# Order Risk

        <p>The Order Risk resource allows you to create, retrieve, update, and delete order risks. Order risks represent the results of fraud checks that have been completed for an order.</p>
        <h4>Usage notes</h4>
        <aside class="note caution">
        <h4>Caution</h4>
        <p>As of version 2024-04 this resource is deprecated. Risk Assessments can be queried via the
        <a href="https://shopify.dev/docs/api/admin-graphql/2024-04/objects/OrderRiskAssessment">Order Risk Assessment API</a>.
        </p>
      </aside>
        <ul>
          <li>
          This resource is deprecated in version 2024-04. Please refer to the GraphQL api for
          <a href="https://shopify.dev/docs/api/admin-graphql/2024-04/objects/Order#field-order-risk">Order#field-order-risk</a>
          </li>
          <li>When determining an order's risk level, Shopify takes into account only those order risks that have the display property set to <code>true</code>. Orders with a display set to <code>false</code> will not be returned through the Order Risk resource. It's not advised to create order risks with a display set to <code>false</code>. This property might be removed in future API versions.</li>
          <li>Risk assessments will favor the most severe risk recommendation for an order. Keep this in mind when creating new order risks.</li>
        </ul>

## Resource Properties

### Order Risk

* cause_cancel:           Whether this order risk is severe enough to force the cancellation of the order. If <code>true</code>, then this order risk is included in the <strong>Order canceled</strong> message that's shown on the details page of the canceled order.
          <p><strong>Note:</strong> Setting this property to <code>true</code> does not cancel the order. Use this property only if your app automatically cancels the order using the <a href="/docs/admin-api/rest/reference/orders/order/#cancel-{{ current_version }}">Order</a> resource. If your app doesn't automatically cancel orders based on order risks, then leave this property set to <code>false</code>.</p>

  * Type: x-string
  * Example: false
* checkout_id: The ID of the checkout that the order risk belongs to.
  * Type: x-string
  * Example: 901414060
* display: Whether the order risk is displayed on the order details page in the Shopify admin. If <code>false</code>, then this order risk is ignored when Shopify determines your app's overall risk level for the order.<p>It's not advised to create order risks with a display set to <code>false</code>.</p> <aside class='note'><p>This property can't be changed after an order risk is created.</p></aside><aside class='caution'>This property might be removed in future API versions.</aside>
  * Type: x-string
  * Example: true
* id: A unique numeric identifier for the order risk.
  * Type: x-string
  * Example: 284138680
* merchant_message: The message that's displayed to the merchant to indicate the results of the fraud check. The message is displayed only if <code>display</code> is set to<code>true</code>.
  * Type: x-string
  * Example: "This order came from an anonymous proxy."
* message: The message that's displayed to the merchant to indicate the results of the fraud check. The message is displayed only if <code>display</code> is set to<code>true</code>.
  * Type: x-string
  * Example: "This order came from an anonymous proxy."
* order_id: The ID of the order that the order risk belongs to.
  * Type: x-string
  * Example: 450789469
* recommendation:           The recommended action given to the merchant. Valid values:
            <ul>
              <li><strong>cancel</strong>: There is a high level of risk that this order is fraudulent. The merchant should cancel the order.</li>
              <li><strong>investigate</strong>: There is a medium level of risk that this order is fraudulent. The merchant should investigate the order.</li>
              <li><strong>accept</strong>: There is a low level of risk that this order is fraudulent. The order risk found no indication of fraud.</li>
            </ul>

  * Type: x-string
  * Example: "cancel"
* score:           <strong>For internal use only</strong>. A number between 0 and 1 that's assigned to the order.
          The closer the score is to 1, the more likely it is that the order is fraudulent.
          <aside class="note">
            <h4>Note</h4>
            <p>There is no guarantee of stability in risk scores. Scores are not probabilities. The relationship between scores and the probability of fraud can vary over time and between risk providers.</p>
          </aside>

  * Type: string
  * Example: "1.0"
* source: The source of the order risk.
  * Type: x-string
  * Example: "External"
## Creates an order risk for an order

Creates an order risk for an order

### Endpoint
/admin/api/#{api_version}/orders/{order_id}/risks.json (POST)

### Parameters
* api_version (required): 
* order_id (required): 

### Responses
#### 201
Creates an order risk for an order

Examples:
##### Create an order risk showing a fraud risk for proxy detection
Request:
```
POST /admin/api/unstable/orders/450789469/risks.json
{"risk":{"message":"This order came from an anonymous proxy","recommendation":"cancel","score":"1.0","source":"External","cause_cancel":true,"display":true}}
```

Response:
```
HTTP/1.1 201 Created
{"risk":{"id":1029151490,"order_id":450789469,"checkout_id":901414060,"source":"External","score":"1.0","recommendation":"cancel","display":true,"cause_cancel":true,"message":"This order came from an anonymous proxy","merchant_message":"This order came from an anonymous proxy"}}
```
## Retrieves a list of all order risks for an order

Retrieves a list of all order risks for an order. <strong>Note:</strong> This endpoint implements pagination by using links that are provided in the response header. To learn more, refer to <a href='/api/usage/pagination-rest'>Make paginated requests to the REST Admin API</a>.

### Endpoint
/admin/api/#{api_version}/orders/{order_id}/risks.json (GET)

### Parameters
* api_version (required): 
* order_id (required): 

### Responses
#### 200
Retrieves a list of all order risks for an order

Examples:
##### Retrieve all order risks for an order
Request:
```
GET /admin/api/unstable/orders/450789469/risks.json
```

Response:
```
HTTP/1.1 200 OK
{"risks":[{"id":284138680,"order_id":450789469,"checkout_id":null,"source":"External","score":"1.0","recommendation":"cancel","display":true,"cause_cancel":true,"message":"This order was placed from a proxy IP","merchant_message":"This order was placed from a proxy IP"},{"id":1029151489,"order_id":450789469,"checkout_id":901414060,"source":"External","score":"1.0","recommendation":"cancel","display":true,"cause_cancel":true,"message":"This order came from an anonymous proxy","merchant_message":"This order came from an anonymous proxy"}]}
```
## Retrieves a single order risk by its ID

Retrieves a single order risk by its ID

### Endpoint
/admin/api/#{api_version}/orders/{order_id}/risks/{risk_id}.json (GET)

### Parameters
* api_version (required): 
* order_id (required): 
* risk_id (required): 

### Responses
#### 200
Retrieves a single order risk by its ID

Examples:
##### Retrieve a single order risk
Request:
```
GET /admin/api/unstable/orders/450789469/risks/284138680.json
```

Response:
```
HTTP/1.1 200 OK
{"risk":{"id":284138680,"order_id":450789469,"checkout_id":null,"source":"External","score":"1.0","recommendation":"cancel","display":true,"cause_cancel":true,"message":"This order was placed from a proxy IP","merchant_message":"This order was placed from a proxy IP"}}
```
## Updates an order risk

<p>Updates an order risk</p>
          <br/>
          <aside class="note">
            <h4>Note</h4>
            <p>You cannot modify an order risk that was created by another application.</p>
          </aside>

### Endpoint
/admin/api/#{api_version}/orders/{order_id}/risks/{risk_id}.json (PUT)

### Parameters
* api_version (required): 
* order_id (required): 
* risk_id (required): 

### Responses
#### 200
Updates an order risk

Examples:
##### Update an existing order risk for an order
Request:
```
PUT /admin/api/unstable/orders/450789469/risks/284138680.json
{"risk":{"id":284138680,"message":"After further review, this is a legitimate order","recommendation":"accept","source":"External","cause_cancel":false,"score":"0.0"}}
```

Response:
```
HTTP/1.1 200 OK
{"risk":{"order_id":450789469,"cause_cancel":false,"message":"After further review, this is a legitimate order","recommendation":"accept","score":"0.0","source":"External","id":284138680,"checkout_id":null,"display":true,"merchant_message":"After further review, this is a legitimate order"}}
```
## Deletes an order risk for an order

<p>Deletes an order risk for an order</p>
          <br/>
          <aside class="note">
            <h4>Note</h4>
            <p>You cannot delete an order risk that was created by another application.</p>
          </aside>

### Endpoint
/admin/api/#{api_version}/orders/{order_id}/risks/{risk_id}.json (DELETE)

### Parameters
* api_version (required): 
* order_id (required): 
* risk_id (required): 

### Responses
#### 200
Deletes an order risk for an order

Examples:
##### Delete an order risk for an order
Request:
```
DELETE /admin/api/unstable/orders/450789469/risks/284138680.json
```

Response:
```
HTTP/1.1 200 OK
{}
```