Anti-fraud blocklist update

Xsolla Developers

Anti-fraud blocklist updateWebhook POST

When the Anti-fraud system blocklist is updated (add or remove a parameter), Xsolla sends a webhook with the afs_black_list type to the webhook URL. The parameter addition is performed automatically on the Xsolla side or on request. Parameter removal is possible only on request. To receive this webhook, contact your Customer Success Manager or email csm@xsolla.com.

Request

Request Body schema: application/json

notification_type

required

string

Notification type.

required

object

Object with information about AFS blocklist event.

action

string

Type of event.

Enum: "adding" "removing"

reason

string

Cause of event.

Enum:	Description
chargeback	chargeback (addition)
fraud_activity	fraud (addition)
suspicious_activity	suspicious activity (addition)
ps_reported_fraud	payment system notification about fraud (addition)
linked_chargeback	chargeback relation (addition)
partner_request	on request (addition)
friendly_fraud	friendly fraud (addition)
user_reported_fraud	user report about fraud (addition)
linked_parameter	linked parameter in AFS blocklist (addition)
other_data_in_blacklist	other parameters in AFS blocklist (addition)
by_afs_filters	AFS filter (addition)
wrongly_added	added by mistake (removing)
removed_by_cs_review	removed after reporting to Xsolla technical support (removing)
other_forgiveness_reason	other reason for removing (removing)

parameter

string

Name of parameter by which event occurred.

Enum:	Description
nick	user’s nickname
email	user’s email address
ps_account	user’s billing account
ip_address	user’s IP address
card_issuer	user’s credit card issuing bank
phone	user’s phone number

parameter_value

string

Value of parameter by which event occurred.

date_of_last_action

string

Time of the latest AFS blocklist event in the ISO 8601 format.

transaction_id

string

Transaction ID associated with the parameter by which the event occurred.

project_id

integer

Project ID. You can find this parameter in your Publisher Account next to the name of the project.

Responses

204

Return to indicate successful processing.

400

Return in case of an error in the provided information (e.g., a required parameter missing, failed authorization, etc.).

500

Return to indicate temporary errors with your servers.

Request samples

CURL
HTTP

curl -v 'https://your.hostname/your/uri' \
-X POST \
-H 'Authorization: Signature 32c64a80d2527dc08906ae1891bac4489509b9f6' \
-d '{
  "event": {
    "action": "adding",
    "date_of_last_action": "2020-11-27T10:09:05+03:00",
    "parameter": "email",
    "parameter_value": "email@example.com",
    "reason": "ps_reported_fraud",
    "transaction_id": "111111111",
    "project_id": "123456"
  },
  "notification_type": "afs_black_list"
}'

Response samples

application/json

{"error": {"code": "INVALID_USER",
"message": "Invalid user"
}
}