Forter

Forter is a real-time fraud prevention platform used primarily by e-commerce merchants to evaluate the risk of transactions, account actions, and checkout flows. It collects behavioral and device fingerprint data to generate a session token that is submitted with checkout and payment requests. Without a valid Forter token, fraud-protected actions are blocked or flagged.

Supported Types

Type	Description
ForterToken	Generates a Forter fraud prevention session token.

Parameters

Parameter	Type	Required	Description
type	string	Yes	ForterToken
websiteURL	string	Yes	The URL of the Forter-protected page (typically a checkout or account page)
proxy	string	No	Proxy in http://user:pass@host:port format. Recommended to match the IP used during the session.

Create Task Request

{
  "clientKey": "YOUR_API_KEY",
  "task": {
    "type": "ForterToken",
    "websiteURL": "https://example.com/checkout",
    "proxy": "http://user:pass@1.2.3.4:8080"
  }
}

Response

{
  "errorId": 0,
  "taskId": "550e8400-e29b-41d4-a716-446655440000",
  "status": "processing"
}

Solution Object

{
  "token": "eyJhbGciOiJSUzI1NiJ9.eyJ..."
}

Field	Type	Description
token	string	The Forter session token. Include this in the forterToken field of checkout API requests, or set it as the forterToken cookie.

How to Use

1. When making a checkout or payment request to a Forter-protected site, submit a ForterToken task for the checkout page URL.
2. Poll until the task is ready.
3. Include the returned token in your checkout request:
   • As a cookie: set forterToken=<token> on the target domain.
   • As a request field: include forterToken in the checkout POST body if required by the site’s integration.

Caution

Forter tokens are bound to session context (IP, User-Agent, device fingerprint). Use the same proxy IP for both the task and the checkout request. The token expires quickly — submit it within seconds of receiving it.

Code Examples

Python

import requests
import time

API_KEY = "YOUR_API_KEY"

response = requests.post("https://api.ucaptcha.net/createTask", json={
    "clientKey": API_KEY,
    "task": {
        "type": "ForterToken",
        "websiteURL": "https://example.com/checkout",
        "proxy": "http://user:pass@1.2.3.4:8080"
    }
})
task_id = response.json()["taskId"]

while True:
    result = requests.post("https://api.ucaptcha.net/getTaskResult", json={
        "clientKey": API_KEY,
        "taskId": task_id
    }).json()
    if result["status"] == "ready":
        token = result["solution"]["token"]
        print("Token:", token)
        break
    elif result["status"] == "failed":
        print("Error:", result.get("errorDescription"))
        break
    time.sleep(5)

JavaScript

const API_KEY = "YOUR_API_KEY";

const { taskId } = await fetch("https://api.ucaptcha.net/createTask", {
  method: "POST",
  headers: { "Content-Type": "application/json" },
  body: JSON.stringify({
    clientKey: API_KEY,
    task: {
      type: "ForterToken",
      websiteURL: "https://example.com/checkout",
      proxy: "http://user:pass@1.2.3.4:8080"
    }
  })
}).then(r => r.json());

while (true) {
  const result = await fetch("https://api.ucaptcha.net/getTaskResult", {
    method: "POST",
    headers: { "Content-Type": "application/json" },
    body: JSON.stringify({ clientKey: API_KEY, taskId })
  }).then(r => r.json());

  if (result.status === "ready") {
    console.log("Token:", result.solution.token);
    break;
  } else if (result.status === "failed") {
    console.error("Error:", result.errorDescription);
    break;
  }
  await new Promise(r => setTimeout(r, 5000));
}

cURL

curl -X POST https://api.ucaptcha.net/createTask \
  -H "Content-Type: application/json" \
  -d '{
    "clientKey": "YOUR_API_KEY",
    "task": {
      "type": "ForterToken",
      "websiteURL": "https://example.com/checkout"
    }
  }'

Provider Coverage

• RiskByPass

RiskByPass API

If you are using the RiskByPass compatibility layer, the equivalent task_type is forter.