API reference
Submit feedback
POST /v1/feedback — report a false positive or false negative against an assessment.
POST /v1/feedback lets your team report a wrong call back to ShieldSignup.
Feedback feeds the shared blocklist tuning data and improves detection for
all customers.
There is one feedback record per assessment — calling this endpoint a
second time for the same request_id updates the existing record (upsert).
Endpoint
POST https://api.shieldsignup.com/v1/feedbackAuthentication
Bearer token in the Authorization header. See
Authentication.
Request
Headers
| Header | Required | Value |
|---|---|---|
Authorization | Yes | Bearer sk_live_… or Bearer sk_test_… |
Content-Type | Yes | application/json |
Body
| Field | Type | Required | Description |
|---|---|---|---|
request_id | string | Yes | The request_id returned from POST /v1/assess. |
outcome | string | Yes | One of "false_positive" (we blocked or challenged a legitimate signup) or "false_negative" (we let a fraudulent signup through). |
note | string | No | Optional free-form context. Stored verbatim alongside the feedback record. If omitted, the feedback record is created with no note. |
{
"request_id": "req_01hw5k3mfvx8t2b4ncqw7ydpej",
"outcome": "false_positive",
"note": "QA team testing the signup flow"
}Response
HTTP/1.1 200 OK
Content-Type: application/json{
"accepted": true,
"message": "Feedback recorded. Thank you — this improves detection for everyone."
}Errors
| HTTP | error.code | Cause |
|---|---|---|
400 | missing_field | request_id is empty, outcome is missing, or outcome is not one of false_positive/false_negative, or the request_id doesn't match an assessment. |
401 | unauthorized | Missing or invalid API key. |
500 | internal_error | Database error. Retry after a short delay. |
The full error envelope is documented in Errors.