# FraudScanner

## Upload a ZIP file for fraud analysis

 - [POST /v2/fraudscanner](https://docs.vaarhaft.com/openapi/fraudscanner/analysefile.md): Analyze image and document files for fraud indicators.

There are two ways to send your ZIP file, depending on its size:

| ZIP size | Method | How |
|----------|--------|-----|
| < 10 MB | Direct upload | Send the ZIP as file in the request body (multipart/form-data) |
| 10–50 MB | Presigned S3 upload | First call POST /v2/getUploadUrl, upload to S3, then call this endpoint with s3_key as query parameter |

For files under 10 MB, nothing changes — use the direct upload as before.
For larger files, the presigned flow bypasses the 10 MB gateway limit.

Python example (both flows):

python
import requests, os

API_URL = "https://api.vaarhaft.com"
HEADERS = {"x-api-key": "YOUR_KEY", "caseNumber": "Case-123"}
THRESHOLD = 9  1024  1024  # 9 MB safety margin

zip_path = "images.zip"
zip_size = os.path.getsize(zip_path)

if zip_size < THRESHOLD:
    # --- Direct upload (small files) ---
    with open(zip_path, "rb") as f:
        resp = requests.post(
            f"{API_URL}/v2/fraudscanner",
            files={"file": (zip_path, f, "application/zip")},
            headers=HEADERS,
        )
else:
    # --- Presigned S3 upload (large files) ---
    # Step 1: Get presigned URL
    url_resp = requests.post(
        f"{API_URL}/v2/getUploadUrl", headers=HEADERS
    )
    upload_url = url_resp.json()["upload_url"]
    s3_key = url_resp.json()["s3_key"]

    # Step 2: Upload ZIP to S3
    with open(zip_path, "rb") as f:
        requests.put(
            upload_url,
            data=f,
            headers={"Content-Type": "application/zip"},
        )

    # Step 3: Trigger analysis
    resp = requests.post(
        f"{API_URL}/v2/fraudscanner",
        params={"s3_key": s3_key},
        headers=HEADERS,
    )

result = resp.json()


Note: requests with many or large files can take longer due to compute-heavy analysis. The request timeout is 120s.

## Get a presigned S3 upload URL for large files

 - [POST /v2/getUploadUrl](https://docs.vaarhaft.com/openapi/fraudscanner/getuploadurl.md): Returns a presigned S3 PUT URL for uploading ZIP files that exceed the 10 MB direct upload limit.
The URL is valid for 10 minutes. After uploading to S3, pass the returned s3_key to POST /v2/fraudscanner.

Flow:

1. POST /v2/getUploadUrl → receive upload_url + s3_key
2. PUT your ZIP to upload_url (with Content-Type: application/zip)
3. POST /v2/fraudscanner?s3_key= → receive analysis results

The uploaded file is automatically deleted after processing (or after 24h if not consumed).