@fingerprintjs/fingerprintjs-pro-server-api
Advanced tools
Node.js wrapper for FingerprintJS Sever API
Fingerprint is a device intelligence platform offering 99.5% accurate visitor identification.
The Fingerprint Server Node SDK is an easy way to interact with the Fingerprint Server API from your Node application. You can retrieve visitor history or individual identification events.
TypeScript support:
Supported runtimes:
Node.js 18 LTS or higher (we support all Node LTS releases before end-of-life).
Deno and Bun might work but are not actively tested.
"Edge" runtimes might work with some modifications but are not actively tested.
This SDK can be made compatible with JavaScript "edge" runtimes that do not support all Node APIs, for example, Vercel Edge Runtime, or Cloudflare Workers.
To make it work, replace the SDK's built-in fetch function (which relies on Node APIs) with the runtime's native fetch function. Pass the function into the constructor with proper binding:
const client = new FingerprintJsServerApiClient({
region: Region.EU,
apiKey: apiKey,
fetch: fetch.bind(globalThis),
})
Install the package using your favorite package manager:
NPM:
npm i @fingerprintjs/fingerprintjs-pro-server-api
Yarn:
yarn add @fingerprintjs/fingerprintjs-pro-server-api
pnpm:
pnpm i @fingerprintjs/fingerprintjs-pro-server-api
Initialize the client instance and use it to make API requests. You need to specify your Fingerprint Secret API key and the region of your Fingerprint application.
import {
FingerprintJsServerApiClient,
Region,
} from '@fingerprintjs/fingerprintjs-pro-server-api'
const client = new FingerprintJsServerApiClient({
apiKey: '<SECRET_API_KEY>',
region: Region.Global,
})
// Get visit history of a specific visitor
client.getVisitorHistory('<visitorId>').then((visitorHistory) => {
console.log(visitorHistory)
})
// Get a specific identification event
client.getEvent('<requestId>').then((event) => {
console.log(event)
})
See the Examples folder for more detailed examples.
The Server API methods can throw RequestError.
When handling errors, you can check for it like this:
import {
RequestError,
FingerprintJsServerApiClient,
TooManyRequestsError,
} from '@fingerprintjs/fingerprintjs-pro-server-api'
const client = new FingerprintJsServerApiClient({
apiKey: '<SECRET_API_KEY>',
region: Region.Global,
})
// Handling getEvent errors
try {
const event = await client.getEvent(requestId)
console.log(JSON.stringify(event, null, 2))
} catch (error) {
if (error instanceof RequestError) {
console.log(error.responseBody) // Access parsed response body
console.log(error.response) // You can also access the raw response
console.log(`error ${error.statusCode}: `, error.message)
} else {
console.log('unknown error: ', error)
}
}
// Handling getVisitorHistory errors
try {
const visitorHistory = await client.getVisitorHistory(visitorId, {
limit: 10,
})
console.log(JSON.stringify(visitorHistory, null, 2))
} catch (error) {
if (error instanceof RequestError) {
console.log(error.status, error.error)
if (error instanceof TooManyRequestsError) {
retryLater(error.retryAfter) // Needs to be implemented on your side
}
} else {
console.error('unknown error: ', error)
}
// You can also check for specific error instance
// if(error instanceof VisitorsError403) {
// Handle 403 error...
// }
}
When handling Webhooks coming from Fingerprint, you can cast the payload as the built-in VisitWebhook type:
import { VisitWebhook } from '@fingerprintjs/fingerprintjs-pro-server-api'
const visit = visitWebhookBody as unknown as VisitWebhook
Customers on the Enterprise plan can enable Webhook signatures to cryptographically verify the authenticity of incoming webhooks. This SDK provides a utility method for verifying the HMAC signature of the incoming webhook request.
To learn more, see example/validateWebhookSignature.mjs or read the API Reference.
Customers on the Enterprise plan can enable Sealed results to receive the full device intelligence result on the client and unseal it on the server. This SDK provides utility methods for decoding sealed results.
To learn more, see example/unsealResult.mjs or the API Reference.
Customers on the Enterprise plan can Delete all data associated with a specific visitor to comply with privacy regulations. See example/deleteVisitor.mjs or the API Reference.
See the full API reference.
To report problems, ask questions, or provide feedback, please use Issues. If you need private support, you can email us at oss-support@fingerprint.com.
This project is licensed under the MIT license.
6.0.0
The underlying Server API hasn’t changed, but we made SDK type and class generation more precise, resulting in small breaking changes for the SDK itself. This change should make the SDK API a lot more stable going forward
EventUpdateRequest type to EventsUpdateRequest (54b92b2)BrowserDetails field botProbability.IdentificationConfidence field score type format: float -> double.RawDeviceAttributeError field name optional .RawDeviceAttributeError field message optional .EventsResponse field error.
ErrorResponse model.HighActivity field dailyRequests type format: number -> int64.Tampering field anomalyScore type format: double.Webhook fields optional: visitorId, visitorFound, firstSeenAt, lastSeenAt, browserDetails, incognito.WebhookClonedApp field result optional.WebhookDeveloperTools field result optional.WebhookEmulator field result optional.WebhookFactoryReset fields time and timestamp optional.WebhookFrida field result optional.WebhookHighActivity field dailyRequests type format: number -> int64.WebhookIPBlocklist fields result and details optional.WebhookJailbroken field result optional.WebhookLocationSpoofing field result optional.WebhookPrivacySettings field result optional.WebhookProxy field result optional.WebhookRemoteControl field result optional.WebhookRootApps field result optional.WebhookSuspectScore field result optional.WebhookTampering fields result, anomalyScore and antiDetectBrowser optional.WebhookTampering field anomalyScore type format: double.WebhookTor field result optional.WebhookVelocity fields optional: distinctIp, distinctLinkedId, distinctCountry, events, ipEvents, distinctIpByLinkedId, distinctVisitorIdByLinkedId.WebhookVirtualMachine field result optional.WebhookVPN fields optional: result, confidence, originTimezone, methods. (68b89bf)BotdResult -> Botd.BotdDetectionResult -> BotdBot:
result type as BotdBotResult.ClonedAppResult -> ClonedApp.DeveloperToolsResult -> DeveloperTools.EmulatorResult -> Emulator.ErrorCommon403Response, ErrorCommon429Response, ErrorEvent404Response, TooManyRequestsResponse, ErrorVisits403, ErrorUpdateEvent400Response, ErrorUpdateEvent409Response, ErrorVisitor400Response, ErrorVisitor404Response, IdentificationError, ProductError.ErrorResponse and ErrorPlainResponse.
ErrorPlainResponse has a different format { "error": string } and it is used only in GET /visitors.error type as Error.error.code type as ErrorCode.EventResponse -> EventsGetResponse.EventUpdateRequest -> EventsUpdateRequest.FactoryResetResult -> FactoryReset.FridaResult -> Frida.IPLocation -> Geolocation:
IPLocationCity -> GeolocationCity.subdivisions type as GeolocationSubdivisions.Location -> GeolocationContinent:GeolocationCountry.Subdivision -> GeolocationSubdivision.HighActivityResult -> HighActivity.Confidence -> IdentificationConfidence.SeenAt -> IdentificationSeenAt.IncognitoResult -> Incognito.IpBlockListResult -> IPBlocklist:
details type as IPBlocklistDetails.IpInfoResult -> IPInfo:
IpInfoResultV4 -> IPInfoV4.IpInfoResultV6 -> IPInfoV6.ASN -> IPInfoASN.DataCenter -> IPInfoDataCenter.JailbrokenResult -> Jailbroken.LocationSpoofingResult -> LocationSpoofing.PrivacySettingsResult -> PrivacySettings.ProductsResponse -> Products:
ProductsResponseIdentification -> ProductIdentification, ProductsResponseIdentificationData -> Identification, ProductsResponseBotd -> ProductBotd, SignalResponseRootApps -> ProductRootApps, SignalResponseEmulator -> ProductEmulator, SignalResponseIpInfo -> ProductIPInfo, SignalResponseIpBlocklist -> ProductIPBlocklist, SignalResponseTor -> ProductTor, SignalResponseVpn -> ProductVPN, SignalResponseProxy -> ProductProxy, ProxyResult -> Proxy, SignalResponseIncognito -> ProductIncognito, SignalResponseTampering -> ProductTampering, SignalResponseClonedApp -> ProductClonedApp, SignalResponseFactoryReset -> ProductFactoryReset, SignalResponseJailbroken -> ProductJailbroken, SignalResponseFrida -> ProductFrida, SignalResponsePrivacySettings -> ProductPrivacySettings, SignalResponseVirtualMachine -> ProductVirtualMachine, SignalResponseRawDeviceAttributes -> ProductRawDeviceAttributes, RawDeviceAttributesResultValue -> RawDeviceAttributes, SignalResponseHighActivity -> ProductHighActivity, SignalResponseLocationSpoofing -> ProductLocationSpoofing, SignalResponseSuspectScore -> ProductSuspectScore, SignalResponseRemoteControl -> ProductRemoteControl, SignalResponseVelocity -> ProductVelocity, SignalResponseDeveloperTools -> ProductDeveloperTools.identification.data type as Identification.RawDeviceAttributesResult -> RawDeviceAttributes:
RawDeviceAttribute.error type as RawDeviceAttributeError.RemoteControlResult -> RemoteControl.RootAppsResult -> RootApps.SuspectScoreResult -> SuspectScore.Tag.TamperingResult -> Tampering.TorResult -> Tor.VelocityResult -> Velocity:
VelocityIntervals -> VelocityData.VelocityIntervalResult -> VelocityIntervals.VirtualMachineResult -> VirtualMachine.Visit field ipLocation type DeprecatedIPLocation -> DeprecatedGeolocation.
DeprecatedIPLocationCity use common GeolocationCityResponse -> VisitorsGetResponse.
ResponseVisitsVpnResult -> VPN.
confidence type as VPNConfidence.methods type as VPNMethods.WebhookVisit -> Webhook.
WebhookRootApps, WebhookEmulator, WebhookIPInfo, WebhookIPBlocklist, WebhookTor, WebhookVPN, WebhookProxy, WebhookTampering, WebhookClonedApp, WebhookFactoryReset, WebhookJailbroken, WebhookFrida, WebhookPrivacySettings, WebhookVirtualMachine, WebhookRawDeviceAttributes, WebhookHighActivity, WebhookLocationSpoofing, WebhookSuspectScore, WebhookRemoteControl, WebhookVelocity, WebhookDeveloperTools. (68b89bf)isEventError, isUpdateEventError, etc. (a17b73f)TooManyRequestsError and RequestError (6f4076e)VisitWebhook type to Webhook (980bab0)ipEvents, distinctIpByLinkedId, and distinctVisitorIdByLinkedId fields to the velocity Smart Signal. (68b89bf)GeolocationCity field name required.GeolocationSubdivision field isoCode required.GeolocationSubdivision field name required.IPInfoASN field name required .IPInfoDataCenter field name required.IdentificationConfidence field comment.Botd field meta.Identification field components.VPN field originCountry required.Visit field components.Webhook field components. (68b89bf)ipv4 format from ip field in Botd, Identification, Visit and Webhook models. (b707bfa)FAQs
Node.js wrapper for FingerprintJS Sever API
The npm package @fingerprintjs/fingerprintjs-pro-server-api receives a total of 7,203 weekly downloads. As such, @fingerprintjs/fingerprintjs-pro-server-api popularity was classified as popular.
We found that @fingerprintjs/fingerprintjs-pro-server-api demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Socket's package search now displays weekly downloads for npm packages, helping developers quickly assess popularity and make more informed decisions.
Security News
A Stanford study reveals 9.5% of engineers contribute almost nothing, costing tech $90B annually, with remote work fueling the rise of "ghost engineers."
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.