GET /v1/events/:requestId

Retrieve full event details including all browser signals and edge analysis.

Endpoint

text
GET https://fingerprintiq.com/v1/events/:requestId

This is a Server API endpoint. It requires a secret API key (fiq_secret_*) and must only be called from your backend, never from client-side code.

Authentication

Include your secret key in the Authorization header:

text
Authorization: Bearer fiq_secret_your_key_here

Path Parameters

requestIdstringrequiredpath

The requestId returned from the identify endpoint.

Response

Returns the full event with all browser signals and edge/server analyses.

json
{  "requestId": "req_01hns3k6tez83695a6t7",  "visitorId": "iq_01hns3k6tez83695a6t714s6n1",  "confidence": 0.97,  "botProbability": 0.05,  "suspectScore": 0,  "linkedId": "user_123",  "tag": { "page": "checkout" },  "suspect": false,  "ip": "203.0.113.42",  "url": "https://yoursite.com/checkout",  "referrer": "https://yoursite.com/",  "verdicts": {    "bot": { "result": false, "probability": 0.05 },    "vpn": { "result": false, "confidence": 0.92 },    "tor": { "result": false },    "proxy": { "result": false },    "incognito": { "result": false },    "tampering": { "result": false, "anomalyScore": 0 },    "headless": { "result": false },    "virtualMachine": { "result": false },    "devtools": { "result": false },    "privacyBrowser": { "result": false, "name": null },    "highActivity": { "result": false },    "ipBlocklist": { "result": false },    "velocity": {      "distinctIp": { "5m": 1, "1h": 1, "24h": 2 },      "distinctCountry": { "5m": 1, "1h": 1, "24h": 1 },      "events": { "5m": 1, "1h": 3, "24h": 15 }    }  },  "signals": {    "client": {      "canvas": { "hash": "a3f2b1c4...", "isFarbled": false },      "webgl": { "renderer": "ANGLE (Apple, ANGLE Metal Renderer: Apple M4)", "vendor": "Google Inc. (Apple)" },      "... all 41 browser signals"    },    "server": {      "asn": { "asn": 7922, "org": "Comcast", "category": "RESIDENTIAL_ISP", "isDatacenter": false },      "geo": { "country": "US", "city": "New York", "rttCoherence": 1.0 },      "tls": { "cipher": "AEAD-AES256-GCM-SHA384", "version": "TLSv1.3", "ja4": "t13d..." },      "vpnDetection": { "verdict": "not_detected", "confidence": 0.92 },      "http": { "fingerprint": "...", "classification": "chrome" },      "... full edge/server signals"    }  },  "timestamp": 1712000003000,  "createdAt": "2026-04-11T08:00:03.000Z"}

json
{  "error": "Event not found"}

Response Fields

requestIdstring

Unique event identifier.

visitorIdstring

Stable device identifier.

confidencenumber

Signal confidence score from 0.0 to 1.0. Low values indicate that many signals failed to collect, which may itself indicate a bot or privacy tool.

botProbabilitynumber

Bot likelihood score from 0.0 to 1.0. Combines datacenter ASN, headless markers, software renderer, API tampering, and UA/TLS mismatch indicators.

verdictsobject

Boolean detection verdicts for bot, VPN, tor, proxy, incognito, tampering, headless, VM, devtools, privacy browser, high activity, IP blocklist, and velocity.

Verdict fields

verdicts.botobject

result (boolean) and probability (0.0–1.0).

verdicts.vpnobject

result (boolean) and confidence (0.0–1.0).

verdicts.torobject

result (boolean). True if traffic originates from a known Tor exit node.

verdicts.proxyobject

result (boolean). True if a residential or public proxy is detected.

verdicts.incognitoobject

result (boolean). True if the browser is in private/incognito mode.

verdicts.tamperingobject

result (boolean) and anomalyScore (0–100). Indicates API or signal tampering.

verdicts.headlessobject

result (boolean). True if headless browser or automation markers are detected.

verdicts.virtualMachineobject

result (boolean). True if the device appears to be running inside a VM.

verdicts.devtoolsobject

result (boolean). True if browser DevTools were open during signal collection.

verdicts.privacyBrowserobject

result (boolean) and name (string | null). Identifies known privacy-hardened browsers such as Brave or Tor Browser.

verdicts.highActivityobject

result (boolean). True if this visitor has unusually high event velocity.

verdicts.ipBlocklistobject

result (boolean). True if the IP appears in a known blocklist.

verdicts.velocityobject

Rolling window counts of distinctIp, distinctCountry, and total events for the past 5m, 1h, and 24h.

signalsobject

Full signal data — only available via Server API, never returned client-side.

signals.client

All 41 browser signal results. Keys map to signal names (e.g., canvas, webgl, audio). See Signal Types Reference for the full schema.

signals.server

Server-side signals extracted at the edge including asn, geo, tls, vpnDetection, ipNetwork, http, and consistency.

linkedIdstring

Customer-provided identifier, if set.

tagobject

Customer-provided metadata, if set.

suspectboolean

Whether this event was manually flagged as suspect.

timestampnumber

Unix timestamp (milliseconds) when this event occurred.

createdAtstring

ISO 8601 timestamp when the event was stored.

Error Responses

Status	Meaning
`401`	Missing or invalid secret API key
`404`	Event not found or belongs to a different customer

Was this page helpful?