How to get started with Fingerprint's global device intelligence network API (DRN API)
Device Reputation Network API allows making requests to Fingerprint's expansive device intelligence network and get global behavior and risk information about Android devices. To understand the underlying architecture of the DRN API, please refer to this guide.
DRN API only supports Fingerprint's Android SDK
DRN API is only for server-side usage, it's not intended to be used from the client side, whether it's a browser or a mobile device. Since Fingerprint doesn't bill for server-side API calls, DRN API is free to use and does not count toward your monthly plan, however API key rate limits apply.
DRN API requests do not count toward your monthly plan and are not billed.
Getting started
DRN API is available globally:
| Region | Base URL |
|---|---|
| Global | https://drn-api.fpjs.io |
You can use DRN API for all your workspaces, regardless of their region.
Authentication
DRN API requests are authorized with a Secret API key that can be obtained in your Fingerprint Dashboard by visiting API Keys.
Set your API key as a Bearer token in the Authorization header:
Authorization: Bearer SECRET_API_KEY
Read more in Authentication.
Version
DRN API is versioned by date. This date represents when a backwards-incompatible change was made. The latest version is 2024-09-01.
Set the version as in the X-API-Version header:
X-API-Version: 2024-09-01
Read more in Versioning.
Signals
DRN API supports three signals in the current version: regional_activity, suspect_score, and timestamps. You can request all three signals in a single request.
Making a request
The DRN API has two required parameters: visitor_id and signals:
GET https://drn-api.fpjs.io/drn/{visitor_id}?signals={signals}
GET https://drn-api.fpjs.io/drn/{visitor_id}?signals={signals}We'll be using the regional_activitysignal for our request by specifying it in the signals URL query parameter. Before you can make the request, you need to get a device visitor_id. You can create a trial subscription, run a sample project, and use your device visitor_id as a parameter.
Once you have the visitor_id and the secret API key, build a curl request. The visitor_id goes in the path, signals=regional_activity as a query parameter, bothAuthorization, and X-API-Version as HTTP headers:
curl --request GET \
--url 'https://drn-api.fpjs.io/drn/{visitor-id-from-your-app}?signals=regional_activity' \
--header 'Authorization: Bearer {secret-api-key}' \
--header 'X-API-Version: 2024-09-01'
wget --method GET \
--header 'X-API-Version: 2024-09-01' \
--header 'Authorization: Bearer {secret-api-key}' \
--output-document \
- 'https://drn-api.fpjs.io/drn/{visitor_id}?signals=regional_activity'
You will get a response with a list of countries where this device was active in the last 30 days:
{
"data": {
"regionalActivity": {
"startDate": "2024-08-06T23:00:13Z",
"endDate": "2024-09-05T23:00:13Z",
"countries": [
{
// this device was active in France via VPN and we detected it by IP
"code": "FR",
"detectors": [
{
"type": "ip",
"activityPercentage": 0.20
}
]
},
{
// this device was also active in Russia and we detect it using our
// real location detection smart signal
// https://dev.fingerprint.com/docs/smart-signals-overview#vpn-detection-for-mobile-devices
"code": "RU",
"detectors": [
{
"type": "origin",
"activityPercentage": 1.0
},
{
"type": "ip",
"activityPercentage": 0.8
}
]
}
]
}
}
}
Even though you just identified this device in your app, you can get a global location history for any device in the Fingerprint network, including the real location even with VPN enabled!
Rate limiting
DRN API is rate limited. The limit is enforced for every Secret API key, and the default rate limit per API key is 5 req/sec. More details available in the Rate limiting reference page. If you need a higher limit, reach out to [email protected].
API client SDKs
SDKs for specific languages are coming soon! Email [email protected] if you want to request an SDK or integration for your stack.