Forter Chargeback and Compensation API

Report customer-initiated disputes (chargebacks) to feed Forter's decision model and enable chargeback recovery, and submit customer requests for compensation - refunds or reships, at the order or item level - to receive a fraud or abuse decision.

OpenAPI Specification

forter-openapi.yml Raw ↑
openapi: 3.0.3
info:
  title: Forter API
  description: >-
    Forter is a fraud prevention and digital identity platform for online
    commerce. Its Core API returns real-time trust decisions for orders,
    payments, account signups, and logins, and supports chargeback recovery,
    abuse prevention, and data-privacy workflows.


    GROUNDING NOTE: The paths, HTTP methods, and authentication scheme in this
    document are grounded in Forter's public documentation at docs.forter.com
    (see each operation's `x-forter-status`). Request and response BODY schemas
    are MODELED for orientation - Forter does not publish a machine-readable
    OpenAPI, and the full order/account payloads are large and provisioned
    per-integration. Treat the schemas below as representative, not
    authoritative; confirm exact fields against your account's customized API
    reference in the Forter Portal.


    ACCESS: Forter is enterprise / contact-sales. Credentials (a per-account
    site ID and an API key) are provisioned by Forter during onboarding.
    Requests are sent to a dedicated per-tenant host by prepending your site ID
    to the API host - `https://{siteId}.api.forter.secure.com/{endpoint}`. The
    generic host `api.forter.secure.com` shown in the servers block is the
    documented form; the bare host does not resolve without the site-ID prefix.
  version: '1.0'
  contact:
    name: Forter
    url: https://www.forter.com
servers:
  - url: https://api.forter.secure.com
    description: >-
      Documented API host. In practice, prepend your account site ID:
      https://{siteId}.api.forter.secure.com
security:
  - basicAuth: []
tags:
  - name: Orders
    description: Order and checkout fraud/abuse decisions and order status.
  - name: Accounts
    description: Signup and login (account takeover) decisions.
  - name: Disputes
    description: Chargeback disputes and customer compensation requests.
  - name: Data Privacy
    description: Data-subject profile access for privacy and compliance.
paths:
  /v2/orders/{orderId}:
    parameters:
      - $ref: '#/components/parameters/OrderId'
    post:
      operationId: submitOrderV2
      tags:
        - Orders
      summary: Submit an order for a decision (v2)
      description: >-
        Send order and checkout information at checkout to receive a real-time
        fraud or abuse decision. The response may also carry payment
        optimization or abuse-prevention recommendations.
      x-forter-status: >-
        Path/method confirmed against docs.forter.com. Request/response schema
        MODELED.
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/OrderInput'
      responses:
        '200':
          description: A Forter decision for the order.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Decision'
        '401':
          $ref: '#/components/responses/Unauthorized'
  /v3/orders/{orderId}:
    parameters:
      - $ref: '#/components/parameters/OrderId'
    post:
      operationId: submitOrderV3
      tags:
        - Orders
      summary: Submit an order for a decision (v3)
      description: >-
        Version 3 of the order decision endpoint. Same intent as v2 - submit
        order/checkout data and receive a fraud or abuse decision - with the v3
        request/response shape.
      x-forter-status: >-
        Path/method confirmed against docs.forter.com (Order v3).
        Request/response schema MODELED.
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/OrderInput'
      responses:
        '200':
          description: A Forter decision for the order.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Decision'
        '401':
          $ref: '#/components/responses/Unauthorized'
  /v2/status/{orderId}:
    parameters:
      - $ref: '#/components/parameters/OrderId'
    post:
      operationId: submitOrderStatus
      tags:
        - Orders
      summary: Report order status
      description: >-
        Report the downstream lifecycle status of an order back to Forter (for
        example, that it was captured, shipped, cancelled, or refunded). No
        decision is returned; this input improves the model.
      x-forter-status: >-
        Path/method confirmed against docs.forter.com (Order status).
        Request schema MODELED.
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/OrderStatusInput'
      responses:
        '200':
          description: Acknowledgement.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Ack'
        '401':
          $ref: '#/components/responses/Unauthorized'
  /v2/accounts/signup/{accountId}:
    parameters:
      - $ref: '#/components/parameters/AccountId'
    post:
      operationId: submitSignup
      tags:
        - Accounts
      summary: Submit a signup for a decision
      description: >-
        Send account registration information at signup to receive a fraud or
        abuse decision for the new account.
      x-forter-status: >-
        Path/method confirmed against docs.forter.com (Signup).
        Request/response schema MODELED.
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/AccountEventInput'
      responses:
        '200':
          description: A Forter decision for the signup.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Decision'
        '401':
          $ref: '#/components/responses/Unauthorized'
  /v2/accounts/authentication-result/{loginId}:
    parameters:
      - name: loginId
        in: path
        required: true
        description: A unique identifier for the login / authentication event.
        schema:
          type: string
    post:
      operationId: submitAuthenticationResult
      tags:
        - Accounts
      summary: Submit a login / authentication result for an ATO decision
      description: >-
        Send login attempt information to receive an account takeover (ATO)
        decision. Used to protect the login flow with Forter's identity graph.
      x-forter-status: >-
        Path/method confirmed against docs.forter.com (Authentication result).
        Request/response schema MODELED.
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/AccountEventInput'
      responses:
        '200':
          description: A Forter account takeover decision.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Decision'
        '401':
          $ref: '#/components/responses/Unauthorized'
  /v2/unified/compensation/request/{id}:
    parameters:
      - $ref: '#/components/parameters/GenericId'
    post:
      operationId: submitCompensationRequest
      tags:
        - Disputes
      summary: Submit a compensation request for a decision
      description: >-
        Send information about a customer-initiated request for compensation
        (such as a refund or reship) to receive a fraud or abuse decision. Can
        be submitted at the order level or the item level.
      x-forter-status: >-
        Path/method confirmed against docs.forter.com (Compensation request).
        Request/response schema MODELED.
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/CompensationInput'
      responses:
        '200':
          description: A Forter decision for the compensation request.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Decision'
        '401':
          $ref: '#/components/responses/Unauthorized'
  /v2/dispute/{id}:
    parameters:
      - $ref: '#/components/parameters/GenericId'
    post:
      operationId: submitDispute
      tags:
        - Disputes
      summary: Report a dispute (chargeback)
      description: >-
        Inform Forter of a dispute initiated by a customer, for any dispute not
        already reported via a payment-processor webhook. No decision is
        returned; the input improves the model and enables chargeback recovery.
      x-forter-status: >-
        MODELED PATH. The Disputes group is documented at docs.forter.com, but
        the exact path/version was not verified from a public code sample.
        Confirm against your account's API reference. Request schema MODELED.
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/DisputeInput'
      responses:
        '200':
          description: Acknowledgement.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Ack'
        '401':
          $ref: '#/components/responses/Unauthorized'
  /v2/accounts/profile-access/{id}:
    parameters:
      - $ref: '#/components/parameters/GenericId'
    post:
      operationId: submitProfileAccess
      tags:
        - Data Privacy
      summary: Data-subject profile access
      description: >-
        Profile access endpoint used to support privacy and compliance
        workflows against the identity data Forter holds for an account.
      x-forter-status: >-
        Path/method confirmed against docs.forter.com (Profile access).
        Request/response schema MODELED.
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/ProfileAccessInput'
      responses:
        '200':
          description: Acknowledgement or profile-access result.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Ack'
        '401':
          $ref: '#/components/responses/Unauthorized'
components:
  securitySchemes:
    basicAuth:
      type: http
      scheme: basic
      description: >-
        HTTP Basic authentication with your Forter API key as the username
        (empty password). Requests must also carry the `x-forter-siteid` header
        (your site ID), an `api-version` header (for example `10.1`), and
        `Content-Type: application/json`. Credentials are provisioned by Forter
        during onboarding.
  parameters:
    OrderId:
      name: orderId
      in: path
      required: true
      description: A unique identifier for the order, generated by the merchant.
      schema:
        type: string
    AccountId:
      name: accountId
      in: path
      required: true
      description: A unique identifier for the account.
      schema:
        type: string
    GenericId:
      name: id
      in: path
      required: true
      description: A unique identifier for the resource / event.
      schema:
        type: string
  responses:
    Unauthorized:
      description: Missing or invalid credentials (site ID / API key).
      content:
        application/json:
          schema:
            $ref: '#/components/schemas/Error'
  schemas:
    Error:
      type: object
      description: MODELED error envelope.
      properties:
        status:
          type: string
        message:
          type: string
    Ack:
      type: object
      description: MODELED acknowledgement envelope.
      properties:
        status:
          type: string
          example: success
    Decision:
      type: object
      description: >-
        MODELED representation of a Forter decision response. The real payload
        includes richer recommendation and reason detail.
      properties:
        forterDecision:
          type: string
          description: The Forter recommendation.
          enum:
            - approve
            - decline
            - not reviewed
            - verification requested
        forterToken:
          type: string
          description: The Forter managed token correlating this event.
        reasonCode:
          type: string
        recommendation:
          type: string
    OrderInput:
      type: object
      description: >-
        MODELED subset of the order/checkout payload. Real orders include
        detailed buyer, cart, payment, shipping, and connection information.
      properties:
        orderId:
          type: string
        checkoutTime:
          type: integer
          description: Epoch seconds when checkout occurred.
        totalAmount:
          $ref: '#/components/schemas/Amount'
        primaryDeliveryDetails:
          type: object
          additionalProperties: true
        cartItems:
          type: array
          items:
            type: object
            additionalProperties: true
        accountOwner:
          type: object
          additionalProperties: true
        payment:
          type: array
          items:
            type: object
            additionalProperties: true
        connectionInformation:
          type: object
          additionalProperties: true
    OrderStatusInput:
      type: object
      description: MODELED order status payload.
      properties:
        orderId:
          type: string
        updatedStatus:
          type: string
          enum:
            - AUTHORIZATION_REQUESTED
            - CAPTURED
            - CANCELED_BY_MERCHANT
            - CANCELED_BY_CUSTOMER
            - SHIPPED
            - REFUNDED
            - COMPLETED
        updateTime:
          type: integer
    AccountEventInput:
      type: object
      description: >-
        MODELED subset for signup and login events (registration or
        authentication details plus connection information).
      properties:
        accountId:
          type: string
        eventTime:
          type: integer
        loginMethod:
          type: string
        accountData:
          type: object
          additionalProperties: true
        connectionInformation:
          type: object
          additionalProperties: true
    CompensationInput:
      type: object
      description: MODELED compensation request payload.
      properties:
        orderId:
          type: string
        compensationType:
          type: string
          enum:
            - refund
            - reship
        level:
          type: string
          enum:
            - order
            - item
        amount:
          $ref: '#/components/schemas/Amount'
        items:
          type: array
          items:
            type: object
            additionalProperties: true
    DisputeInput:
      type: object
      description: MODELED dispute (chargeback) payload.
      properties:
        orderId:
          type: string
        disputeType:
          type: string
        disputeTime:
          type: integer
        amount:
          $ref: '#/components/schemas/Amount'
        reason:
          type: string
    ProfileAccessInput:
      type: object
      description: MODELED profile-access (data privacy) payload.
      properties:
        accountId:
          type: string
        requestType:
          type: string
          example: access
    Amount:
      type: object
      description: MODELED monetary amount.
      properties:
        amountUSD:
          type: string
        currency:
          type: string
          example: USD