_castle('createRequestToken').then(function(requestToken) {
// Insert requestToken into the form data
// ....
});
// or use onsubmit handler to automatically insert the castle_request_token hidden input
<form onsubmit="_castle('onFormSubmit', event)">
// ....
</form>
Risk-based bot scoring
Use risk scores and signals to determine friend from foe.
The /filter
endpoint assesses the risk that a user is a bot.
{
"risk": 0.95,
"signals": {
"bot_behavior": {},
"proxy_ip": {},
"disposable_email": {},
"spoofed_device": {}
},
"policy": {
"action": "deny",
"name": "Block bots",
"id": "e14c5a8d-c682-4a22-bbca-04fa6b98ad0c",
"revision_id": "b5cf794e-88c0-426e-8276-037ba1e7ceca"
}
}
{
"risk": 0.95,
"signals": {
"bot_behavior": {},
"proxy_ip": {},
"disposable_email": {},
"spoofed_device": {}
},
"policy": {
"action": "deny",
"name": "Block bots",
"id": "e14c5a8d-c682-4a22-bbca-04fa6b98ad0c",
"revision_id": "b5cf794e-88c0-426e-8276-037ba1e7ceca"
}
}
{
"risk": 0.95,
"signals": {
"bot_behavior": {},
"proxy_ip": {},
"disposable_email": {},
"spoofed_device": {}
},
"policy": {
"action": "deny",
"name": "Block bots",
"id": "e14c5a8d-c682-4a22-bbca-04fa6b98ad0c",
"revision_id": "b5cf794e-88c0-426e-8276-037ba1e7ceca"
}
}
Assess bot risk on any page or form
Risk scores go up when signals trigger. Take action based on the score or individual signals.
- 30+ external risk signals
- 200+ internal risk assessments
Fine-tune what to allow, challenge, or deny
Take action based on configurable policies rather than hard-coded values.
- Trigger on risk, device, location, traits
- Decouple risk logic from your code
Reduce fraud and abuse
Block malicious bots in web and mobile applications.
Fake accounts
Mitigate new account registration fraud and fake spam accounts.
Credential stuffing
Protect your users from automated account takeovers and data breaches.
Content spam
Stop spam comments from polluting your site.
Platform abuse
Block abusive traffic and avoid resource exploits.
Card testing
Prevent brute-force testing of loyalty or credit cards.
Inventory hoarding
Prevent brand damage caused by bots purchasing and stockpiling inventory.
How we are better
Designed to give developers the most flexibility.
Castle Filter API | Cloudflare Bot Manager | Google reCAPTCHA v3 | |
---|---|---|---|
Self-service | |||
API & SDK-based | |||
Mobile SDKs | Android only | ||
User access logs | |||
Detailed risk reasons | |||
Policy management |
- Bot Detection
- Account Takeover Prevention
- Policy Management
- Device Management
- User Behavior Analytics
- REST API & Webhooks
- Email & chat support
- Credit card payments
- Includes all Pro features
- Enterprise SLAs
- Enterprise support
- * Volume discounts available
- Customizable billing
- Invoice payments