M
API Matrix

Application Environment Verification API

Security / API Key Intermediate HTTPS CORS
Varies by plan (check documentation)
82 Score
Grade A
Visit Official Site Compare Alternatives

Overview

Application Environment Verification (AEV) is an Android library and API from FingerprintJS that checks whether a user device is safe to use. It detects rooted devices, emulators, and other risk signals that could indicate fraud or tampering. Developers use it to enforce security policies before granting access to sensitive app features.

💡

Beginner Tip

Start by integrating the Android SDK into your app first — the API works alongside the library to verify results server-side. Always validate device signals on your backend rather than trusting the client alone.

Available Data

Application Environment Verification data via REST API
JSON-formatted response data
Requires API key authentication

Example Response

JSON Response 
{
  "title": "The Great Gatsby",
  "authors": [
    "F. Scott Fitzgerald"
  ],
  "publishedDate": "1925-04-10",
  "pageCount": 218,
  "categories": [
    "Fiction"
  ],
  "imageLinks": {
    "thumbnail": "https://books.google.com/..."
  },
  "averageRating": 4
}

Field Reference

isRooted True if the device appears to be rooted or jailbroken.
isEmulator True if the app is running inside an emulator rather than a real device.
riskLevel Overall device risk assessment: low, medium, or high.
requestId Unique ID for this verification request, useful for support and auditing.

Implementation Example 

const url = "https://github.com/fingerprintjs/aev";
// Replace headers or query params with the values required by this API.
const response = await fetch(url, {
  headers: {
  "X-API-Key": "YOUR_API_KEY"
  }
});
if (!response.ok) throw new Error(`Request failed: ${response.status}`);
const data = await response.json();
console.log(data);

What Can You Build?

Note: These code examples are AI-generated and unverified. Always refer to the official API documentation for accurate usage.

Common Errors & Troubleshooting

401 Unauthorized Missing or invalid API key in the request header.
Include your API key in the Authorization header as Bearer YOUR_API_KEY.
Device token expired The verification token generated by the SDK has a short TTL.
Re-request a fresh device token from the SDK immediately before sending it to your server.
SDK integration mismatch The server-side API version does not match the Android SDK version in use.
Check the FingerprintJS changelog and ensure your SDK and API versions are compatible.

Matrix Score Breakdown

🌐 Reachability 30/30
⚡ Speed 10/20
🔒 Security 15/15
🛠 Developer XP 17/20
✓ Reliability 10/15

Partially tested on Apr 5, 2026

Technical Specifications

Auth API Key
HTTPS REQUIRED
CORS YES
Category Security
Difficulty Intermediate
Verified: 2026-04-04

Similar APIs

View All →

BinaryEdge

82

BinaryEdge is a cybersecurity platform that continuously scans the entire internet and exposes the results through its API.

API Key Intermediate HTTPS

Botd

82

Botd is an open-source JavaScript library and API from FingerprintJS that detects whether a web visitor is a bot or a real human browser.

API Key Intermediate HTTPS

Bugcrowd

72

The Bugcrowd API gives you programmatic access to your organization's bug bounty program data, including submissions, rewards, and researcher profiles.

API Key Intermediate HTTPS

Censys

44

Censys is an internet-wide scanning platform that lets you search for any internet-connected host, device, or certificate using its REST API.

API Key Intermediate HTTPS

Complete Criminal Checks

82

Complete Criminal Checks provides a REST API to search for criminal offense records across all U.S.

API Key Intermediate HTTPS