API ReferenceRisk
Risk
Real-time and historical risk assessments used by the adaptive MFA and conditional-access engines.
Risk
RiskService scores auth events on a NONE/LOW/MEDIUM/HIGH/CRITICAL scale using a blend of signals -- IP reputation, impossible travel, device novelty, session age, and organization-tuned thresholds. The gateway's adaptive-MFA middleware consumes these scores automatically; use this API for your own analytics and SOC workflows.
Base URL: https://<Domain id="api"/>
Authentication: Bearer token with risk:read (list/get) or risk:write (assess, report false positive).
RPCs
| Method | Path | Purpose |
|---|---|---|
| Assess | POST /v1/risk:assess | Score a synthetic event without side effects |
| GetRiskAssessment | GET /v1/risk/assessments/{id} | Fetch a past assessment |
| ListRiskAssessments | GET /v1/risk/assessments | Paginated listing with filter |
| ListEvents | GET /v1/risk/events | Raw risk-signal events (impossible travel, suspicious IP) |
| GetRiskSummary | GET /v1/risk:summary | Aggregated counts per level over a time range |
| ReportFalsePositive | POST /v1/risk/assessments/{id}:reportFalsePositive | Feed back into the model |
Model
A RiskAssessment contains:
{
"id": "ras_01H7X...",
"level": "HIGH",
"score": 0.82,
"signals": [
{ "type": "impossible_travel", "weight": 0.4, "detail": "London -> Tokyo in 45m" },
{ "type": "new_device", "weight":