List block/allow lists
Returns all block/allow lists for the caller's tenant. Block lists cause matching events to be declined or flagged; allow lists short-circuit block rules for known-safe entities. Requires `fraud.lists.read`.
Returns all block/allow lists for the caller's tenant. Block lists cause
matching events to be declined or flagged; allow lists short-circuit block
rules for known-safe entities. Requires fraud.lists.read.
Authorization
bearerAuth AuthorizationBearer <token>
PayOps platform JWT issued by the auth-service. The tenant_id claim
is extracted server-side; callers do NOT send tenant_id in the request
body.
In: header
Response Body
application/json
application/json
curl -X GET "https://example.com/v1/fraud/lists"{
"lists": [
{
"id": "019c3d4e-5f6a-7b8c-9d0e-1f2a3b4c5d6e",
"name": "Known bad IPs",
"kind": "block",
"entry_type": "ip",
"created_at": "2026-06-01T08:00:00Z"
}
]
}{
"error": "forbidden",
"message": "missing required permission: fraud.rules.write",
"request_id": "01JA8BHN2P0ECTXN3J6TBKMS7Q"
}Was this page helpful?