/api/anomaly_accountsPOST https://api.Fluxrails.app/api/v1/ai/anomaly_accounts
X-Customer-Api-Id: <uuid>
X-Secret: <secret>
Content-Type: application/json
// Request Body Schema
{
"contamination": number, // expected share of anomalous accounts (0–1)
"rows": [
{
"id": "string", // unique account identifier
"features": { // any numeric or categorical metrics
"<key>": <number|string>,
…
},
"label": 0|1|null // optional ground-truth: 1=bad/bot, 0=good, null/unset=unlabeled
}
]
}
// Example Request Body
{
"contamination": 0.05,
"rows": [
{
"id": "acct-001",
"features": {
"age_days": 730,
"num_logins": 120,
"avg_txn": 45.2,
"device_os": "ios",
"2fa_enabled": 1
},
"label": 0
},
{
"id": "acct-002",
"features": {
"age_days": 14,
"num_logins": 75,
"avg_txn": 3.1,
"device_os": "android",
"2fa_enabled": 0
}
},
{
"id": "acct-003",
"features": {
"age_days": 1,
"num_logins": 350,
"avg_txn": 0.0,
"device_os": "windows",
"2fa_enabled": 0
},
"label": 1
},
{
"id": "acct-004",
"features": {
"age_days": 3,
"num_logins": 280,
"avg_txn": 999.9,
"device_os": "linux",
"2fa_enabled": 0
}
}
]
}
// Example Response Body
{
"kpi": {
"detected_pct": 75.0,
"auc": 0.6666666666666667
},
"details": [
{
"id": "acct-001",
"anomaly_score": -0.08251618866556054,
"fraud_flag": true
},
{
"id": "acct-002",
"anomaly_score": -0.08251618866556054,
"fraud_flag": true
},
{
"id": "acct-003",
"anomaly_score": -0.08251618866556054,
"fraud_flag": true
},
{
"id": "acct-004",
"anomaly_score": -0.08251618866556065,
"fraud_flag": false
}
],
"interpretation": "75.0% of records flagged by LOF. Threshold=-0.0825 (quantile 0.95)."
}
• Unsupervised anomaly detection for account-level profiles: flags the top-weird accounts based on IsolationForest, LOF, or Auto-Encoder bake-off. • `contamination` sets the expected anomaly rate and decision threshold. • Returns per-account `anomaly_score` (higher ⇒ more anomalous) and boolean `fraud_flag`. • Provides batch KPIs: `detected_pct` and optional `auc` on labeled subset. • Delivers a human-readable `interpretation` summarizing model, threshold, and flag rate.
• Stream your account-behavior metrics into this route for real-time risk triage. • Sort `details` by `anomaly_score` to prioritize suspicious accounts for your trust & safety team. • Monitor `detected_pct` drift to tune `contamination` or feature set. • Feed confirmed labels back on the next call—model selection becomes data-driven and AUC improves. • Automate review workflows or step-up authentication for high-score accounts.
← Back to all routes