threshold. Used by *transaction amount exceeds*, *fraud score exceeds*, and *decline percentage exceeds* rules. |
| auto_note | string | Note automatically appended to the order's merchant note when this rule fires. |
| avs_match_type | string | AVS match type for the zip portion. Used by the 'address street and zip avs' rule type.
Allowed Values
|
| avs_response_codes | string | AVS response codes (street). Used by the 'address street and zip avs' rule type. |
| count_threshold | integer (int32) | Integer count threshold. Used by *count exceeds*, *change number*, *quantity exceeds*, and *purchased within last hours* rules. |
| country_code | string | ISO country code. Used by the 'address not in country' rule type. |
| credit_card_bins | array of string | Credit card BINs to block (max 20). Used by the 'credit card block bin' rule type. |
| string | Email address. Used by the 'address email' rule type. | |
| failure_action | string | Action to take when this rule fires.
Allowed Values
|
| gateway_response_codes | string | Gateway response code key. Used by the 'gateway response' rule type. |
| gateway_response_value | string | Gateway response code value. Used by the 'gateway response' rule type. |
| ip_address | string | IP address or subnet (eg '192.168.1.1' or '10.0.0.0/8'). Used by 'exempt ip' and 'ip matches' rules. |
| ip_range_type | string | Specifies whether an IP rule applies to a single address or a subnet.
Allowed Values
|
| item_filters | array of string | Optional list of merchant item ids restricting this rule to orders containing one or more of these items. |
| merchant_item_id | string | Merchant item id. Used by the 'item matches' rule type. |
| modify_custom_field1 | string | When failure_action is 'Process Payment and Modify', set order custom field 1 to this value. |
| modify_custom_field2 | string | When failure_action is 'Process Payment and Modify', set order custom field 2 to this value. |
| modify_custom_field3 | string | When failure_action is 'Process Payment and Modify', set order custom field 3 to this value. |
| modify_custom_field4 | string | When failure_action is 'Process Payment and Modify', set order custom field 4 to this value. |
| modify_custom_field5 | string | When failure_action is 'Process Payment and Modify', set order custom field 5 to this value. |
| modify_custom_field6 | string | When failure_action is 'Process Payment and Modify', set order custom field 6 to this value. |
| modify_custom_field7 | string | When failure_action is 'Process Payment and Modify', set order custom field 7 to this value. |
| modify_skip_affiliate | boolean | When failure_action is 'Process Payment and Modify', strip the affiliate from the order. |
| modify_skip_affiliate_network_pixel | boolean | When failure_action is 'Process Payment and Modify', skip firing the affiliate network pixel. |
| rotating_transaction_gateway_filters | array of integer (int32) | Optional list of rotating transaction gateway oids restricting this rule to orders processed by one of these gateways. |
| rule_type | string | Rule type. Also returned by GET /v2/fraud/lookup_values.
Allowed Values
|
| screen_branding_theme_filters | array of integer (int32) | Optional list of screen branding theme oids restricting this rule to orders associated with one or more storefronts. |
| user_action | string | Only used by rule types that distinguish between attempted and approved transactions.
Allowed Values
|
| Name | Data Type | Description |
|---|---|---|
| merchant_item_id | string(20) | Unique item id of this item filter |
| merchant_item_oid | integer (int32) | Unique object identifier of this item |
| Name | Data Type | Description |
|---|---|---|
| affiliate_oid | integer (int32) | Affiliate oid for the 'affiliate matches' rule type. |
| amount_threshold | number | Monetary or score threshold for amount/score/percentage rule types. |
| auto_note | string | Note automatically appended to the order's merchant note when this rule fires. |
| avs_match_type | string |
Allowed Values
|
| avs_response_codes | string | AVS response codes for the 'address street and zip avs' rule type. |
| card_number | (read only) string | Masked credit card number for rules tied to a specific card |
| count_threshold | integer (int32) | Integer count threshold for count/quantity/hours rule types. |
| country_code | string | ISO country code for the 'address not in country' rule type. |
| created_by | (read only) string | |
| created_dts | (read only) string (dateTime) | Created date |
| credit_card_bins | array of string | Credit card BINs blocked by the 'credit card block bin' rule type. |
| decline_message | string | Message shown in the A/R review screen when this rule fires. |
| description | (read only) string | Human-readable description of the rule |
| description_html | (read only) string | HTML version of the rule description |
| string | Email address for the 'address email' rule type. | |
| failure_action | string | Action taken when this rule fires.
Allowed Values
|
| fraud_rule_oid | (read only) integer (int32) | UltraCart unique identifier for this fraud rule |
| gateway_response_codes | string | Gateway response code key for the 'gateway response' rule type. |
| gateway_response_value | string | Gateway response code value for the 'gateway response' rule type. |
| ip_address | string | IP address or subnet for 'exempt ip' and 'ip matches' rule types. |
| ip_range_type | string |
Allowed Values
|
| item_filters | array of FraudRuleItemFilter | Item filters restricting this rule to orders containing one or more of these items. |
| merchant_item_id | string | Merchant item id for the 'item matches' rule type. |
| modify_custom_field1 | string | Value the rule sets on order custom field 1 (only meaningful for 'Process Payment and Modify'). |
| modify_custom_field2 | string | Value the rule sets on order custom field 2 (only meaningful for 'Process Payment and Modify'). |
| modify_custom_field3 | string | Value the rule sets on order custom field 3 (only meaningful for 'Process Payment and Modify'). |
| modify_custom_field4 | string | Value the rule sets on order custom field 4 (only meaningful for 'Process Payment and Modify'). |
| modify_custom_field5 | string | Value the rule sets on order custom field 5 (only meaningful for 'Process Payment and Modify'). |
| modify_custom_field6 | string | Value the rule sets on order custom field 6 (only meaningful for 'Process Payment and Modify'). |
| modify_custom_field7 | string | Value the rule sets on order custom field 7 (only meaningful for 'Process Payment and Modify'). |
| modify_skip_affiliate | boolean | When true, the rule strips the affiliate from the order (only meaningful for 'Process Payment and Modify'). |
| modify_skip_affiliate_network_pixel | boolean | When true, the rule suppresses the affiliate network pixel (only meaningful for 'Process Payment and Modify'). |
| rotating_transaction_gateway_filters | array of FraudRuleRotatingTransactionGatewayFilter | Gateway filters restricting this rule to orders processed by one of these rotating transaction gateways. |
| rule_group | (read only) string | Group containing this rule type (eg 'creditCardRules'). Deliberately not constrained by allowableValues on the response so SDK consumers do not hard-fail on an unexpected value if a future rule_type slips through the server-side mapping. Search REQUESTS still restrict rule_group to the known set. |
| rule_type | string | Rule type.
Allowed Values
|
| storefront_filters | array of FraudRuleStorefrontFilter | Storefront filters restricting this rule to orders placed on one of these storefronts. |
| user_action | string |
Allowed Values
|
| Name | Data Type | Description |
|---|---|---|
| error | Error | Error object if unsuccessful |
| fraud_rule | FraudRulePublic | fraud_rule |
| metadata | ResponseMetadata | Meta-data about the response such as payload or paging information |
| success | boolean | Indicates if API call was successful |
| warning | Warning | Warning object if a non-fatal issue or side-effect occurs |
| Name | Data Type | Description |
|---|---|---|
| code | string | The short code identifier of this rotating transaction gateway used to filter this fraud rule |
| rotating_transaction_gateway_oid | integer (int32) | Unique object identifier of a rotating transaction gateway filtering this fraud rule to only orders processed by this gateway |
| Name | Data Type | Description |
|---|---|---|
| affiliate_oid_or_email | string | Affiliate oid (integer) or affiliate email. Email is resolved to oid before searching. |
| amount_threshold_begin | number | Lower bound on amount/score/percentage thresholds (rules backed by the same numeric column). |
| amount_threshold_end | number | Upper bound on amount/score/percentage thresholds (rules backed by the same numeric column). |
| auto_note | string | Wildcard search on the rule's auto_note. Use '*' for wildcards. |
| count_threshold_begin | integer (int32) | Lower bound on count thresholds (rules backed by the same integer count column). |
| count_threshold_end | integer (int32) | Upper bound on count thresholds (rules backed by the same integer count column). |
| created_by | string | Filter to rules created by this user login. |
| created_date_begin | string (dateTime) | Rule creation date begin (MM/dd/yyyy) |
| created_date_end | string (dateTime) | Rule creation date end (MM/dd/yyyy) |
| credit_card_partial | string | Partial credit card number for matching 'credit card matches' rules. Use '*' wildcards. |
| decline_message | string | Wildcard search on the rule's decline_message. Use '*' for wildcards. |
| failure_action | string |
Allowed Values
|
| gateway_code | string | Filter to rules with this rotating transaction gateway code in their rotating_transaction_gateway_filters list. |
| merchant_item_id | string | Filter to rules with this merchant item id in their item_filters list. |
| modifier_value | string | Wildcard search on the rule's secondary modifier (eg 'address'/'subnet', gateway codes, avs match types). |
| modify_custom_field1 | string | Wildcard search on rules' modify_custom_field1 value. |
| modify_custom_field2 | string | Wildcard search on rules' modify_custom_field2 value. |
| modify_custom_field3 | string | Wildcard search on rules' modify_custom_field3 value. |
| modify_custom_field4 | string | Wildcard search on rules' modify_custom_field4 value. |
| modify_custom_field5 | string | Wildcard search on rules' modify_custom_field5 value. |
| modify_custom_field6 | string | Wildcard search on rules' modify_custom_field6 value. |
| modify_custom_field7 | string | Wildcard search on rules' modify_custom_field7 value. |
| modify_skip_affiliate | boolean | Filter to rules whose modify_skip_affiliate flag matches this value. |
| modify_skip_affiliate_network_pixel | boolean | Filter to rules whose modify_skip_affiliate_network_pixel flag matches this value. |
| rule_group | string | Rule group to filter by.
Allowed Values
|
| rule_type | string | Rule type to filter by.
Allowed Values
|
| search_linked_accounts | boolean | Include rules from accounts linked to this merchant. Defaults to false. |
| storefront_hostname | string | Filter to rules with this storefront hostname in their screen_branding_theme_filters list. |
| text_value | string | Wildcard search on the rule's text parameter (email / ip / bin / country / item id / avs codes - the backend disambiguates by rule_type). |
| theme_code | string | Filter to rules with this screen branding theme code in their screen_branding_theme_filters list. |
| user_action | string |
Allowed Values
|
| Name | Data Type | Description |
|---|---|---|
| error | Error | Error object if unsuccessful |
| fraud_rules | array of FraudRulePublic | fraud_rules |
| metadata | ResponseMetadata | Meta-data about the response such as payload or paging information |
| success | boolean | Indicates if API call was successful |
| warning | Warning | Warning object if a non-fatal issue or side-effect occurs |
| Name | Data Type | Description |
|---|---|---|
| screen_branding_theme_code | string(10) | Screen branding theme code associated with this storefront (legacy checkouts) |
| storefront_host_name | string | StoreFront Host Name |
| Name | Data Type | Description |
|---|---|---|
| payload_name | string | Payload name |
| result_set | ResultSet | Result set |
| Name | Data Type | Description |
|---|---|---|
| count | integer (int32) | Number of results in this set |
| limit | integer (int32) | Maximum number of results that can be returned in a set |
| more | boolean | True if there are more results to query |
| next_offset | integer (int32) | The next offset that you should query to retrieve more results |
| offset | integer (int32) | Offset of this result set (zero based) |
| total_records | integer (int32) | The total number of records in the result set. May be null if the number is not known and the client should continue iterating as long as more is true. |
| Name | Data Type | Description |
|---|---|---|
| more_info | string | Additional information often a link to additional documentation |
| warning_code | string | A stable machine-readable code identifying the warning. See API docs for known values. |
| warning_message | string | A technical message meant to be read by a developer |
| Name | Data Type | Description |
|---|---|---|
| UC-REST-ERROR | string | Contains human readable error message |
| Name | Data Type |
|---|---|
| body | ErrorResponse |
| Name | Data Type | Description |
|---|---|---|
| UC-REST-ERROR | string | Contains human readable error message |
| Name | Data Type |
|---|---|
| body | ErrorResponse |
| Name | Data Type | Description |
|---|---|---|
| UC-REST-ERROR | string | Contains human readable error message |
| Name | Data Type |
|---|---|
| body | ErrorResponse |
| Name | Data Type | Description |
|---|---|---|
| UC-REST-ERROR | string | Contains human readable error message |
| Name | Data Type |
|---|---|
| body | ErrorResponse |
| Name | Data Type | Description |
|---|---|---|
| UC-REST-ERROR | string | Contains human readable error message |
| Name | Data Type |
|---|---|
| body | ErrorResponse |