Skip to main content
Management API examples use $CLAUSUM_API_BASE with a dashboard session JWT. The hostname is assigned by Clausum support — see Access & environments.
Blocklists are organization-scoped lists of values that influence every assessment. When an incoming transaction matches an active entry, Clausum adds a signal — or hard-blocks the transaction outright.

Entry types

list_typeMatches against
emailExact email address
email_domainEmail domain (e.g. example.com)
ip_addressSingle IP
ip_rangeCIDR range
device_fingerprintDevice fingerprint
card_binFirst 6 digits of the card
card_hashHashed card number
countryISO country code
phonePhone number
customer_idYour internal customer id

Severity

SeverityEffect on assessment
blockHard-declines the transaction (risk_score = 100)
flagAdds significant weight
reviewAdds moderate weight, routes to review

Managing entries

Blocklist endpoints are part of the management surface and use a dashboard session JWT. 
curl -X POST "$CLAUSUM_API_BASE/api/v1/blocklists" \
  -H "Authorization: Bearer $DASHBOARD_JWT" \
  -H "Content-Type: application/json" \
  -d '{
    "list_type": "email",
    "value": "fraudster@example.com",
    "severity": "block",
    "reason": "Confirmed chargeback fraud"
  }'
Adding entries requires the admin, analyst, or compliance_officer role. Deleting entries requires admin.

Automatic population

You usually don’t add entries by hand. When you call report-fraud, Clausum automatically blocklists the offending email (block), card BIN (flag, for card testing / friendly fraud), and IP (block) — each tagged with source: "fraud_report" and linked to the generated case.

Expiring entries

Set expires_at to a timestamp to auto-deactivate temporary blocks (for example a 24-hour velocity ban). Omit it for permanent entries. 
{
  "list_type": "ip_address",
  "value": "201.150.10.22",
  "severity": "block",
  "reason": "Card-testing burst",
  "expires_at": "2026-06-01T00:00:00Z"
}

Normalization

Clausum normalizes values on write: email / email_domain are lowercased and country codes are uppercased. Duplicate entries (same org + type + value) return 409 Conflict.