"customerId": "123456789",
    "action": "ALLOW",
    "score": 11,
    "source": "MANUAL_REVIEW",
    "scoreId": "40ba-843e-43c71",
    "comment": "Best customer!"

When the fraud status of one of your customers changes, Ravelin sends you a callback.

This can happen for a variety of reasons, including but not limited to:

  • A customer is manually reviewed through the dashboard, or
  • An event is received through the API, or
  • We discover a fraud network, and some of them exist in your system, or
  • Machine learning models are updated.

Any of these will cause a HTTPS request to your system. The body is a JSON blob, with the same semantics as the response to scored POST requests (see above).

Suggested handling

The most important field in the payload is action:

on this action In your system...
ALLOW Unban this customer if they are currently banned
REVIEW Take no immediate action, but review this customer on Ravelin
PREVENT Ban this customer


Callbacks are configured in the dashboard under SettingsIntegrationsHTTP.

Callbacks can be configured to supply an additional Authorization header to your system. This will be prefixed with token + a space. E.g. if you configure abcdef123 as the token, this header will be added to the HTTPS request:

Authorization: token abcdef123