Fraud Decisioning
Updated May 18, 2026
Rules API
Create and manage custom RequestGuard decision rules.
Rules let you put business-specific allow, challenge, review, and block logic inside RequestGuard.
Endpoints
POST /rules
GET /rules
PATCH /rules/{id}
DELETE /rules/{id}Authentication is required.
Create Rule
{
"name": "Block disposable signups",
"action": "block",
"conditions": {
"events": ["signup"],
"disposable_email": true
}
}Supported Conditions
Supported conditions include:
- events
- IP allow and block lists
- email domains
- domains
- countries
- ASNs
- hosting network flag
- disposable email flag
- free email flag
- role account flag
- suspicious TLD
- domain age threshold
- risk score threshold
Rules can appear in assessment responses under matched_rules.