When you just start using AbuseHQ, events are assigned to cases based on the IP-address. In that starting setup, AbuseHQ is configured to use the IP address of the incoming event (or report) as the Customer Identifier.
The Inbound Processing workflow allows you to build a decision tree that uses metadata from the event to determine which customer is responsible for an event (e.g. a spam message), and to assign an identifier.
AbuseHQ provides a toolbox of “Customer Resolvers” that can extract various metadata and use it as the Customer Identifier. One of these is the API Customer Resolver. This Resolver allows you to pass information from the incoming event to a RESTful API endpoint, and return an appropriate identifier based on that information.
A common use-case for the API resolver is to pass in IP Address and the Event Timestamp to look up the customer that a dynamic IP address was assigned to at the time of the event.
To configure an API Resolver, click the “Action” button in an Inbound Processing workflow item, and select the “Resolver” item type, and fill in the name and description.
Next, provide the endpoint details, including authentication credentials, for your API endpoint:
You can add multiple parameter keys that your endpoint will use to determine the Customer Identifier to return.
See also: “What information should an API Customer Resolver Return?”
Note:
Your endpoint should generally be capable of understanding URL-encoded field values for Customer Resolver Requests and treat most values as strings.
Date, DateTime, and Timestamp fields will be formatted as ISO8601 timestamps with the following format: [YYYY]-[MM]-[DD]T[hh]:[mm]:[ss]Z (which is in the UTC timezone).