Jump to Content

Customers Pricing Blog About

Documentation Changelog API Reference

Customers Pricing Blog About Log in Start for free

Documentation

Log in Start for free

Documentation Changelog API Reference

All

Pages

Start typing to search…

Getting Started

Overview
Integration quickstart

Features

Bot detection
Device fingerprinting
Risk scoring
Signals

Integration

Backend
- Overview
- Edge functions
Frontend
Webhooks
Events API
Mock Request Tokens
API Reference

Dashboard

Overview
Exploring data
Policies
Lists
Custom Signals
Metrics
Time selector
Single sign-on
Connecting to Slack
Managing Team Members
Enabling Two-Factor Auth
Enforcing Two-Factor Auth

Tutorials

Block accounts using the same device
Auto-ban abusive IPs for 24h
Detect impossible travel
Block signups with spam emails
Detect account sharing
Trust a user's device for 14 days
Challenge logins from new country or device
Review suspicious user behavior
Handling Device Reporting with Lists
Upgrade Legacy Webhooks to new Webhooks

Integration guides

Protecting the registration
Protecting the login
Protecting the profile update
Protecting the transaction
Protecting the password reset
Protecting custom actions
Protecting anonymous actions
Protecting out-of-band actions

Knowledgebase

Events
Signals
- Overview
Protecting User Accounts
Failed Logins
API Custom Parameters
Exporting data from Castle
GDPR Compliance
Authentication Method

Help

Email Support

Failed Logins

Castle uses login failures as a signal that ultimately helps you decide whether a successful login is coming from a trustworthy device

Updated 24 days ago

What’s Next

Preventing Account Takeover
API Reference