API Reference
/api/v1/analyze
Signal analysis endpoint for telemetry enrichment and risk context.
Use /analyze when you want normalized signal output and risk context without triggering full policy adjudication workflows.
When to Use
| Use /api/v1/decide when… | Use /api/v1/analyze when… |
|---|---|
| You need full audit trails and case management | Latency is the top priority (< 100ms) |
| You want policy shadow-testing | You're calling from an edge function / middleware |
| Webhook dispatch is critical | You need the lightest-weight check |
Request
POST /api/v1/analyzebash
curl -X POST https://verifystack.io/api/v1/analyze \
-H "X-API-Key: pk_live_xxxxxxxxx" \
-H "Content-Type: application/json" \
-d '{
"userId": "user_123",
"action": "login",
"userAgent": "Mozilla/5.0 ...",
"ip": "203.0.113.42"
}'Response
Response (200 OK)json
{
"decision": "allow",
"riskLevel": "low",
"visitorId": "vis_xxx",
"deviceFingerprintId": "dfp_xxx",
"deviceHash": "a1b2c3d4e5f6g7h8",
"hasElevatedRisk": false,
"riskReasons": [],
"signalCoverage": "full",
"processingTimeMs": 5,
"decisionId": "dec_xxx"
}The analyze endpoint accepts both pk_ and sk_ keys. Use pk_ keys from the browser and sk_ keys from your server.
Differences vs /decide
- No Prisma-backed audit trail (uses KV-only persistence)
- No automatic case creation
- Response is coarsened — risk level bands instead of exact scores
- Rate-limited to 30 requests per 60 seconds per IP