> ## Documentation Index
> Fetch the complete documentation index at: https://developer.hellgate.io/llms.txt
> Use this file to discover all available pages before exploring further.

# Create blacklist value

> Adds a blacklist entry that blocks a value at a given `field_path`, optionally with a `ttl_seconds` expiry.



## OpenAPI

````yaml /products/specter/openapi.yaml post /api/admin/blacklist
openapi: 3.1.0
info:
  contact:
    email: hello@starfish.team
    name: Starfish GmbH & Co. KG
    url: https://hellgate.io/cpa/specter
  description: Composable decision engine and fraud prevention service.
  license:
    name: Hellgate API Terms
    url: https://hellgate.io/terms-and-conditions
  title: Specter API
  version: '1.0'
servers:
  - description: Managed instance of Specter
    url: https://{instance}.{env}.on-hellgate.cloud
    variables:
      instance:
        default: my-instance
        description: Your unique instance slug, provided during onboarding.
      env:
        default: eu1
        description: Deployment environment (currently eu1).
security: []
tags:
  - description: Evaluate transactions and retrieve decision results.
    name: Decisions
  - description: Close decisions that were flagged for manual review.
    name: Resolutions
  - description: Report payment lifecycle events for a prior decision.
    name: Lifecycle Events
  - description: Manage rulesets and their activation lifecycle.
    name: Rulesets
  - description: Configure interceptors and intercept live payment requests.
    name: Interceptors
  - description: Subscribe to decision and event notifications.
    name: Webhooks
  - description: Manage blocked field values.
    name: Blacklist
paths:
  /api/admin/blacklist:
    post:
      tags:
        - Blacklist
      summary: Create blacklist value
      description: >-
        Adds a blacklist entry that blocks a value at a given `field_path`,
        optionally with a `ttl_seconds` expiry.
      operationId: admin_blacklist_create
      parameters: []
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/CreateBlacklistValueRequest'
        description: Blacklist value
        required: true
      responses:
        '201':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/BlacklistValue'
          description: Created value
        '401':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Error'
          description: Unauthorized
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Error'
          description: Forbidden
        '422':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationErrors'
          description: Validation error
      callbacks: {}
      security:
        - bearerAuth: []
components:
  schemas:
    CreateBlacklistValueRequest:
      properties:
        field_path:
          description: JSON path of the field to blacklist, e.g. `$.device.ip`.
          example: $.device.ip
          type: string
        ttl_seconds:
          description: Optional TTL in seconds. If omitted, the entry never expires.
          example: 86400
          type:
            - integer
            - 'null'
        value:
          description: The value to blacklist for this field.
          example: 1.2.3.4
          type: string
      required:
        - field_path
        - value
      title: CreateBlacklistValueRequest
      type: object
    BlacklistValue:
      properties:
        id:
          format: uuid
          type: string
        display_hint:
          description: >-
            Human-readable hint, e.g. masked PAN for `$.credential_fingerprint`
            entries.
          type:
            - string
            - 'null'
        expires_at:
          description: When the entry expires. Null means it never expires.
          format: date-time
          type:
            - string
            - 'null'
        field_path:
          description: JSON path of the field, e.g. `$.device.ip`.
          example: $.device.ip
          type: string
        inserted_at:
          format: date-time
          type: string
        source_decision_id:
          description: ID of the decision that triggered this entry.
          format: uuid
          type:
            - string
            - 'null'
        updated_at:
          format: date-time
          type: string
        value:
          description: The blacklisted value for this field.
          example: 1.2.3.4
          type: string
      title: BlacklistValue
      type: object
    Error:
      description: Generic error response with classifier, code, and message
      example:
        classifier: NOT_FOUND
        code: 404
        message: The requested resource does not exist
      properties:
        classifier:
          example: NOT_FOUND
          type: string
        code:
          example: 404
          type: integer
        message:
          example: The requested resource does not exist
          type: string
      required:
        - classifier
        - code
        - message
      title: Error
      type: object
    ValidationErrors:
      description: Response shape for request validation failures
      example:
        classifier: VALIDATION_ERROR
        code: 422
        validation_errors:
          - message: must be a positive integer
            path: limit
      properties:
        classifier:
          example: VALIDATION_ERROR
          type: string
        code:
          example: 422
          type: integer
        validation_errors:
          items:
            properties:
              message:
                example: must be a positive integer
                type: string
              path:
                example: limit
                type: string
            type: object
          type: array
      required:
        - classifier
        - code
        - validation_errors
      title: ValidationErrors
      type: object
  securitySchemes:
    bearerAuth:
      bearerFormat: JWT
      description: >-
        HS256-signed JWT bearer token, obtained via the OAuth2
        client-credentials grant (see Authentication).
      scheme: bearer
      type: http

````