Guides
Sign Up

Open Client Response

Read the full device intelligence result in-flight on your proxy integration for faster and more secure processing.

Suggest Edits

Our JavaScript agent deploys request and response obfuscation to prevent reverse engineering or other malicious activities. This typically prevents anyone from intercepting and using the information in transit, such as on your proxy.

However, there are scenarios where it may be beneficial to have the deobfuscated response information available on your proxy immediately, instead of sending it from the proxy to the client (browser) and back to your backend. Some reasons for this include:

  • Faster processing: The response is available on your proxy integration sooner than on the client, reducing the last hop latency.
  • Increased security: This approach can help prevent certain replay attacks, as the response coming directly from our backend is more trustworthy than the one received from the client.

For these reasons, it is possible to enable a specific configuration that sends the response from Fingerprint API to your proxy integration as JSON, without obfuscation. This open response includes the full device intelligence result (equivalent to the Server API event) as a sealed result.

This allows you to decrypt and process the sealed device intelligence result directly in your proxy integration.

🚧

Requirements and limitations

  • Sealed Client Results must be configured and enabled for Open Client Response to work. Refer to our dedicated documentation page on Sealed Client Results for the configuration guide.
  • Proxy secret: Each payload must include the FPJS-Proxy-Secret header, set with a valid proxy secret generated in the Dashboard.
  • JavaScript agent: Open Client Response is only suppported in the JavaScript agent for now. The iOS and Android SDKs currently do not support Open Client Response.

Payload Format

Once Open Client Response is enabled, the response of the POST / endpoint becomes a deobfuscated JSON with this specific format.

  • The actual device intelligence result is encrypted inside thesealedResult property. Decrypt the result as described in Sealed client results. If the runtime environment of your proxy integration is limited, you might not be able to use our SDKs to unseal the results. In that case, you need to write your own decryption implementation.
  • Data inside products.identification are placeholder values supplied for backward compatibility with the JavaScript agent, feel free to ignore them.
{
  "v": "2",
  "requestId": "1725018942180.msvu3x",
  // Device intelligence result here: 
  "sealedResult": "<Sealed Client Results base64 payload>",
  // Placeholder values for backwards compatibility
  "products": {
    "identification": {
      "data": {
        "visitorToken": "<encoded visitorToken>",
        "result": {
          "visitorId": "",
          "visitorFound": false,
          "meta": {
            "version": "v1.1.2715+7a151f0a2"
          },
          "confidence": {
            "score": 0
          }
        }
      }
    }
  }
}

Please note that you must forward the open response payload to the client without modifications. If you change it, you risk that the JavaScript agent will not process the response correctly, leading to a negative impact on accuracy.

How to Enable Open Client Response

Open Client Response is reserved for our Enterprise customers, reach out to your support representative for more information.

Updated 29 days ago