Detection of anomalies associated with fraudulent access to a service platform

What is claimed is: 1. A system for detecting anomalous access to a service platform, the system comprising: one or more memories; and one or more processors, communicatively coupled to the one or more memories, configured to: obtain service usage training data associated with one or more devices of a client system providing application programming interface (API) calls to one or more APIs associated with an API gateway; train, based on the service usage training data, a first model to identify feature data associated with the client system using the one or more APIs, wherein the feature data includes a service usage pattern of the client system and source data associated with the one or more devices, wherein the first model comprises an unsupervised machine learning model that is trained according to a cosine similarity analysis; train, based on the feature data, a second model to identify anomalous API calls that include a client identifier of the client system, wherein the second model comprises a supervised machine learning model that is trained according to a decision tree associated with the feature data; receive an API call associated with an acting device accessing an API of the API gateway, wherein the API call includes the client identifier; process the API call to identify access information associated with the acting device providing the API call; determine, based on the access information and using the second model, that the API call is a potential unauthorized API call; obtain, from a verification device, a verification that the API call is unauthorized; and perform, based on obtaining the verification, an action associated with the acting device. 2. The system of claim 1 , wherein the service usage pattern identifies at least one of: time patterns associated with receiving corresponding API calls to the one or more APIs; or frequencies of receiving corresponding API calls to the one or more APIs during a time period. 3. The system of claim 1 , wherein the source data identifies at least one of: corresponding source addresses of the one or more devices; client location information that identifies corresponding locations of the one or more devices; or corresponding user information associated with the one or more devices using the one or more APIs. 4. The system of claim 1 , wherein the one or more processors, when determining that the API call is a potential unauthorized API call, are configured to: cause the second model, based on the access information, to determine whether the acting device is associated with the client system based on at least one of: a comparison of client location information identified in the source data and device location information, of the access information, that identifies a location of the acting device; or a comparison of client addresses identified in the source data and a device address of the acting device that is identified in the access information. 5. The system of claim 1 , wherein the one or more processors, when determining that the API call is a potential unauthorized API call, are configured to: compare the access information and the feature data; determine, based on comparing characteristics of the access information with corresponding characteristics of the feature data, a probability that the acting device is not authorized by the client system to access the API; determine that the probability satisfies a threshold probability associated with unauthorized access of the API in association with the client identifier; and determine, based on the probability satisfying the threshold probability, that the acting device accessing the API corresponds to potential anomalous activity. 6. The system of claim 1 , wherein the one or more processors, when obtaining the verification, are configured to: send, to the verification device, a request for a user input that indicates whether the acting device is authorized to access the API; and receive the user input from the verification device, wherein the verification is included within the user input. 7. The system of claim 1 , wherein the one or more processors, when performing the action, are configured to at least one of: prevent the acting device from further accessing the API gateway; transmit, to a management device, a notification that indicates that the acting device provided an anomalous API call; storing, in a data structure, the API call in association with an indication that the acting device provided an anomalous API call; or retrain the second model based on the API call. 8. A non-transitory computer-readable medium storing a set of instructions, the set of instructions comprising: one or more instructions that, when executed by one or more processors of a system, cause the system to: obtain service usage training data associated with one or more devices of a client system providing application programming interface (API) calls to one or more APIs associated with an API gateway; train, based on the service usage training data, a first model to identify feature data associated with the client system using the one or more APIs, wherein the feature data includes a service usage pattern of the client system and source data associated with the one or more devices, wherein the first model comprises an unsupervised machine learning model that is trained according to a cosine similarity analysis; train, based on the feature data, a second model to identify anomalous API calls that include a client identifier of the client system, wherein the second model comprises a supervised machine learning model that is trained according to a decision tree associated with the feature data; receive an API call associated with an acting device accessing an API of the API gateway, wherein the API call includes the client identifier; process the API call to identify access information associated with the acting device providing the API call; determine, based on the access information and using the second model, that the API call is a potential unauthorized API call; obtain, from a verification device, a verification that the API call is unauthorized; and perform, based on obtaining the verification, an action associated with the acting device. 9. The non-transitory computer-readable medium of claim 8 , wherein the service usage pattern identifies at least one of: time patterns associated with receiving corresponding API calls to the one or more APIs; or frequencies of receiving corresponding API calls to the one or more APIs during a time period. 10. The non-transitory computer-readable medium of claim 8 , wherein the source data identifies at least one of: corresponding source addresses of the one or more devices; client location information that identifies corresponding locations of the one or more devices; or corresponding user information associated with the one or more devices using the one or more APIs. 11. The non-transitory computer-readable medium of claim 8 , wherein the one or more instructions, that cause the system to determine that the API call is a potential unauthorized API call, cause the system to: cause the second model, based on the access information, to determine whether the acting device is associated with the client system based on at least one of: a comparison of client location information identified in the source data and device location information, of the access information, that identifies a location of the acting device; or a comparison of client addresses identified in the source data and a device address of the acting device that is identified in the access information. 12. The non