# Fraud

## Get Fraud Detection Settings

`client.Fraud.Get(ctx, query) (*FraudSettings, error)`

**get** `/zones/{zone_id}/fraud_detection/settings`

Retrieve Fraud Detection settings for a zone.

### Parameters

- `query FraudGetParams`

  - `ZoneID param.Field[string]`

    Identifier.

### Returns

- `type FraudSettings struct{…}`

  - `UserProfiles FraudSettingsUserProfiles`

    Whether Fraud User Profiles is enabled for the zone.

    - `const FraudSettingsUserProfilesEnabled FraudSettingsUserProfiles = "enabled"`

    - `const FraudSettingsUserProfilesDisabled FraudSettingsUserProfiles = "disabled"`

  - `UsernameExpressions []string`

    List of expressions to detect usernames in write HTTP requests.

    - Maximum of 10 expressions.
    - Omit or set to null to leave unchanged on update.
    - Provide an empty array `[]` to clear all expressions on update.
    - Invalid expressions will result in a 10400 Bad Request with details in the `messages` array.

### Example

```go
package main

import (
  "context"
  "fmt"

  "github.com/cloudflare/cloudflare-go"
  "github.com/cloudflare/cloudflare-go/fraud"
  "github.com/cloudflare/cloudflare-go/option"
)

func main() {
  client := cloudflare.NewClient(
    option.WithAPIToken("Sn3lZJTBX6kkg7OdcBUAxOO963GEIyGQqnFTOFYY"),
  )
  fraudSettings, err := client.Fraud.Get(context.TODO(), fraud.FraudGetParams{
    ZoneID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"),
  })
  if err != nil {
    panic(err.Error())
  }
  fmt.Printf("%+v\n", fraudSettings.UserProfiles)
}
```

#### Response

```json
{
  "errors": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "messages": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "success": true,
  "result": {
    "user_profiles": "disabled",
    "username_expressions": [
      "http.request.body.form[\"username\"][0]",
      "lookup_json_string(http.request.body.raw, \"username\")"
    ]
  }
}
```

## Update Fraud Detection Settings

`client.Fraud.Update(ctx, params) (*FraudSettings, error)`

**put** `/zones/{zone_id}/fraud_detection/settings`

Update Fraud Detection settings for a zone.

Notes on `username_expressions` behavior:

- If omitted or set to null, expressions are not modified.
- If provided as an empty array `[]`, all expressions will be cleared.

### Parameters

- `params FraudUpdateParams`

  - `ZoneID param.Field[string]`

    Path param: Identifier.

  - `FraudSettings param.Field[FraudSettings]`

    Body param

### Returns

- `type FraudSettings struct{…}`

  - `UserProfiles FraudSettingsUserProfiles`

    Whether Fraud User Profiles is enabled for the zone.

    - `const FraudSettingsUserProfilesEnabled FraudSettingsUserProfiles = "enabled"`

    - `const FraudSettingsUserProfilesDisabled FraudSettingsUserProfiles = "disabled"`

  - `UsernameExpressions []string`

    List of expressions to detect usernames in write HTTP requests.

    - Maximum of 10 expressions.
    - Omit or set to null to leave unchanged on update.
    - Provide an empty array `[]` to clear all expressions on update.
    - Invalid expressions will result in a 10400 Bad Request with details in the `messages` array.

### Example

```go
package main

import (
  "context"
  "fmt"

  "github.com/cloudflare/cloudflare-go"
  "github.com/cloudflare/cloudflare-go/fraud"
  "github.com/cloudflare/cloudflare-go/option"
)

func main() {
  client := cloudflare.NewClient(
    option.WithAPIToken("Sn3lZJTBX6kkg7OdcBUAxOO963GEIyGQqnFTOFYY"),
  )
  fraudSettings, err := client.Fraud.Update(context.TODO(), fraud.FraudUpdateParams{
    ZoneID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"),
    FraudSettings: fraud.FraudSettingsParam{

    },
  })
  if err != nil {
    panic(err.Error())
  }
  fmt.Printf("%+v\n", fraudSettings.UserProfiles)
}
```

#### Response

```json
{
  "errors": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "messages": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "success": true,
  "result": {
    "user_profiles": "disabled",
    "username_expressions": [
      "http.request.body.form[\"username\"][0]",
      "lookup_json_string(http.request.body.raw, \"username\")"
    ]
  }
}
```

## Domain Types

### Fraud Settings

- `type FraudSettings struct{…}`

  - `UserProfiles FraudSettingsUserProfiles`

    Whether Fraud User Profiles is enabled for the zone.

    - `const FraudSettingsUserProfilesEnabled FraudSettingsUserProfiles = "enabled"`

    - `const FraudSettingsUserProfilesDisabled FraudSettingsUserProfiles = "disabled"`

  - `UsernameExpressions []string`

    List of expressions to detect usernames in write HTTP requests.

    - Maximum of 10 expressions.
    - Omit or set to null to leave unchanged on update.
    - Provide an empty array `[]` to clear all expressions on update.
    - Invalid expressions will result in a 10400 Bad Request with details in the `messages` array.