Documentation
Developer docs (template)
This is a static starter docs page. Replace sample values with your real API, SDK, and security guidance.
Quickstart
Point your login subdomain to Reconis.io, then configure session handoff back to your app.
Example flow (conceptual):
1) User visits: https://login.bankname.com
2) Reconis.io validates credentials + signals
3) Reconis.io decides: allow/challenge/deny/freeze
4) On allow: redirect to https://account.bankname.com/session/handoff?token=...
Session handoff
Recommended: short-lived signed token + server-side exchange to establish a secure session.
| Claim | Description |
|---|---|
| sub | User identifier |
| iat | Issued at |
| exp | Expires (short) |
| risk | Risk score / band |
| decision | Allow / Challenge / Deny / Freeze |
SDK + APIs
Provide SDKs for common stacks (Node, Python, Java) and a REST API for events/policies.
Placeholders:
- POST /v1/decision
- POST /v1/events
- GET /v1/policies
Security
Hardened hosting, strict TLS, minimal data retention, and auditable decision trails.
TLS 1.2+ recommended
Signed token exchange
Least-privilege service accounts
Audit events
Log each attempt with a stable request ID, decision, and reason codes to support investigations.
{
"event": "login_attempt",
"request_id": "req_123",
"user_id": "u_456",
"decision": "challenge",
"risk_band": "medium",
"signals": ["ip_reputation", "device_change"],
"timestamp": "2026-01-23T12:34:56Z"
}