Discover capabilities
Idempotency
SendIdempotency-Key (header) or body fields idempotency_key / stable order_id + payment_id on retries.
- Replays with the same key return the same decision without double-counting velocity.
- Response may include correlation fields:
order_id,payment_id,idempotency_key.
HTTP status codes
| Code | Meaning | Suggested client behavior |
|---|---|---|
200 | Assessment completed | Enforce decision |
400 | Validation error | Fix payload |
401 | Invalid or missing API key | Rotate / fix auth |
429 | Rate limited | Backoff and retry |
503 | Maintenance (ASSESS_MAINTENANCE) | Fail-open or queue per your policy |
504 | Timeout (ASSESS_TIMEOUT) | Retry with same idempotency key |
error.code values.
Fail-open vs fail-closed
| Strategy | When |
|---|---|
| Fail-open | Network/503/504 — allow checkout, log incident (common for merchants) |
| Fail-closed | Regulated flows — block until assess succeeds |
Release (optional)
If your integration uses assess holds,POST /api/v1/assess/release clears a prior decision context when a checkout is abandoned. Contact support if you need this in your flow.
Rate limits
Partner assess is rate-limited per API key. Production multi-node deployments require Redis (Upstash) — otherwise you may receive503 RATE_LIMIT_STORE_UNAVAILABLE. See Rate limits.