# Capturing the customer's IP address Capturing a customer's IP address is essential for assessing and preventing fraud in online transactions. Including the IP address in API requests allows merchants to use robust fraud prevention tools, enhancing the security of the online shopping experience. ## Updating the customer's IP address in the cart Updating the customer's IP address in their cart is crucial in enhancing online transaction security. By accurately recording the IP address, merchants can better use fraud prevention tools to safeguard against unauthorized activities. This guide walks you through the steps to capture and use a customer's IP address within the Commerce API, ensuring a more secure and reliable shopping experience. To capture a customer's IP address: 1. Ensure you obtain your access token during cart creation. For instructions on generating the access token, refer to [Creating a cart](/commerce-api/shopper-apis/cart/creating-or-updating-a-cart.md#creating-a-cart). 2. Issue a [`POST /v1/shoppers/me/carts/active`](https://docs.digitalriver.com/commerce-api-references/shopper-apis/cart/carts#v1-shoppers-me-carts-active-1) request. Substitute `{Your_API_Key}` with your API key and add the `{ipAddress}` field to the payload. The API will check the IP address format and employ it for fraud detection. If not included, the API will proceed with the request. The Commerce API supports both IPv4 and IPv6 address formats. When an `ipAddress` is captured in a request, Digital River will use it for fraud screening when the order is submitted. ### IPv4 example The following example shows how to issue a [`POST /v1/shoppers/me/carts/active`](https://docs.digitalriver.com/commerce-api-references/shopper-apis/cart/carts#v1-shoppers-me-carts-active-1) request using the cURL command-line tool to add a customer's IP address in [IPv4](https://en.wikipedia.org/wiki/Internet_Protocol_version_4) address format to the active cart. This action tracks the customer's activity, aiding in fraud prevention efforts. {% tabs %} {% tab title="cURL" %} ```http curl --location -g --request POST 'https://api.digitalriver.com/v1/shoppers/me/carts/active' \ --header 'Authorization: Basic {Your_API_Key}' \ ... --data-raw '{ “cart”:{ “ipAddress”: “192.16.1.1” } }' ``` {% endtab %} {% endtabs %} You will get a `200 Successful` response. ### IPv6 example In this example, we show how to issue a [`POST /v1/shoppers/me/carts/active`](https://docs.digitalriver.com/commerce-api-references/shopper-apis/cart/carts#v1-shoppers-me-carts-active-1) request using the cURL command-line tool to add a customer's IP address in [IPv6](https://en.wikipedia.org/wiki/IPv6) address format to the active cart. This step is essential for tracking customer activities and preventing fraudulent transactions. {% tabs %} {% tab title="cURL" %} ```http curl --location -g --request POST ' https://api.digitalriver.com/v1/shoppers/me/carts/active' \ --header 'Authorization: Basic {Your_API_Key}' \ ... --data-raw '{ “cart”:{ “ipAddress”:“2001:0000:3238:DFE1:63::FEFB” } }' ``` {% endtab %} {% endtabs %} You will get a `200 Successful` response. ## Collecting the IP address through a connector When using a connector (WordPress Plugin, Magento Extension, Salesforce B2B Commerce App, etc.), the connector gathers all required cart data, including the customer's IP address, before calling the [Cart](https://www.digitalriver.com/docs/commerce-api-reference/#tag/Apply-Shopper) resource. In these cases, the IP address should be sent in the [`POST /v1/shoppers/me/carts/active/submit-cart`](https://docs.digitalriver.com/commerce-api-references/shopper-apis/cart/submit-a-cart#v1-shoppers-me-carts-active-submit-cart) request. ### IPv4 example The following example shows how to issue a [`POST /v1/shoppers/me/carts/active/submit-cart`](https://docs.digitalriver.com/commerce-api-references/shopper-apis/cart/submit-a-cart#v1-shoppers-me-carts-active-submit-cart) request to add the customer's n [IPv4](https://en.wikipedia.org/wiki/Internet_Protocol_version_4) address in the request payload to submit the cart successfully. {% tabs %} {% tab title="cURL" %} ```http curl --location -g --request POST ' https://api.digitalriver.com/v1/shoppers/me/carts/active/submit-cart' \ --header 'Authorization: Basic {Your_API_Key}' \ ... --data-raw '{ "cart": { "ipAddress":"192.179.12.1" } }' ``` {% endtab %} {% endtabs %} You will get a `200 Successful` response. ### IPv6 example The following example shows how to issue a [`POST /v1/shoppers/me/carts/active/submit-cart`](https://docs.digitalriver.com/commerce-api-references/shopper-apis/cart/submit-a-cart#v1-shoppers-me-carts-active-submit-cart) request to add the customer's [IPv6](https://en.wikipedia.org/wiki/IPv6) address in the request payload to submit the cart successfully. {% tabs %} {% tab title="cURL" %} ```http curl --location -g --request POST ' https://api.digitalriver.com/v1/shoppers/me/carts/active/submit-cart' \ --header 'Authorization: Basic {Your_API_Key}' \ --header 'Content-Type: applicati0n/json' ... --data-raw '{ "cart": { "ipAddress":"2001:0000:3238:DFE1:63::FEFB" } }' ``` {% endtab %} {% tab title="Payload" %} {% code overflow="wrap" %} ```json { "cart": { "ipAddress":"2001:0000:3238:DFE1:63::FEFB" } } ``` {% endcode %} {% endtab %} {% endtabs %} You will get a `200 Successful` response. ## Validating the Customer's IP address Validating the customer's IP address is essential to ensure the security and accuracy of your transactions. This process helps confirm that the IP address captured during the shopping session accurately corresponds to the customer's details. Follow the steps outlined below to validate the customer's IP address effectively. To validate the customer's IP address, follow these steps: 1. Issue a [`GET v1/shoppers/me`](https://docs.digitalriver.com/commerce-api-references/shopper-apis/shoppers/shoppers#v1-shoppers-me) request to retrieve shopper details. 2. In the response, locate the `ipAddress` field to confirm the captured IP address. 3. If the `ipAddress` field is null, no IP address needs verification. 4. If the `ipAddress` field is not null, verify that the IP address, city, and state match the customer's address in the Global Commerce order. 5. Ensure the IP address is the customer's IP address, not your server's. You should receive a `200 Successful` response if the validation is correct. {% tabs %} {% tab title="cURL" %} ```http curl --location -g --request GET' https://api.digitalriver.com/v1/shoppers/me ' \ --header 'Authorization: Basic {Your_API_Key}' \ --header 'Content-Type: applicati0n/json' ... --data-raw '{ "shopper": { "uri": "http://api.digitalriver.digitalriver.com/v1/shoppers/me", "id": 495796950789, "username": "myu_external", "externalReferenceId": "myu_external@digitalriver.com", "firstName": "Marc", "lastName": "Yu", "emailAddress": "myu_external@digitalriver.com", "locale": "en_US", "currency": "USD", "sendMail": "false", "sendEmail": "false", "ipAddress": "192.179.12.1", "paymentOptions": { "uri": "http://api.digitalriver.com/v1/shoppers/me/payment-options", "paymentOption": [ { "uri": "http://api.digitalriver.com/v1/shoppers/me/payment-options/13821416689", "id": 13821416689, "nickName": "default", "isDefault": "false", "type": "CreditCardMethod", "creditCard": { "expirationMonth": 12, "expirationYear": 2022, "issueCode": null, "startMonth": null, "startYear": null, "displayableNumber": "************1111", "type": "visa", "displayName": "Visa" } } ] }, "addresses": { "uri": "http://api.digitalriver.com/v1/shoppers/me/addresses" }, "orders": { "uri": "http://api.digitalriver.com/v1/shoppers/me/orders" }, "subscriptions": { "uri": "http://api.digitalriver.com/v1/shoppers/me/subscriptions" } }' ``` {% endtab %} {% endtabs %} You will get a `200 Successful` response. ## Validation errors If the IP address format is incorrect (that is, not in a valid IPv4 and IPv6 format), the API response will send a `409 Conflict` error: ![409 Conflict error](/files/-M28gjxLy4Ws0SMDqcgU) --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.digitalriver.com/commerce-api/shopper-apis/cart/creating-or-updating-a-cart/shopper-ip-address.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.