What is Forter and where is it deployed?

Forter is a fraud-detection layer used on checkout, payment and account-update flows by major retailers and payment platforms. It runs a script from cdn4.forter.com (or similar Forter CDN), collects device and behavior signals, posts them to a Forter endpoint, and returns a session token the merchant validates server-side before approving the transaction.

What is the ftr__siteId cookie?

ftr__siteId is the Forter session cookie keyed by the merchant's siteId. It encodes the device fingerprint, behavior signals and risk verdict for the session. The merchant's checkout API rejects payment requests when ftr__siteId is missing, expired, or fails Forter's server-side validation.

How do I generate a Forter token via API?

POST to https://api.meshprivacy.com/v1/tasks/submit with service: 'forter', the checkout/payment url, the script_url to the Forter cdn4 script, the merchant_id (ftr__siteId), your proxy_config and user_agent. Poll /v1/tasks/result/{task_id} for 3-8 seconds and attach the returned Forter cookies on the checkout submission.

Where do I find the Forter merchant_id?

Inspect the checkout page source on the merchant's site. The merchant_id appears as the value of the ftr__siteId cookie set after first page load, or in the Forter init payload (e.g. window._forterConfig.siteId). It is unique per merchant and unchanged across sessions.

How fast does MeshPrivacy generate Forter cookies?

Forter solves typically take 3-8 seconds. Upstream timeout is 120 seconds. We do not advertise sub-second numbers — Forter's signal collection and server-side validation roundtrip require real time on every solve.

How much does Forter solving cost?

Pricing is per-credit at 1 USD = 1,000 credits. Credit cost per request varies per service and may change — see meshprivacy.com/pricing for current rates. New accounts get 20 free credits with no credit card required.

Why does my checkout still fail with a valid Forter token?

Forter binds the token to the IP, user agent, device signals and merchant_id used during the solve. Re-using the cookie from a different proxy, after the session timed out, or against a different merchant returns a rejection. Always solve from the exact proxy and user agent you will submit the checkout from.

Solving Forter Fraud-Detection Challenges

Forter is a fraud-detection layer used on checkout and payment flows. It collects device and behavior signals client-side, posts them to its own endpoint, and binds a session token (e.g. ftr__siteId) the merchant validates server-side. MeshPrivacy reproduces this flow and returns the resulting cookies.

Service Schema

Field	Type	Required	Description
`url`	string	Yes	Target checkout/payment page URL
`script_url`	string	No	Forter script URL
`merchant_id`	string	No	Forter merchant/site ID (`ftr__siteId`)
`proxy_config`	string	No	Proxy in `http://user:pass@ip:port` format
`user_agent`	string	No	Custom user agent

Service ID: forter · Status: Stable

Real-time API status: trust.meshprivacy.com

Locating script_url and merchant_id

Inspect the page source on the checkout flow. Forter loads from a script URL such as https://cdn4.forter.com/...; the merchant ID appears in ftr__siteId cookie or the script's init payload.

Integration Example

forter.js

// Submit Forter task to MeshPrivacy
const response = await fetch('https://api.meshprivacy.com/v1/tasks/submit', {
  method: 'POST',
  headers: { 'Content-Type': 'application/json', 'X-API-Key': API_KEY },
  body: JSON.stringify({
    service: 'forter',
    url: 'https://target-site.com/checkout',                  // required
    script_url: 'https://cdn4.forter.com/script.js',          // optional
    merchant_id: 'forter-merchant-id',                        // optional - ftr__siteId
    proxy_config: 'http://user:pass@ip:port',                 // optional
    user_agent: 'Mozilla/5.0 (Windows NT 10.0; Win64; x64)...'// optional
  })
});
const { task_id } = await response.json();

const result = await fetch(`https://api.meshprivacy.com/v1/tasks/result/${task_id}`, {
  headers: { 'X-API-Key': API_KEY }
});
const { cookies } = await result.json();
// Forter token cookie returned for checkout/payment flows

FAQ

When the merchant's checkout endpoint rejects requests missing valid Forter cookies, or when its response references ftr__siteId.

Related Services

PerimeterX|DataDome|Akamai|Incapsula