Getting Started

Complete Integration Guide

Everything you need to integrate Predax into your application, from signup to production deployment.

1

Sign Up and Get Your API Key

Create a free account at predax.io/register. You'll get 1,000 requests per day free (5,000/month) with no credit card required.

After signing up:

  1. Navigate to your dashboard
  2. Click "API Keys" in the sidebar
  3. Copy your API key (starts with prdx_...)
  4. Store it securely (environment variables, secrets manager)
2

Make Your First API Request

Test your API key with a simple cURL command. Replace YOUR_API_KEY with your actual key.

cURL Example

curl -i https://predax.io/api/v1/check/ip \
  -H "X-API-Key: YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{"ip":"8.8.8.8"}'

Python Example

import requests

response = requests.post(
    'https://predax.io/api/v1/check/ip',
    headers={'X-API-Key': 'YOUR_API_KEY'},
    json={'ip': '8.8.8.8'}
)

data = response.json()
print(f"Risk Score: {data['classification']['risk_score']}")
print(f"Risk Level: {data['classification']['risk_level']}")

Node.js Example

const response = await fetch('https://predax.io/api/v1/check/ip', {
  method: 'POST',
  headers: {
    'X-API-Key': 'YOUR_API_KEY',
    'Content-Type': 'application/json'
  },
  body: JSON.stringify({ ip: '8.8.8.8' })
});

const data = await response.json();
console.log(`Risk Score: ${data.classification.risk_score}`);
console.log(`Risk Level: ${data.classification.risk_level}`);

PHP Example

<?php
$ch = curl_init('https://predax.io/api/v1/check/ip');
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_HTTPHEADER, [
    'X-API-Key: YOUR_API_KEY',
    'Content-Type: application/json'
]);
curl_setopt($ch, CURLOPT_POSTFIELDS, json_encode(['ip' => '8.8.8.8']));

$response = curl_exec($ch);
$data = json_decode($response, true);

echo "Risk Score: " . $data['classification']['risk_score'] . "\n";
echo "Risk Level: " . $data['classification']['risk_level'] . "\n";
?>
3

Understand the Response

Every response contains rich threat intelligence data. Here are the most important fields:

Risk Score & Level

classification.risk_scoreclassification.risk_level

Score ranges from 0-100. Level is one of: very_low, low, medium, high, very_high, critical

Threat Detection Flags

classification.is_proxyclassification.is_vpnclassification.is_torclassification.is_datacenterclassification.is_crawler

Boolean flags indicating specific threat types detected

Network & Location

network.asnnetwork.as_namelocation.country_codelocation.city

Network ownership and geographic location data

Debugging & Support

meta.request_idX-Request-ID header

Use these IDs when contacting support for faster resolution

4

Monitor Your Quota Usage

Every API response includes quota headers. Use them to track usage and avoid hitting limits.

Daily Quota Headers:

X-Quota-Limit-DayYour daily limit
X-Quota-Used-TodayRequests used today
X-Quota-Remaining-TodayRequests remaining today
X-Quota-Reset-DailyNext reset timestamp

Monthly Quota Headers:

X-Quota-Limit-MonthYour monthly limit
X-Quota-Used-MonthRequests used this month
X-Quota-Remaining-MonthRequests remaining this month

Example: Reading Headers in Python

response = requests.post(...)

# Check quota before each request
remaining_today = int(response.headers.get('X-Quota-Remaining-Today', 0))
remaining_month = int(response.headers.get('X-Quota-Remaining-Month', 0))

if remaining_today < 100:
    print("Warning: Low on daily quota!")
if remaining_month < 1000:
    print("Warning: Low on monthly quota!")
5

Implement Risk-Based Logic

Use the risk score to make intelligent decisions. Here are common patterns:

Example: Tiered Response

def handle_user_action(ip_address, user_id):
    result = check_ip(ip_address)
    risk_score = result['classification']['risk_score']

    if risk_score >= 80:
        # Critical risk - block immediately
        return "BLOCK"

    elif risk_score >= 60:
        # High risk - require additional verification
        require_2fa(user_id)
        log_suspicious_activity(ip_address, risk_score)
        return "CHALLENGE"

    elif risk_score >= 40:
        # Medium risk - monitor closely
        log_for_review(ip_address, risk_score)
        return "MONITOR"

    else:
        # Low risk - allow
        return "ALLOW"

Example: Check Specific Threats

classification = result['classification']

# Block VPNs and proxies on payment pages
if classification.get('is_vpn') or classification.get('is_proxy'):
    if current_page == '/checkout':
        return redirect_to_verification()

# Allow Tor on public pages but require extra verification
if classification.get('is_tor'):
    if requires_authentication:
        require_2fa()

# Flag datacenter IPs for fraud review
if classification.get('is_datacenter'):
    flag_for_manual_review(user_id, "Datacenter IP detected")
6

Production Best Practices

Follow these guidelines for reliable production deployment:

✓ Use Timeouts

Set a 1-3 second timeout on API requests. Don't let a slow API call block your users.

requests.post(..., timeout=2.0)

✓ Implement Retries

Retry on 429 (rate limit) and 5xx errors with exponential backoff.

✓ Cache Results

Cache IP checks for 24 hours to reduce API calls and improve response time.

✓ Log Request IDs

Always log the X-Request-ID header for debugging and support requests.

✓ Handle Errors Gracefully

If the API is down or quota exceeded, fail open (allow the request) rather than blocking users.

Next Steps