KaizoCoreKaizoCore docs

Lists

Your own block/allow/watch list, layered on top of KaizoCore's shared bad-actor registry.

Why this isn't just "view the bad-actor registry"

KaizoCore's cross-customer bad-actor registry is genuinely global — it has no per-customer visibility at all, by design. Showing it to you directly would mean showing you signal derived from other customers' traffic. Instead, Lists is your own private overlay: a block/allow/watch list scoped entirely to fingerprints you choose to act on, layered on top of (never a replacement for) the shared registry's silent background protection.

The three actions

ActionEffect on your traffic
blockAlways denies this fingerprint, regardless of the shared registry or anything else about the session.
allowExplicitly trusts this fingerprint — overrides the shared registry's flag for your traffic specifically, even if it's independently flagged elsewhere.
watchA note only. No effect on scoring — useful for tracking a fingerprint you're monitoring without acting on it yet.

Finding a fingerprint to add

Rather than requiring you to copy a raw 64-character hash from somewhere else, the dashboard's Lists page lets you search your own recent flagged decisions — by IP, country, or fired reason — and pick directly from the results. Manual hash entry is still available as a fallback.

What you'll see per entry

Alongside your own action and note, each entry shows read-only, already- anonymized context if the same fingerprint also happens to appear in the shared registry: a risk score and how many customers total have seen it. It never shows which other customers — only an aggregate count.

API

GET    /v1/lists                        # your current entries
POST   /v1/lists                        # { fingerprint_hash, action, note }
DELETE /v1/lists/{fingerprint_hash}      # removes only your own entry
GET    /v1/lists/candidates?q=&decision= # search your recent flagged sessions

DELETE never touches the shared registry — removing your own note can never affect another customer's protection from a genuinely bad actor.

On this page