Introduction

Get to know the basics of the DFend API.

The DFend API follows REST conventions, with resource-oriented URLs that accept and return JSON-encoded data. It uses standard HTTP response codes and methods.

Authentication

You will authenticate requests by including an API key in the x-api-key header. Your account comes with two types of keys. Here's how you'll use them.

Found in Dashboard under Settings > Keys.

Publishable key

You will use your publishable API key to send signals from a website or app (an untrusted environment). When using JavaScript, you can use our JS SDK for convenience.

Secret key

You will use your secret API key to send signals from a server (a trusted environment). Certain extra functionality and expanded data is available when using this type of key.

In use

Always include the correct API key in the x-api-key header when sending requests to our API.

Example (Node.js)

import fetch from 'isomorphic-fetch';

const apiUrl = 'https://api.dfend.app';

const headers = {
  Accept: 'application/json',
  'Content-Type': 'application/json',
  'X-Api-Key': process.env.DFEND_SECRET_KEY
};

const post = async (endpoint, data = {}) => {
  const res = await fetch(`${apiUrl}/${endpoint}`, {
    method: 'POST',
    body: JSON.stringify(data),
    credentials: 'omit',
    headers
  });
  return res.json();
};

const createIdentity = (data = {}) => {
  return post('identity', data);
};

try {
  const { id, created, merged } = await createIdentity({
    userId: 'PU4ME2B68N8K6xz0Ku0BQ',
    name: 'Jane Doe',
    email: 'jane@yourdomain.com',
    phone: '+15435551234',
    merge: true,
    metadata: {
      test: true
    }
  });
  console.log('[DFend] identity created:', id);
  // You can now send signals to DFend with the Identity ID or user ID.
} catch (e) {
  console.error(e);
}