Introduction

The Rupt API is organized around REST. It has predictable, resource-oriented URLs, accepts JSON request bodies, returns JSON responses, and uses standard HTTP status codes, authentication, and verbs.

Every v3 endpoint lives under the /v3 path. Authenticate with your project secret as a Bearer token.

Base URL

  https://api.rupt.dev/v3

Most of what Rupt does happens in two places. The client SDK runs in the browser, collects signals, and asks Rupt to evaluate an action such as a login or signup. Rupt returns a verdict and, when a user needs to prove themselves, a redirect to a hosted challenge.

This reference covers the server side. Your backend uses the Node SDK (or plain HTTP) to read the evaluation behind a verdict, consume it so it can't be replayed, list a user's devices, and keep user records up to date.

Client SDK

import Rupt from '@ruptjs/client';

const rupt = new Rupt({ clientId: 'YOUR_CLIENT_ID' });

await rupt.evaluate.login({ user: 'USER_ID' });

The Node SDK wraps the server API. It handles authentication, retries on network and 5xx errors, and gives you typed responses. Pass your project secret when you create the client.

Node SDK

import { RuptAPI } from '@ruptjs/api';

const rupt = new RuptAPI(API_SECRET);

Intelligence

Identification

Bot and AI agent detection

Rules engine

Modular challenges

By use case

Account sharing

Multi-accounting

Referral fraud

Fake accounts

Account takeover

Developer resources

Documentation

API reference

API status

Introduction