Sift SDKs & Libraries: Official Integrations and Quickstart Examples

SDKs overview

Sift provides Software Development Kits (SDKs) to facilitate the integration of its fraud detection and digital trust platform into various applications. These SDKs are designed to abstract away the direct interaction with Sift's REST API, handling common tasks such as request serialization, API key authentication, and response parsing. By offering SDKs for popular server-side languages, Sift aims to reduce integration complexity and accelerate developer productivity. The primary function of these SDKs is to enable applications to send event data—such as user sign-ups, login attempts, payment transactions, and content submissions—to Sift for real-time analysis.

Integrating with Sift's SDKs typically involves configuring the SDK with your API key, constructing event objects that conform to Sift's schema, and then sending these events. Sift processes this data through its machine learning models to generate fraud scores and signals, which can then be used by the integrating application to make decisions, such as blocking a transaction, flagging an account for review, or triggering additional verification steps. The architecture supports both synchronous and asynchronous event submission, depending on the application's requirements for real-time responsiveness versus background processing efficiency. For detailed information on API basics and data formats, refer to the Sift API reference documentation.

Official SDKs by language

Sift maintains official SDKs for several server-side programming languages. These SDKs are developed and supported by Sift to ensure compatibility with the latest API versions and features. They provide idiomatic interfaces for each language, allowing developers to interact with the Sift API using familiar patterns. The table below outlines the officially supported SDKs, their respective package managers, and general installation commands.

Each SDK is designed to provide a consistent experience while respecting the conventions of its host language. For instance, the Python SDK might use named arguments for event properties, while the Java SDK would utilize builder patterns or setter methods on an event object. This approach aims to make integration feel natural for developers experienced in these environments. The specific methods and classes for interacting with the Sift API, such as sending events or retrieving scores, are detailed within each SDK's dedicated documentation section on the Sift documentation portal.

Installation

Installing Sift's official SDKs typically involves using the standard package manager for your chosen programming language. Below are detailed installation instructions for the Python and Node.js SDKs, which are among Sift's primary language examples. For other languages like Java, PHP, and Ruby, the process follows similar conventions using Maven/Gradle, Composer, and RubyGems, respectively.

Python SDK Installation

To install the Sift Python SDK, use pip, the Python package installer. Ensure you have a Python environment set up (Python 3.6+ is generally recommended for current libraries).

pip install sift

After installation, you can import the sift library into your Python scripts. This allows you to initialize the client and begin sending events. The Python SDK is a common choice for backend services and data processing pipelines that interact with Sift.

Node.js SDK Installation

For Node.js projects, the Sift SDK is available via npm, the Node.js package manager. Navigate to your project directory and run the following command:

npm install @sift/sift-api

Once installed, you can require or import the @sift/sift-api module into your Node.js application. This SDK is suitable for server-side JavaScript applications, including those built with frameworks like Express.js or NestJS, and integrates well into microservices architectures. The Node.js SDK facilitates asynchronous operations, aligning with the non-blocking nature of Node.js environments.

For detailed installation guides and specific version requirements for all supported SDKs, consult the Sift API documentation.

Quickstart example

This quickstart example demonstrates how to send a $transaction event using the Sift Python SDK. A $transaction event is a crucial signal for payment fraud prevention, providing details about a purchase, including the user involved, payment method, and item details. This example assumes you have already installed the Sift Python SDK and have your Sift API key available.

Python Quickstart: Sending a Transaction Event

First, ensure you have your Sift API key. It's recommended to store this securely, for example, as an environment variable, rather than hardcoding it directly in your application.

import sift
import os

# Initialize Sift client with your API key
# It's best practice to retrieve your API key from environment variables or a secure configuration store.
# Replace 'YOUR_API_KEY' with your actual Sift API Key.
sift.api_key = os.environ.get("SIFT_API_KEY", "YOUR_API_KEY")

def send_transaction_event():
    user_id = "some_user_id_12345"
    # Example: a transaction event with necessary details
    event = {
        "$type": "$transaction",
        "$api_key": sift.api_key,
        "$user_id": user_id,
        "$user_email": "[email protected]",
        "$transaction_id": "my_transaction_abc123",
        "$payment_method": {
            "$type": "$credit_card",
            "$card_bin": "545454",
            "$card_last4": "4242"
        },
        "$currency_code": "USD",
        "$amount": 12345, # Amount in cents
        "$billing_address": {
            "$name": "John Doe",
            "$address_1": "123 Main St",
            "$city": "Anytown",
            "$region": "NY",
            "$country": "US",
            "$zipcode": "12345"
        },
        "$shipping_address": {
            "$name": "John Doe",
            "$address_1": "123 Main St",
            "$city": "Anytown",
            "$region": "NY",
            "$country": "US",
            "$zipcode": "12345"
        },
        "$transaction_type": "$sale",
        "$status": "$success",
        "$browser": {
            "$user_agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36"
        },
        "$ip": "123.123.123.123"
    }

    try:
        response = sift.client.track(event)
        if response.is_ok():
            print(f"Transaction event sent successfully. Sift Score: {response.body.get('score', 'N/A')}")
            # You can access specific business logic details if available in the response
            # For example, rules triggered or decisions made by Sift policies.
            if 'score_response' in response.body and 'workflow_status' in response.body['score_response']:
                print(f"Workflow Status: {response.body['score_response']['workflow_status']}")
        else:
            print(f"Failed to send transaction event: {response.api_error_message}")
    except sift.client.ApiException as e:
        print(f"An API error occurred: {e}")
    except Exception as e:
        print(f"An unexpected error occurred: {e}")

if __name__ == "__main__":
    send_transaction_event()

This example demonstrates sending a basic transaction event. Sift's API supports a wide range of event types, each with its own schema designed to capture relevant data for specific fraud vectors, such as user sign-ups ($create_account), content moderation ($content), or payment declines ($transaction with $status: $failure). For a complete list of event types and their required fields, refer to the Sift Event Types documentation.

Upon receiving an event, Sift processes it and returns a response that may include a fraud score and a set of decisions based on configured rules and machine learning models. Integrating applications can then use this response to implement real-time risk management actions or queue items for manual review. This immediate feedback mechanism is a core component of Sift's value proposition for digital trust and safety, as highlighted by industry analysts like IETF's OAuth 2.0 framework, which emphasizes secure transaction processing.

Community libraries

While Sift provides official SDKs for widely used server-side languages, the open-source community may develop and maintain additional client libraries or integrations for other languages, frameworks, or specialized use cases. These community-contributed libraries are not officially supported or maintained by Sift, but they can offer alternatives for developers working in environments not covered by official SDKs.

Developers often find community libraries by searching package repositories like GitHub, GitLab, or language-specific registries (e.g., PyPI, npm, Maven Central, Packagist, RubyGems) for packages related to "Sift" or "Sift Science API." When considering a community library, it is important to evaluate its:

• Maintenance Status: Is the library actively maintained and updated to support the latest Sift API versions?
• Documentation: Is there clear and comprehensive documentation for installation, usage, and error handling?
• Community Support: Is there an active community or repository where issues are addressed and questions are answered?
• Security Practices: Does the library follow secure coding practices and handle sensitive data (like API keys) appropriately?
• API Coverage: Does the library cover all the Sift API endpoints and event types you need for your integration?

For critical production systems, relying on officially supported SDKs is generally recommended due to guaranteed compatibility, ongoing maintenance, and direct support channels. However, community libraries can be valuable for prototyping, niche integrations, or when official support for a particular language or framework is not available. Always refer to the Sift official documentation for the definitive guide on integrating with their platform and understanding API best practices.