Capturing the customer's IP address
You can capture the IP address of the customer who placed the order. Digital River uses this IP address to identify and prevent fraudulent activities.
Capturing the customer's IP address
To capture a customer's IP address, provide the IP address in the payload of the POST /v1/shoppers/me/carts/active
request. The Commerce API validates the format of the IP address and supports both IPv4 and IPv6 address schemes.
If the call does not include an IP address, the call will work as originally designed. Digital River will not fail the order submission.
When a request captures an ipAddress
, Digital River will use it to screen the order for fraud during submission.
IPv4 example
The following POST /v1/shoppers/me/carts/active
request uses IPv4.
You will get a 200 Successful
response.
IPv6 example
The following POST /v1/shoppers/me/carts/active
request uses IPv6.
You will get a 200 Successful
response.
Collecting the IP address through a connector
When a connector (such as WordPress Plugin, Magento Extension, Salesforce B2B Commerce App, and so on) creates a cart, the connector collects all cart required data (including the customer's IP address, if available) before calling the Cart resource. For these scenarios, the IP address should be sent in the POST /v1/shoppers/me/carts/active/submit-cart
request.
IPv4 example
The following POST /v1/shoppers/me/carts/active/submit-cart
request uses IPv4.
You will get a 200 Successful
response.
IPv6 example
The following the POST /v1/shoppers/me/carts/active/submit-cart
request uses IPv6.
You will get a 200 Successful
response.
Validating the Customer's IP address
You can validate the successful capture of a customer's IP address by using the GET v1/shoppers/me
request. In the response body, search for ipAddress
. If the value of the ipAddress
field is null, you did not send the customer's IP address. If the ipAddress
is not null, run an IP search to verify the IP address, city, and state matches the customer address in the Global Commerce order. The IP address must be the customer's IP address and not your server's IP address.
You will get a 200 Successful
response.
Validation errors
If the IP address format is incorrect (that is, not in a valid IPv4 and IPv6 format), the API response will send a 409 Conflict
error:
Last updated