# Fraud ## Get Fraud Detection Settings `fraud.get(FraudGetParams**kwargs) -> FraudSettings` **get** `/zones/{zone_id}/fraud_detection/settings` Retrieve Fraud Detection settings for a zone. ### Parameters - `zone_id: str` Identifier. ### Returns - `class FraudSettings: …` - `user_profiles: Optional[Literal["enabled", "disabled"]]` Whether Fraud User Profiles is enabled for the zone. - `"enabled"` - `"disabled"` - `username_expressions: Optional[List[str]]` List of expressions to detect usernames in write HTTP requests. - Maximum of 10 expressions. - Omit or set to null to leave unchanged on update. - Provide an empty array `[]` to clear all expressions on update. - Invalid expressions will result in a 10400 Bad Request with details in the `messages` array. ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) fraud_settings = client.fraud.get( zone_id="023e105f4ecef8ad9ca31a8372d0c353", ) print(fraud_settings.user_profiles) ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "success": true, "result": { "user_profiles": "disabled", "username_expressions": [ "http.request.body.form[\"username\"][0]", "lookup_json_string(http.request.body.raw, \"username\")" ] } } ``` ## Update Fraud Detection Settings `fraud.update(FraudUpdateParams**kwargs) -> FraudSettings` **put** `/zones/{zone_id}/fraud_detection/settings` Update Fraud Detection settings for a zone. Notes on `username_expressions` behavior: - If omitted or set to null, expressions are not modified. - If provided as an empty array `[]`, all expressions will be cleared. ### Parameters - `zone_id: str` Identifier. - `user_profiles: Optional[Literal["enabled", "disabled"]]` Whether Fraud User Profiles is enabled for the zone. - `"enabled"` - `"disabled"` - `username_expressions: Optional[SequenceNotStr[str]]` List of expressions to detect usernames in write HTTP requests. - Maximum of 10 expressions. - Omit or set to null to leave unchanged on update. - Provide an empty array `[]` to clear all expressions on update. - Invalid expressions will result in a 10400 Bad Request with details in the `messages` array. ### Returns - `class FraudSettings: …` - `user_profiles: Optional[Literal["enabled", "disabled"]]` Whether Fraud User Profiles is enabled for the zone. - `"enabled"` - `"disabled"` - `username_expressions: Optional[List[str]]` List of expressions to detect usernames in write HTTP requests. - Maximum of 10 expressions. - Omit or set to null to leave unchanged on update. - Provide an empty array `[]` to clear all expressions on update. - Invalid expressions will result in a 10400 Bad Request with details in the `messages` array. ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) fraud_settings = client.fraud.update( zone_id="023e105f4ecef8ad9ca31a8372d0c353", username_expressions=[], ) print(fraud_settings.user_profiles) ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "success": true, "result": { "user_profiles": "disabled", "username_expressions": [ "http.request.body.form[\"username\"][0]", "lookup_json_string(http.request.body.raw, \"username\")" ] } } ``` ## Domain Types ### Fraud Settings - `class FraudSettings: …` - `user_profiles: Optional[Literal["enabled", "disabled"]]` Whether Fraud User Profiles is enabled for the zone. - `"enabled"` - `"disabled"` - `username_expressions: Optional[List[str]]` List of expressions to detect usernames in write HTTP requests. - Maximum of 10 expressions. - Omit or set to null to leave unchanged on update. - Provide an empty array `[]` to clear all expressions on update. - Invalid expressions will result in a 10400 Bad Request with details in the `messages` array.