# Flag Customer

## Flag or remove fraud risk for a customer

<mark style="color:blue;">`POST`</mark> `https://api.waldo.ai/flag`

#### Request Body

| Field                                        | Type    | Description                               |
| -------------------------------------------- | ------- | ----------------------------------------- |
| customerId<mark style="color:red;">\*</mark> | String  | Waldo AI customer id                      |
| flag<mark style="color:red;">\*</mark>       | Boolean | The new risk fraud status (true or false) |
| note                                         | String  | Only when `flag` is set to `true`         |

#### Headers

| Name                                            | Type   | Description                                |
| ----------------------------------------------- | ------ | ------------------------------------------ |
| Authorization<mark style="color:red;">\*</mark> | String | The token in the format `Bearer eyJhbG...` |
| Content-Type<mark style="color:red;">\*</mark>  | String | Expected type is `application/json`        |

#### Response

{% tabs %}
{% tab title="200: OK Customer Flagged" %}

```json
{
    "flagged": true,
    "status": "REJECTED",
    "externalId": "abcd-123-456-efgh",
    "customerId": "65f2ddf6cfcf6ee1fd726307",
    "uri": "https://app.waldo.ai/customers/65f2ddf6cfcf6ee1fd726307"
}
```

{% endtab %}

{% tab title="403: Forbidden Missing authorization header" %}

```json
{
  "code": "NOT_AUTHORIZED",
  "message": "Not authorized."
}
```

{% endtab %}

{% tab title="401: Unauthorized Invalid token or expired" %}

```json
{
  "code": "INVALID_TOKEN",
  "message": "Invalid token."
}
```

{% endtab %}

{% tab title="403: Forbidden Service not authorized" %}

```json
{
  "code": "NOT_AUTHORIZED",
  "message": "You are not authorized to perform this action. Please contact support for assistance."
}
```

{% endtab %}

{% tab title="403: Forbidden Inactive API key" %}

```json
{
  "code": "API_KEY_REVOKED",
  "message": "This API key has been revoked. Please visit the Waldo AI dashboard to review your API key."
}
```

{% endtab %}

{% tab title="400: Bad Request Missing query parameters" %}
The query should include at least one of the following parameters:  `customerId, flag`&#x20;

```json
{
  "code": "INVALID_QUERY",
  "message": "Invalid query."
}
```

{% endtab %}
{% endtabs %}

#### Webhooks event notification

```json
{
    "event": "flag", 
    "flag": true,
    "externalId": "abcd-123-456-efgh",
    "customerId": "<customer-id>",
    "uri": "https://app.waldo.ai/customers/<customer-id>"
}
```