The Unauthenticated endpoint provides risk decisions for sessions that aren’t (or aren’t yet) associated with user accounts. This endpoint is designed to help you protect public-facing assets and pre-authentication flows.

Overview

The Unauthenticated endpoint analyzes session signals to determine risk without requiring account information. This makes it ideal for protecting public pages, detecting bots, and preventing abuse before users authenticate.

POST https://api.prod.verisoul.ai/session/unauthenticated

When to Use Unauthenticated

Use the Unauthenticated endpoint for sessions where users haven’t logged in or created accounts. This is ideal for:

  • Public page protection - Monitor and control access to marketing pages, pricing information, etc.
  • Pre-authentication flows - Assess risk before users reach login or registration forms
  • Content scraping prevention - Identify and block automated scraping attempts
  • Public facing bot mitigation - Detect and manage bot traffic across your public-facing assets
  • Early funnel protection - Apply basic security measures before users authenticate

Required Parameters

ParameterTypeDescription
session_idstringThe Verisoul session ID obtained from the client SDK

Benefits of Unauthenticated

  • Early protection - Detect and mitigate threats before authentication
  • Bot detection - Identify automated traffic and scraping attempts
  • Reduced friction - Apply security measures without requiring user accounts
  • Public asset protection - Secure marketing pages, documentation, and other public resources

Next Steps