VERTEXY
Docs

Start Here

  • Platform overview
  • Engineer quickstart
  • Analyst introduction
  • Administrator setup
  • Architecture

Integrate

  • Authentication
  • Assess transactions
  • Event ingestion
  • Signing and reliability
  • Submit feedback
  • Retries and idempotency
  • Go-live checklist

Use the Dashboard

  • Overview dashboard
  • Event Explorer
  • Graph Explorer
  • Reviews
  • Policy
  • Threat Intel

Administer

  • Onboarding
  • Developer Settings
  • Team and access
  • Permissions and features
  • Audit Logs
  • Billing and plans

Reference

  • API reference
  • API introduction
  • Objects
  • Event types
  • Risk scores and reasons
  • Errors
  • Glossary
  • Node.js examples
  • Python examples

Updates and Help

  • Changelog
  • v1.0.0 release
  • Troubleshooting
  • Support
Open Developer Settings →
VERTEXY
Docs
Docs/Reference
engineer

API Reference Introduction

How to use the VertexY API reference and what is intentionally excluded.

Reviewed 2026-06-21Product 1.1

The primary API reference now lives at Interactive API Reference. It is generated from the backend OpenAPI document and includes request schemas, response examples, and runnable client snippets.

Interactive API→

Browse the generated customer-facing OpenAPI reference.

Objects→

Review shared fields, enums, and common payload objects.

Errors→

Understand validation, auth, permission, billing, and rate-limit failures.

Public reference scope#

The public reference focuses on tenant/customer APIs used by product, engineering, and risk teams:

  • authentication and session management
  • real-time risk assessment
  • signed event ingestion
  • outcome feedback
  • reviews and graph investigation
  • policy, analytics, subscriptions, and usage where customer-facing

Superadmin, platform member management, and internal control-plane endpoints are intentionally excluded from public docs.

Base URL#

plaintext
https://api.getvertexy.com/api

Use the dashboard developer settings page for tenant-specific secrets such as webhook signing keys.

Authentication modes#

  • Bearer access tokens protect most dashboard and risk APIs.
  • Refresh tokens rotate sessions through POST /auth/refresh.
  • HMAC signatures protect POST /events/ingest.
  • Public onboarding endpoints include company registration, login, email verification, password reset, and invitation acceptance.

Next#

Open the interactive reference, then follow Quickstart to test the core request flow.

Was this page helpful?

Previous← API referenceNextObjects →

On this page

Public reference scopeBase URLAuthentication modesNext