Bot protection
To protect your sign-ups from bots, Clerk leverages data from our CDN to determine whether a user attempting to sign up might be a bot or not.
Enable bot sign-up protection
- In the Clerk Dashboard, navigate to the Attack protection page.
- In the Bot sign-up protection section, enable the feature and choose the CAPTCHA type you want to use:
- Smart: The CAPTCHA widget will only be shown if the client is suspected to be a bot. Users suspected of being a bot will be shown a interactive challenge (like clicking a checkbox), in an attempt to verify they are human.
- Invisible: Bot traffic will be automatically blocked. No CAPTCHA widget will be displayed. Users suspected of being a bot will not be allowed to sign up, and are shown an error message instructing them to reach out to your configured support email address.
Limitations
- Clerk's Expo SDK does not support Bot sign-up protection yet.
- If you're building a custom sign-up flow using the Clerk API, instead of using Clerk components, and you have enabled Bot sign-up protection, then you need to ensure you have added a DOM node to render the CAPTCHA widget. Refer to the Add bot protection to your custom sign-up flow guide for more information.
Feedback
Last updated on