Get Bot Verdict

cURL

curl --request POST \
  --url https://api.deflect.bot/verify \
  --header 'Content-Type: application/json' \
  --data '
{
  "api_key": "<string>",
  "action_id": "<string>",
  "token": "<string>",
  "id": "<string>",
  "email": "[email protected]",
  "phone_number": "<string>"
}
'

{
  "success": true,
  "verdict": {
    "can_pass": true
  },
  "device": {
    "fingerprint": "<string>",
    "user_agent": "<string>",
    "languages": "<string>",
    "timezone": "<string>",
    "os": "<string>",
    "is_mobile": true
  },
  "ip": {
    "address": "<string>",
    "type": "<string>",
    "is_datacenter": true,
    "is_proxy": true,
    "is_tor": true,
    "is_vpn": true,
    "is_threat": true,
    "is_bogon": true,
    "asn": "<string>",
    "asn_number": 123
  },
  "location": {
    "city": "<string>",
    "postal_code": "<string>",
    "country": "<string>",
    "continent": "<string>",
    "latitude": 123,
    "longitude": 123
  },
  "session": {
    "started_at": "2023-11-07T05:31:56Z",
    "finished_at": "2023-11-07T05:31:56Z"
  }
}

POST

verify

cURL

curl --request POST \
  --url https://api.deflect.bot/verify \
  --header 'Content-Type: application/json' \
  --data '
{
  "api_key": "<string>",
  "action_id": "<string>",
  "token": "<string>",
  "id": "<string>",
  "email": "[email protected]",
  "phone_number": "<string>"
}
'

{
  "success": true,
  "verdict": {
    "can_pass": true
  },
  "device": {
    "fingerprint": "<string>",
    "user_agent": "<string>",
    "languages": "<string>",
    "timezone": "<string>",
    "os": "<string>",
    "is_mobile": true
  },
  "ip": {
    "address": "<string>",
    "type": "<string>",
    "is_datacenter": true,
    "is_proxy": true,
    "is_tor": true,
    "is_vpn": true,
    "is_threat": true,
    "is_bogon": true,
    "asn": "<string>",
    "asn_number": 123
  },
  "location": {
    "city": "<string>",
    "postal_code": "<string>",
    "country": "<string>",
    "continent": "<string>",
    "latitude": 123,
    "longitude": 123
  },
  "session": {
    "started_at": "2023-11-07T05:31:56Z",
    "finished_at": "2023-11-07T05:31:56Z"
  }
}

Response Format

The API returns detailed information about the request, including:

Verdict - Whether the request should be allowed (can_pass: true/false)
Device information - Browser details, fingerprint, user agent
IP analysis - Location, threat indicators, proxy/VPN detection
Session data - Timing and behavioral analysis

Testing

For local development, use test action IDs that return predictable results without consuming API credits:

Success: t/FFFFFFFFFFFFF/111111111 (always returns can_pass: true)
Failure: t/FFFFFFFFFFFFF/000000000 (always returns can_pass: false)

See the Defense Actions guide for more details.

Body

application/json

Plant to add to the store

api_key

string

required

Your Deflect API Key

action_id

string

required

Your Deflect Action ID

token

string

required

The user session token from the protected endpoint.

string

Optional user identifier for access control. Highly recommended to include!

string<email>

Optional user email address. Response will include email risk assessment.

phone_number

string

Optional user phone number. Response will include phone risk assessment.

Response

Successful response

success

boolean

verdict

object

Show child attributes

device

object

Show child attributes

object

Show child attributes

location

object

Show child attributes

session

object

Show child attributes

Wordpress Plugin Email Intelligence

⌘I

Get Started

Client-Side

Endpoints

Get Bot Verdict

Response Format

Testing

Body

Response

Get Started

Client-Side

Endpoints

​Response Format

​Testing

Body

Response

Response Format

Testing