Test Tokens

A request_token parameter is required to be sent with every request to the Filter and Risk API endpoints. In order to test Castle without having a client-side integration in place, you can use Test Tokens to evaluate different risk scenarios.

Format

test|<parameter>:<value>|<parameter>:<value>...

Usage

Test Tokens will streamline your testing process by giving you a way to force certain aspects and characteristics of a request, without doing a full integration. For example, if you want to simulate a user using Firefox on a Windows device in the US, you can use the following Test Token value:

request_token: "test|device:firefox_on_windows|ip:us-ca"

🚧

Reminder

Test tokens are only supported on Sandbox environments.

Test Token Parameters & Values

ParameterPossible ValuesDescription
devicechrome_on_mac
safari_on_mac
firefox_on_mac
chrome_on_windows
firefox_on_windows
bot_on_linux
Pre-determined device combinations to represent various device types
ipse
us-ca
jp
IP location of the request
policy.actionallow
challenge
deny
Force a policy action to be returned by Castle
riskvalue from 0-1.0Set the Castle risk score to a specific value

Examples

Mac computer using a Chrome browser, connecting from California, US:

test|device:chrome_on_mac|ip:us-ca

Headless browser, connecting from Japan:

test|device:bot_on_linux|ip:jp