Getting Started
Complete Integration Guide
Everything you need to integrate Predax into your application, from signup to production deployment.
Sign Up and Get Your API Key
Create a free account at predax.io/register. You'll get 1,000 requests per day free (5,000/month) with no credit card required.
After signing up:
- Navigate to your dashboard
- Click "API Keys" in the sidebar
- Copy your API key (starts with
prdx_...) - Store it securely (environment variables, secrets manager)
Make Your First API Request
Test your API key with a simple cURL command. Replace YOUR_API_KEY with your actual key.
cURL Example
curl -i https://predax.io/api/v1/check/ip \
-H "X-API-Key: YOUR_API_KEY" \
-H "Content-Type: application/json" \
-d '{"ip":"8.8.8.8"}'Python Example
import requests
response = requests.post(
'https://predax.io/api/v1/check/ip',
headers={'X-API-Key': 'YOUR_API_KEY'},
json={'ip': '8.8.8.8'}
)
data = response.json()
print(f"Risk Score: {data['classification']['risk_score']}")
print(f"Risk Level: {data['classification']['risk_level']}")Node.js Example
const response = await fetch('https://predax.io/api/v1/check/ip', {
method: 'POST',
headers: {
'X-API-Key': 'YOUR_API_KEY',
'Content-Type': 'application/json'
},
body: JSON.stringify({ ip: '8.8.8.8' })
});
const data = await response.json();
console.log(`Risk Score: ${data.classification.risk_score}`);
console.log(`Risk Level: ${data.classification.risk_level}`);PHP Example
<?php
$ch = curl_init('https://predax.io/api/v1/check/ip');
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_HTTPHEADER, [
'X-API-Key: YOUR_API_KEY',
'Content-Type: application/json'
]);
curl_setopt($ch, CURLOPT_POSTFIELDS, json_encode(['ip' => '8.8.8.8']));
$response = curl_exec($ch);
$data = json_decode($response, true);
echo "Risk Score: " . $data['classification']['risk_score'] . "\n";
echo "Risk Level: " . $data['classification']['risk_level'] . "\n";
?>Understand the Response
Every response contains rich threat intelligence data. Here are the most important fields:
Risk Score & Level
classification.risk_scoreclassification.risk_levelScore ranges from 0-100. Level is one of: very_low, low, medium, high, very_high, critical
Threat Detection Flags
classification.is_proxyclassification.is_vpnclassification.is_torclassification.is_datacenterclassification.is_crawlerBoolean flags indicating specific threat types detected
Network & Location
network.asnnetwork.as_namelocation.country_codelocation.cityNetwork ownership and geographic location data
Debugging & Support
meta.request_idX-Request-ID headerUse these IDs when contacting support for faster resolution
Monitor Your Quota Usage
Every API response includes quota headers. Use them to track usage and avoid hitting limits.
Daily Quota Headers:
Monthly Quota Headers:
Example: Reading Headers in Python
response = requests.post(...)
# Check quota before each request
remaining_today = int(response.headers.get('X-Quota-Remaining-Today', 0))
remaining_month = int(response.headers.get('X-Quota-Remaining-Month', 0))
if remaining_today < 100:
print("Warning: Low on daily quota!")
if remaining_month < 1000:
print("Warning: Low on monthly quota!")Implement Risk-Based Logic
Use the risk score to make intelligent decisions. Here are common patterns:
Example: Tiered Response
def handle_user_action(ip_address, user_id):
result = check_ip(ip_address)
risk_score = result['classification']['risk_score']
if risk_score >= 80:
# Critical risk - block immediately
return "BLOCK"
elif risk_score >= 60:
# High risk - require additional verification
require_2fa(user_id)
log_suspicious_activity(ip_address, risk_score)
return "CHALLENGE"
elif risk_score >= 40:
# Medium risk - monitor closely
log_for_review(ip_address, risk_score)
return "MONITOR"
else:
# Low risk - allow
return "ALLOW"Example: Check Specific Threats
classification = result['classification']
# Block VPNs and proxies on payment pages
if classification.get('is_vpn') or classification.get('is_proxy'):
if current_page == '/checkout':
return redirect_to_verification()
# Allow Tor on public pages but require extra verification
if classification.get('is_tor'):
if requires_authentication:
require_2fa()
# Flag datacenter IPs for fraud review
if classification.get('is_datacenter'):
flag_for_manual_review(user_id, "Datacenter IP detected")Production Best Practices
Follow these guidelines for reliable production deployment:
✓ Use Timeouts
Set a 1-3 second timeout on API requests. Don't let a slow API call block your users.
requests.post(..., timeout=2.0)
✓ Implement Retries
Retry on 429 (rate limit) and 5xx errors with exponential backoff.
✓ Cache Results
Cache IP checks for 24 hours to reduce API calls and improve response time.
✓ Log Request IDs
Always log the X-Request-ID header for debugging and support requests.
✓ Handle Errors Gracefully
If the API is down or quota exceeded, fail open (allow the request) rather than blocking users.
