Get Risk Score - BlinkOps Documentation

Basic Parameters
Advanced Parameters
Example Output
Workflow Library Example

Get a real-time risk score for a user before completing a critical task or action. The risk score ranges from 0 to 100, where 0 is low risk and 100 is the highest risk. Use this as part of authentication flows to determine if step-up MFA is needed. The score accuracy improves as more training data is supplied via the Track Event action. Required Scope: Authentication Only, Read Users, Manage users, Read All, or Manage All.

External DocumentationTo learn more, visit the OneLogin documentation.

Basic Parameters

Parameter	Description
IP	The IP address.
User Agent	The user agent string. Example: `Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_3)`
User Authenticated	Select to include if the metadata should be trusted.
User ID	The ID of the user. For OneLogin Adaptive Authentication, use format: `{region}_{OneLogin User Id}` (e.g., `US_12345678`).
User Name	The name of the user.

Advanced Parameters

Parameter	Description
Device ID	The device ID (e.g., `xxx-xxx-xxx`)
FP Cookie	The value of the `__tdli_fp` cookie.
Session ID	The session ID (e.g., `xxxx-xxxxx-xxxxx-xxxxx`)
Source ID	The ID of the source, based on a group, customer, account, or user.
Source Name	The name of the source.

Example Output

{
	"score": 24,
	"triggers": [
		"Accessed from a new IP address",
		"Infrequent access from 125.238.248.246",
		"Infrequent access from Auckland, Auckland, New Zealand",
		"Infrequent access using Chrome on Macintosh",
		"Low trust for session"
	],
	"messages": []
}