Skip to main content
POST
/
phone-service
/
phoneRiskScore
Phone Risk Score
curl --request POST \
  --url https://api-umbrella.io/api/services/phone-service/phoneRiskScore \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --data '
{
  "phone": "+436501234567",
  "accountLifecycleEvent": "create",
  "externalId": "1234567890",
  "originatingIp": "192.168.1.1",
  "deviceId": "1234567890",
  "accountId": "1234567890",
  "emailAddress": "test@example.com"
}
'
import requests

url = "https://api-umbrella.io/api/services/phone-service/phoneRiskScore"

payload = {
"phone": "+436501234567",
"accountLifecycleEvent": "create",
"externalId": "1234567890",
"originatingIp": "192.168.1.1",
"deviceId": "1234567890",
"accountId": "1234567890",
"emailAddress": "test@example.com"
}
headers = {
"Authorization": "Bearer <token>",
"Content-Type": "application/json"
}

response = requests.post(url, json=payload, headers=headers)

print(response.text)
const options = {
method: 'POST',
headers: {Authorization: 'Bearer <token>', 'Content-Type': 'application/json'},
body: JSON.stringify({
phone: '+436501234567',
accountLifecycleEvent: 'create',
externalId: '1234567890',
originatingIp: '192.168.1.1',
deviceId: '1234567890',
accountId: '1234567890',
emailAddress: 'test@example.com'
})
};

fetch('https://api-umbrella.io/api/services/phone-service/phoneRiskScore', options)
.then(res => res.json())
.then(res => console.log(res))
.catch(err => console.error(err));
<?php

$curl = curl_init();

curl_setopt_array($curl, [
CURLOPT_URL => "https://api-umbrella.io/api/services/phone-service/phoneRiskScore",
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => "",
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 30,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => "POST",
CURLOPT_POSTFIELDS => json_encode([
'phone' => '+436501234567',
'accountLifecycleEvent' => 'create',
'externalId' => '1234567890',
'originatingIp' => '192.168.1.1',
'deviceId' => '1234567890',
'accountId' => '1234567890',
'emailAddress' => 'test@example.com'
]),
CURLOPT_HTTPHEADER => [
"Authorization: Bearer <token>",
"Content-Type: application/json"
],
]);

$response = curl_exec($curl);
$err = curl_error($curl);

curl_close($curl);

if ($err) {
echo "cURL Error #:" . $err;
} else {
echo $response;
}
package main

import (
"fmt"
"strings"
"net/http"
"io"
)

func main() {

url := "https://api-umbrella.io/api/services/phone-service/phoneRiskScore"

payload := strings.NewReader("{\n \"phone\": \"+436501234567\",\n \"accountLifecycleEvent\": \"create\",\n \"externalId\": \"1234567890\",\n \"originatingIp\": \"192.168.1.1\",\n \"deviceId\": \"1234567890\",\n \"accountId\": \"1234567890\",\n \"emailAddress\": \"test@example.com\"\n}")

req, _ := http.NewRequest("POST", url, payload)

req.Header.Add("Authorization", "Bearer <token>")
req.Header.Add("Content-Type", "application/json")

res, _ := http.DefaultClient.Do(req)

defer res.Body.Close()
body, _ := io.ReadAll(res.Body)

fmt.Println(string(body))

}
HttpResponse<String> response = Unirest.post("https://api-umbrella.io/api/services/phone-service/phoneRiskScore")
.header("Authorization", "Bearer <token>")
.header("Content-Type", "application/json")
.body("{\n \"phone\": \"+436501234567\",\n \"accountLifecycleEvent\": \"create\",\n \"externalId\": \"1234567890\",\n \"originatingIp\": \"192.168.1.1\",\n \"deviceId\": \"1234567890\",\n \"accountId\": \"1234567890\",\n \"emailAddress\": \"test@example.com\"\n}")
.asString();
require 'uri'
require 'net/http'

url = URI("https://api-umbrella.io/api/services/phone-service/phoneRiskScore")

http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true

request = Net::HTTP::Post.new(url)
request["Authorization"] = 'Bearer <token>'
request["Content-Type"] = 'application/json'
request.body = "{\n \"phone\": \"+436501234567\",\n \"accountLifecycleEvent\": \"create\",\n \"externalId\": \"1234567890\",\n \"originatingIp\": \"192.168.1.1\",\n \"deviceId\": \"1234567890\",\n \"accountId\": \"1234567890\",\n \"emailAddress\": \"test@example.com\"\n}"

response = http.request(request)
puts response.read_body
{
  "status": true,
  "data": {
    "referenceId": "3661FDC7EAA8111C93048FA6FB8C300C",
    "externalId": null,
    "status": {
      "updatedOn": "2025-08-06T12:53:53.082687Z",
      "code": 300,
      "description": "Transaction successfully completed"
    },
    "numbering": {
      "original": {
        "completePhoneNumber": "+436501234567",
        "countryCode": "43",
        "phoneNumber": "6501234567"
      },
      "cleansing": {
        "call": {
          "countryCode": "43",
          "phoneNumber": "6501234567",
          "cleansedCode": 100,
          "minLength": 7,
          "maxLength": 13
        },
        "sms": {
          "countryCode": "43",
          "phoneNumber": "6501234567",
          "cleansedCode": 100,
          "minLength": 7,
          "maxLength": 13
        }
      }
    },
    "riskInsights": {
      "status": 800,
      "category": [
        10010
      ],
      "a2P": [
        22001,
        20011,
        20101
      ],
      "p2P": [
        30201
      ],
      "numberType": [],
      "ip": [],
      "email": []
    },
    "phoneType": {
      "code": "2",
      "description": "MOBILE"
    },
    "location": {
      "city": "Countrywide",
      "state": null,
      "zip": null,
      "metroCode": null,
      "county": null,
      "country": {
        "name": "Austria",
        "iso2": "AT",
        "iso3": "AUT"
      },
      "coordinates": {
        "latitude": null,
        "longitude": null
      },
      "timeZone": {
        "name": null,
        "utcOffsetMin": "+1",
        "utcOffsetMax": "+1"
      }
    },
    "carrier": {
      "name": "T-Mobile Austria GmbH"
    },
    "blocklisting": {
      "blocked": false,
      "blockCode": 0,
      "blockDescription": "Not blocked"
    },
    "risk": {
      "level": "medium-low",
      "recommendation": "allow",
      "score": 301
    }
  }
}
{
"message": "Invalid request payload"
}
{
"message": "Unauthorized request"
}
{
"message": "Journey not found"
}
{
"error": "Too Many Requests",
"message": "Rate limit exceeded.",
"code": "429"
}
{
"message": "Internal Server Error"
}
{
"error": "Service Unavailable",
"message": "Service is unavailable.",
"code": "503"
}
For a usage description of the Phone Risk Score Service, please refer to the Phone Risk Score page.

Endpoint

POST /phone-service/phoneRiskScore

Swagger

Authorizations

Authorization
string
header
required

Bearer token obtained from POST /auth. Valid for 60 minutes.

Body

application/json
phoneNumber
string
required

The phone number to check, including country code (E.164).

Example:

"+436501234567"

accountLifecycleEvent
enum<string>
required

The action being evaluated.

Available options:
create,
sign-in,
transact,
update,
delete
Example:

"create"

externalId
string

Customer-generated ID echoed in the response.

Example:

"1234567890"

originatingIp
string

End user's IP address (IPv4 or IPv6). Do not send your server IP.

Example:

"192.168.1.1"

deviceId
string

Case-sensitive device ID.

Example:

"1234567890"

accountId
string

Case-sensitive account ID.

Example:

"1234567890"

emailAddress
string

Case-sensitive email address.

Example:

"test@example.com"

Response

Successfully retrieved phone risk score.

status
boolean
required

Indicates if the API request was successful.

data
object
required