{"_id":"58fad9b8847ab819008a1999","parentDoc":null,"__v":0,"project":"55db8f8f1a91690d007ad975","user":"573de28a844afa29000d5c3a","version":{"_id":"55db8f901a91690d007ad978","project":"55db8f8f1a91690d007ad975","__v":17,"createdAt":"2015-08-24T21:41:36.034Z","releaseDate":"2015-08-24T21:41:36.034Z","categories":["55db8f901a91690d007ad979","55db9856b3d6540d00886426","55dc751b00a8811900c230e3","55dc766255be9f21004ee250","55dc769200a8811900c230ed","55e4c701177b6e0d003330fa","55f4915caf0bc71900a53130","55f491b2be9c2b2100f0635d","560b22739c7be70d00100bd8","57488c53e8c6a420000b729c","574cefd95953e20e00f40f9f","5798edfd7700d30e00ad250c","579ac88234b5fd0e00b9e140","57c81c6d690c200e0047b72e","57d9b8fbda17c30e003897f1","57d9b90e608ea00e00f358d8","57d9b91cda17c30e003897f4"],"is_deprecated":false,"is_hidden":false,"is_beta":false,"is_stable":true,"codename":"","version_clean":"1.0.0","version":"1.0"},"category":{"_id":"560b22739c7be70d00100bd8","pages":["560b229caf40a70d003df309","56bcb2cf9afb8b0d00d62df6"],"project":"55db8f8f1a91690d007ad975","version":"55db8f901a91690d007ad978","__v":2,"sync":{"url":"","isSync":false},"reference":false,"createdAt":"2015-09-29T23:44:51.456Z","from_sync":false,"order":6,"slug":"advanced-configurations","title":"Advanced configurations"},"githubsync":"","updates":[],"next":{"pages":[],"description":""},"createdAt":"2017-04-22T04:19:04.265Z","link_external":false,"link_url":"","sync_unique":"","hidden":false,"api":{"results":{"codes":[]},"settings":"","auth":"required","params":[],"url":""},"isReference":false,"order":7,"body":"In most cases, the IMMUNIO agent will automatically instrument your app to detect all supported threat types.\n\nIf your app uses some features or libraries that Immunio does not yet support, you can still get full protection by calling the Immunio API from your app code to provide any missing information.\n[block:api-header]\n{\n  \"title\": \"Authentication API\"\n}\n[/block]\n\nYou need to tell IMMUNIO when authentication occurs for account protection to work. Use the following methods to do so:\n\n* After a user logs in, call: immunio_login(....)\n* After a failed login attempt: immunio_failed_login(....)\n* After a user logs out: immunio_logout(....)\n* After a user account is created: immunio_account_created(....)\n* After the current user is changed (or set): immunio_set_user(....)\n* After a user requests a password reset: immunio_password_reset(....)\n* After a failed requests for resetting a password: immunio_failed_password_reset(....)\n\nEach function call accepts the following possible arguments:\n* \"username\"\n* \"username\",\"userid\"\n* [\"username\"=>\"...\",\"email\"=>\"...\",\"userid\"=>\"...\"]\n[block:callout]\n{\n  \"type\": \"info\",\n  \"title\": \"Note\",\n  \"body\": \"immunio_set_user(...) should be called on every page where user data is available, not only when authentication is performed.\"\n}\n[/block]\n\n[block:api-header]\n{\n  \"title\": \"Custom Event Reporting API\"\n}\n[/block]\nThe IMMUNIO Agent allows custom business logic events to be reported to IMMUNIO. These custom events can be used to apply custom rate limiting thresholds on business logic events, or to trigger custom alerts on the IMMUNIO dashboard.\n\n```\nimmunio_custom_event(\"event-name\", [\n  \"additional\" => \"data\",\n]);\n```\n\nIt can be used like the following example:\n\n```\nimmunio_custom_event(\"declined_creditcard_transaction\", [\n    \"transaction_id\" => transaction.id,\n    \"transaction_value\" => transaction.amount,\n]);\n```\n\nWith a custom event like this, IMMUNIO can automatically limit the number of failed payment attempts from a given IP address or user account.\n\nThere are many other examples where custom events can be used to protect your site against many forms of abuse.","excerpt":"","slug":"php-agent-api","type":"basic","title":"PHP Agent API"}
In most cases, the IMMUNIO agent will automatically instrument your app to detect all supported threat types. If your app uses some features or libraries that Immunio does not yet support, you can still get full protection by calling the Immunio API from your app code to provide any missing information. [block:api-header] { "title": "Authentication API" } [/block] You need to tell IMMUNIO when authentication occurs for account protection to work. Use the following methods to do so: * After a user logs in, call: immunio_login(....) * After a failed login attempt: immunio_failed_login(....) * After a user logs out: immunio_logout(....) * After a user account is created: immunio_account_created(....) * After the current user is changed (or set): immunio_set_user(....) * After a user requests a password reset: immunio_password_reset(....) * After a failed requests for resetting a password: immunio_failed_password_reset(....) Each function call accepts the following possible arguments: * "username" * "username","userid" * ["username"=>"...","email"=>"...","userid"=>"..."] [block:callout] { "type": "info", "title": "Note", "body": "immunio_set_user(...) should be called on every page where user data is available, not only when authentication is performed." } [/block] [block:api-header] { "title": "Custom Event Reporting API" } [/block] The IMMUNIO Agent allows custom business logic events to be reported to IMMUNIO. These custom events can be used to apply custom rate limiting thresholds on business logic events, or to trigger custom alerts on the IMMUNIO dashboard. ``` immunio_custom_event("event-name", [ "additional" => "data", ]); ``` It can be used like the following example: ``` immunio_custom_event("declined_creditcard_transaction", [ "transaction_id" => transaction.id, "transaction_value" => transaction.amount, ]); ``` With a custom event like this, IMMUNIO can automatically limit the number of failed payment attempts from a given IP address or user account. There are many other examples where custom events can be used to protect your site against many forms of abuse.