API Support for out-of-band requests
3 days ago by Sebastian Wallin
Castle's real time decisioning APIs, the Filter and Risk APIs, were originally designed to be used in environments where the activity is initiated by the end-user using a rich client, such as a browser or mobile app. The main power of these endpoints is that the Castle Policy engine is invoked, which means that you can configure real-time, inline responses, as well setting up automations such as List actions or Webhooks.
However, sometimes, there are scenarios when you need to monitor non-interactive environments, such as API clients, or webhook callbacks from payment providers. Today, we're introducing two new API parameters to support environments like these.
|When set to ||API Client or Command line interface|
|When set to ||Webhook callback, e.g. from payment provider, where the incoming IP and UserAgent typically aren't meaningful|
Read more on how to protect out-of-band requests in the documentation