浏览器指纹风控 API 接入文档browser-fingerprint
接收前端 SDK 采集的浏览器指纹(UA / Canvas / WebGL / 字体 / 时区 / 硬件 / WebDriver / 自动化标记等 20+ 维度),综合 9 类规则输出 0-100 风险评分、等级(safe/low/medium/high/critical)、命中的风险因子和异常项,识别爬虫、Headless Chrome、Selenium、虚拟机等异常环境。
1. 基本信息
| 接口地址 | https://v1.apizero.cn/api/browser-fingerprint |
|---|---|
| 请求方法 | POST |
| 分类 | dev |
| 提供方 | 极数本源 |
| 计费模式 | 免费试用 |
| 单次消耗 | 0 积分 |
| 起步价 | — |
| QPS 限制 | 5 req/s |
| 每日免费额度 | 200 次(已认证用户) |
| 匿名每日额度 | 50 次(无 API Key) |
| VIP 免费 | 否 |
| 调用次数 |
2. 认证
匿名可调用:QPS 1 / 每日 50 次。登录用户:QPS 5 / 每日 200 次。建议生产环境配 API Key 防滥用。
获取 API Key:登录 https://apizero.cn/account/keys
3. 请求参数
| 参数名 | 类型 | 必填 | 说明 | 示例 |
|---|---|---|---|---|
ua | string | 是 | navigator.userAgent | Mozilla/5.0 ... |
platform | string | 否 | navigator.platform | — |
language | string | 否 | 主语言(如 zh-CN) | — |
timezone | string | 否 | IANA 时区(如 Asia/Shanghai) | — |
timezoneOffset | number | 否 | getTimezoneOffset(),分钟 | — |
screenWidth | number | 否 | screen.width | — |
screenHeight | number | 否 | screen.height | — |
colorDepth | number | 否 | screen.colorDepth | — |
pixelRatio | number | 否 | devicePixelRatio | — |
hardwareConcurrency | number | 否 | navigator.hardwareConcurrency | — |
deviceMemory | number | 否 | navigator.deviceMemory(GB) | — |
maxTouchPoints | number | 否 | navigator.maxTouchPoints | — |
canvasHash | string | 否 | Canvas 指纹哈希 | — |
webglVendor | string | 否 | WebGL UNMASKED_VENDOR_WEBGL | — |
webglRenderer | string | 否 | WebGL UNMASKED_RENDERER_WEBGL | — |
webglHash | string | 否 | WebGL 参数哈希 | — |
fonts | array | 否 | 检测到的字体列表 | — |
fontCount | number | 否 | 字体数量 | — |
plugins | array | 否 | 插件列表 | — |
pluginCount | number | 否 | 插件数量 | — |
webdriver | boolean | 否 | navigator.webdriver | — |
automation | array | 否 | 检测到的自动化框架(如 selenium / phantom) | — |
cookieEnabled | boolean | 否 | navigator.cookieEnabled | — |
audioHash | string | 否 | AudioContext 指纹 | — |
webrtcIPs | array | 否 | WebRTC 检测到的本机 IP | — |
storageAvailable | array | 否 | 可用的存储类型 | — |
permissions | array | 否 | 权限状态 | — |
connection | object | 否 | navigator.connection 信息 | — |
battery | object | 否 | 电池状态 | — |
4. 请求头
| Header | 类型 | 必填 | 说明 | 示例 |
|---|---|---|---|---|
Authorization | string | 否 | — | — |
Content-Type | string | 是 | — | — |
5. 请求示例
以下 5 种语言示例都是可直接运行的,只需把 YOUR_API_KEY 替换为实际 Key。
cURL
curl -X POST "https://v1.apizero.cn/api/browser-fingerprint" \
-H "X-Api-Key: YOUR_API_KEY" \
-H "Content-Type: application/json" \
-d '{
"ua": "Mozilla/5.0 ...",
"platform": "<platform>",
"language": "<language>",
"timezone": "<timezone>",
"timezoneOffset": "<timezoneOffset>",
"screenWidth": "<screenWidth>",
"screenHeight": "<screenHeight>",
"colorDepth": "<colorDepth>",
"pixelRatio": "<pixelRatio>",
"hardwareConcurrency": "<hardwareConcurrency>",
"deviceMemory": "<deviceMemory>",
"maxTouchPoints": "<maxTouchPoints>",
"canvasHash": "<canvasHash>",
"webglVendor": "<webglVendor>",
"webglRenderer": "<webglRenderer>",
"webglHash": "<webglHash>",
"fonts": "<fonts>",
"fontCount": "<fontCount>",
"plugins": "<plugins>",
"pluginCount": "<pluginCount>",
"webdriver": "<webdriver>",
"automation": "<automation>",
"cookieEnabled": "<cookieEnabled>",
"audioHash": "<audioHash>",
"webrtcIPs": "<webrtcIPs>",
"storageAvailable": "<storageAvailable>",
"permissions": "<permissions>",
"connection": "<connection>",
"battery": "<battery>"
}'Python
import requests
resp = requests.request(
"POST",
"https://v1.apizero.cn/api/browser-fingerprint",
headers={"X-Api-Key": "YOUR_API_KEY", "Content-Type": "application/json"},
json={
"ua": "Mozilla/5.0 ...",
"platform": "<platform>",
"language": "<language>",
"timezone": "<timezone>",
"timezoneOffset": "<timezoneOffset>",
"screenWidth": "<screenWidth>",
"screenHeight": "<screenHeight>",
"colorDepth": "<colorDepth>",
"pixelRatio": "<pixelRatio>",
"hardwareConcurrency": "<hardwareConcurrency>",
"deviceMemory": "<deviceMemory>",
"maxTouchPoints": "<maxTouchPoints>",
"canvasHash": "<canvasHash>",
"webglVendor": "<webglVendor>",
"webglRenderer": "<webglRenderer>",
"webglHash": "<webglHash>",
"fonts": "<fonts>",
"fontCount": "<fontCount>",
"plugins": "<plugins>",
"pluginCount": "<pluginCount>",
"webdriver": "<webdriver>",
"automation": "<automation>",
"cookieEnabled": "<cookieEnabled>",
"audioHash": "<audioHash>",
"webrtcIPs": "<webrtcIPs>",
"storageAvailable": "<storageAvailable>",
"permissions": "<permissions>",
"connection": "<connection>",
"battery": "<battery>",
},
timeout=15,
)
resp.raise_for_status()
print(resp.json())JavaScript (Node.js)
// Node.js 18+ / 浏览器原生 fetch
const res = await fetch("https://v1.apizero.cn/api/browser-fingerprint", {
method: "POST",
headers: {
"X-Api-Key": "YOUR_API_KEY",
"Content-Type": "application/json",
},
body: JSON.stringify({
"ua": "Mozilla/5.0 ...",
"platform": "<platform>",
"language": "<language>",
"timezone": "<timezone>",
"timezoneOffset": "<timezoneOffset>",
"screenWidth": "<screenWidth>",
"screenHeight": "<screenHeight>",
"colorDepth": "<colorDepth>",
"pixelRatio": "<pixelRatio>",
"hardwareConcurrency": "<hardwareConcurrency>",
"deviceMemory": "<deviceMemory>",
"maxTouchPoints": "<maxTouchPoints>",
"canvasHash": "<canvasHash>",
"webglVendor": "<webglVendor>",
"webglRenderer": "<webglRenderer>",
"webglHash": "<webglHash>",
"fonts": "<fonts>",
"fontCount": "<fontCount>",
"plugins": "<plugins>",
"pluginCount": "<pluginCount>",
"webdriver": "<webdriver>",
"automation": "<automation>",
"cookieEnabled": "<cookieEnabled>",
"audioHash": "<audioHash>",
"webrtcIPs": "<webrtcIPs>",
"storageAvailable": "<storageAvailable>",
"permissions": "<permissions>",
"connection": "<connection>",
"battery": "<battery>"
}),
});
if (!res.ok) throw new Error(`HTTP ${res.status}`);
const data = await res.json();
console.log(data);Go
package main
import (
"bytes"
"fmt"
"io"
"net/http"
)
func main() {
body := []byte(`{"ua":"Mozilla/5.0 ...","platform":"<platform>","language":"<language>","timezone":"<timezone>","timezoneOffset":"<timezoneOffset>","screenWidth":"<screenWidth>","screenHeight":"<screenHeight>","colorDepth":"<colorDepth>","pixelRatio":"<pixelRatio>","hardwareConcurrency":"<hardwareConcurrency>","deviceMemory":"<deviceMemory>","maxTouchPoints":"<maxTouchPoints>","canvasHash":"<canvasHash>","webglVendor":"<webglVendor>","webglRenderer":"<webglRenderer>","webglHash":"<webglHash>","fonts":"<fonts>","fontCount":"<fontCount>","plugins":"<plugins>","pluginCount":"<pluginCount>","webdriver":"<webdriver>","automation":"<automation>","cookieEnabled":"<cookieEnabled>","audioHash":"<audioHash>","webrtcIPs":"<webrtcIPs>","storageAvailable":"<storageAvailable>","permissions":"<permissions>","connection":"<connection>","battery":"<battery>"}`)
req, _ := http.NewRequest("POST", "https://v1.apizero.cn/api/browser-fingerprint", bytes.NewBuffer(body))
req.Header.Set("X-Api-Key", "YOUR_API_KEY")
req.Header.Set("Content-Type", "application/json")
resp, err := http.DefaultClient.Do(req)
if err != nil { panic(err) }
defer resp.Body.Close()
out, _ := io.ReadAll(resp.Body)
fmt.Println(string(out))
}PHP
<?php
$payload = json_encode([
"ua" => "Mozilla/5.0 ...",
"platform" => "<platform>",
"language" => "<language>",
"timezone" => "<timezone>",
"timezoneOffset" => "<timezoneOffset>",
"screenWidth" => "<screenWidth>",
"screenHeight" => "<screenHeight>",
"colorDepth" => "<colorDepth>",
"pixelRatio" => "<pixelRatio>",
"hardwareConcurrency" => "<hardwareConcurrency>",
"deviceMemory" => "<deviceMemory>",
"maxTouchPoints" => "<maxTouchPoints>",
"canvasHash" => "<canvasHash>",
"webglVendor" => "<webglVendor>",
"webglRenderer" => "<webglRenderer>",
"webglHash" => "<webglHash>",
"fonts" => "<fonts>",
"fontCount" => "<fontCount>",
"plugins" => "<plugins>",
"pluginCount" => "<pluginCount>",
"webdriver" => "<webdriver>",
"automation" => "<automation>",
"cookieEnabled" => "<cookieEnabled>",
"audioHash" => "<audioHash>",
"webrtcIPs" => "<webrtcIPs>",
"storageAvailable" => "<storageAvailable>",
"permissions" => "<permissions>",
"connection" => "<connection>",
"battery" => "<battery>",
], JSON_UNESCAPED_UNICODE);
$ch = curl_init("https://v1.apizero.cn/api/browser-fingerprint");
curl_setopt_array($ch, [
CURLOPT_RETURNTRANSFER => true,
CURLOPT_CUSTOMREQUEST => "POST",
CURLOPT_POSTFIELDS => $payload,
CURLOPT_HTTPHEADER => [
"X-Api-Key: YOUR_API_KEY",
"Content-Type: application/json",
],
CURLOPT_TIMEOUT => 15,
]);
$body = curl_exec($ch);
curl_close($ch);
$data = json_decode($body, true);
print_r($data);6. 响应字段
| 字段 | 类型 | 说明 | 示例 |
|---|---|---|---|
fingerprint_id | string | 指纹 ID(sha256,可作为设备标识) | — |
risk | number | 风险评分 0-100,越高越可疑 | — |
risk_level | string | 等级:safe / low / medium / high / critical | — |
risk_label | string | 中文标签 | — |
factors | array | 命中的风险因子(含 name/score/desc) | — |
anomalies | array | 检测到的异常说明 | — |
device_profile | object | 设备画像:os/browser/device_type/screen/gpu/cores/memory/fonts_count/plugins_count/touch | — |
timestamp | number | 服务端 unix 时间戳 | — |
7. 响应示例
{
"code": 0,
"msg": "成功",
"data": {
"fingerprint_id": "a1b2c3d4...",
"risk": 72,
"risk_level": "high",
"risk_label": "高风险",
"factors": [
{
"name": "webdriver",
"score": 30,
"desc": "WebDriver 标记为 true"
},
{
"name": "virtual_gpu",
"score": 15,
"desc": "WebGL 渲染器包含虚拟\/软渲染特征: SwiftShader"
}
],
"anomalies": [
"UA 声称 Windows 但 platform 不匹配"
],
"device_profile": {
"os": "Windows",
"browser": "Chrome 125",
"device_type": "Desktop",
"screen": "1920x1080",
"gpu": "ANGLE (NVIDIA, GeForce RTX 3060)",
"cores": 8,
"memory": "8GB",
"fonts_count": 42,
"plugins_count": 3,
"touch": false
},
"timestamp": 1715097600
},
"request_id": "abc123"
}8. 错误码
| code | status | 说明 |
|---|---|---|
4000 | — | 指纹数据为空 / 不是合法 JSON / 缺少 ua/canvas/platform 等关键字段 |
4029 | — | 调用过快(QPS 超限) |
4030 | — | 今日额度用完 |
9. 变更日志
- 1.0.0(2026-05-10)
- 首次上线,9 类规则 / 0-100 评分 / 设备画像 / 指纹 ID
常见问题
浏览器指纹风控 接口怎么免费使用?
未登录用户每个 IP 每天 50 次免费。登录用户创建 API Key 后每天 200 次免费,超额部分按点数计费(0 点/次)。
浏览器指纹风控 支持哪些调用方式?
接口使用 POST 请求。文档提供 cURL、Python、JavaScript (Node.js)、Go、PHP 五种语言的可运行示例。也可以下载 /openapi.json 导入 Postman / Insomnia / Apifox 反向生成 SDK。
调用不限额么? QPS 是多少?
本接口 QPS 限制 5 req/s,每个 API Key 每日免费 200 次。需要更高额度可升级 VIP 套餐或联系售后提高 QPS。
这个接口跟自己直连上游有什么区别?
极数本源 作为中间层提供:统一鉴权(一个 Key 调所有接口)、统一计费(点数制)、统一限流、统一错误码、多上游自动切换。免去逐个对接上游、维护 Key、统计调用量的运维成本。