Below there are two ways to actively use BotProtection. Both share the same architecture, but different ways to get information. To read more about sync and async check, go to the Interaction part.

Sync method

In a sync check method encrypted JWT token is sent to the company backend by a client. To decode it and get a check result, company backend uses a public key provided when integrating BotProtection.

Async method

In an async check, company backend asks BotProtection machine results for specific UUIDs/device IDs/challenge IDs.

Security

BotProtection machine and dashboard are not integrated in a middle of a company pipeline and cannot interrupt company processes. Instead of that, BotProtection part is aside in a company outline and serves as an extra API to get information about detected bots.