Skip to content
StraventaDocs

List block/allow lists

Returns all block/allow lists for the caller's tenant. Block lists cause matching events to be declined or flagged; allow lists short-circuit block rules for known-safe entities. Requires `fraud.lists.read`.

GET
/v1/fraud/lists

Returns all block/allow lists for the caller's tenant. Block lists cause matching events to be declined or flagged; allow lists short-circuit block rules for known-safe entities. Requires fraud.lists.read.

Authorization

bearerAuth
AuthorizationBearer <token>

PayOps platform JWT issued by the auth-service. The tenant_id claim is extracted server-side; callers do NOT send tenant_id in the request body.

In: header

Response Body

application/json

application/json

curl -X GET "https://example.com/v1/fraud/lists"
{
  "lists": [
    {
      "id": "019c3d4e-5f6a-7b8c-9d0e-1f2a3b4c5d6e",
      "name": "Known bad IPs",
      "kind": "block",
      "entry_type": "ip",
      "created_at": "2026-06-01T08:00:00Z"
    }
  ]
}
{
  "error": "forbidden",
  "message": "missing required permission: fraud.rules.write",
  "request_id": "01JA8BHN2P0ECTXN3J6TBKMS7Q"
}

Was this page helpful?