Skip to main content
Docs
Dashboard

Bot protection

To protect your sign-ups from bots, Clerk leverages data from our CDN to determine whether a user attempting to sign up might be a bot or not.

Enable bot sign-up protection

  1. In the Clerk Dashboard, navigate to the Attack protection page.
  2. Enable the Bot sign-up protection toggle.
    • When enabled, users suspected of being a bot will be shown an interactive challenge (like clicking a checkbox) to verify they are human. The CAPTCHA widget will only be shown if the client is suspected to be a bot.

Warning

If you currently have the Invisible CAPTCHA type selected, it's highly recommended to switch to the Smart option, as the Invisible option is deprecated and will be removed in a future update.

Limitations

  • Device emulation in a browser is not supported by Cloudflare, which Clerk uses for bot detection.
  • If you're building a custom sign-up flow using the Clerk API, instead of using Clerk components, and you have enabled Bot sign-up protection, then you need to ensure you have added a DOM node to render the CAPTCHA widget. Refer to the Add bot protection to your custom sign-up flow guide for more information.

Feedback

What did you think of this content?
Edit this page on GitHub

Last updated on