Advanced fraud detection and risk assessment for modern applications
Learn more about Guardian
Last updated
Was this helpful?
Ctrlk
// frontend/guardian.ts
import { loadAgent } from '@guardianstack/guardian-js';
// 1) Initialize once at app startup
const guardian = await loadAgent({
siteKey: 'site_XXXXXXXX',
});
// 2) Trigger an identification exactly where it matters (login, signup, checkout)
const res = await guardian.get();
// 3) Extract the requestId and send it to your backend for risk evaluation
const requestId = res?.requestId;
// server/guardian.ts
import { createGuardianClient } from '@guardianstack/guardianjs-server';
// 1) Create the server client with your secret (server-only; never expose in the browser)
const guardian = createGuardianClient({ secret: 'sec_XXXXXXXX' });
// 2) Fetch the processed event by requestId (includes IP intel + detections)
const event = await guardian.getEvent(requestId);
// 3) Make a simple allow/deny decision based on detections
const risky = Boolean(
event.botDetection?.detected ||
event.tampering?.detected ||
event.virtualization?.detected ||
event.incognito?.detected ||
event.privacySettings?.detected ||
event.vpn?.detected
);
if (risky) {
/* High risk: deny or require step-up (CAPTCHA/OTP/KYC) */
} else {
/* Low risk: proceed */
}