[{"data":1,"prerenderedAt":611},["ShallowReactive",2],{"docs-nav-\u002Fdocs\u002Faccount-takeover\u002Fquick-start":3,"\u002Fdocs\u002Faccount-takeover\u002Fquick-start":45},[4],{"title":5,"path":6,"stem":7,"children":8,"page":26},"Account Takeover","\u002Fdocs\u002Faccount-takeover","1.docs\u002F3.account takeover",[9,13,17,27,36],{"title":10,"path":11,"stem":12},"How it works","\u002Fdocs\u002Faccount-takeover\u002Fhow-account-takeover-protection-works","1.docs\u002F3.account takeover\u002F0.how-account-takeover-protection-works",{"title":14,"path":15,"stem":16},"Quick start","\u002Fdocs\u002Faccount-takeover\u002Fquick-start","1.docs\u002F3.account takeover\u002F1.quick start",{"title":18,"path":19,"stem":20,"children":21,"page":26},"Concepts","\u002Fdocs\u002Faccount-takeover\u002Fconcepts","1.docs\u002F3.account takeover\u002F2.Concepts",[22],{"title":23,"path":24,"stem":25},"Evaluations","\u002Fdocs\u002Faccount-takeover\u002Fconcepts\u002Fevaluations","1.docs\u002F3.account takeover\u002F2.Concepts\u002F0.evaluations",false,{"title":28,"path":29,"stem":30,"children":31,"page":26},"Advanced","\u002Fdocs\u002Faccount-takeover\u002Fadvanced","1.docs\u002F3.account takeover\u002F3.Advanced",[32],{"title":33,"path":34,"stem":35},"Custom implementation","\u002Fdocs\u002Faccount-takeover\u002Fadvanced\u002Fcustom-implementation","1.docs\u002F3.account takeover\u002F3.Advanced\u002F1.custom-implementation",{"title":37,"path":38,"stem":39,"children":40,"page":26},"Migrations","\u002Fdocs\u002Faccount-takeover\u002Fmigrations","1.docs\u002F3.account takeover\u002F4.migrations",[41],{"title":42,"path":43,"stem":44},"Identify → Evaluations","\u002Fdocs\u002Faccount-takeover\u002Fmigrations\u002Fmigrate-from-identify-to-evaluate","1.docs\u002F3.account takeover\u002F4.migrations\u002F0.Migrate-from-identify-to-evaluate",{"id":46,"title":14,"body":47,"description":58,"extension":604,"meta":605,"navigation":607,"path":15,"seo":608,"sitemap":609,"stem":16,"__hash__":610},"docs\u002F1.docs\u002F3.account takeover\u002F1.quick start.md",{"type":48,"value":49,"toc":597},"minimark",[50,55,59,64,69,84,87,91,98,142,147,174,177,211,220,334,337,346,354,361,363,367,403,488,504,536,579,586,593],[51,52,54],"h1",{"id":53},"account-takeover-protection","Account takeover protection",[56,57,58],"p",{},"Rupt offers a comprehensive account takeover protection solution. Rupt understands if the account is being accessed from a new device or geo-location, or if the account is being used in an unusual way. If so, Rupt will redirect the user to a managed challenge page where they can verify their identity.",[60,61,63],"h2",{"id":62},"how-to-use-rupt-for-account-takeover-protection","How to use Rupt for account takeover protection",[65,66,68],"h3",{"id":67},"project-settings","Project settings",[56,70,71,72,79,80,83],{},"Go to your ",[73,74,78],"a",{"href":75,"rel":76},"https:\u002F\u002Fdashboard.rupt.com\u002Fsettings\u002Faccount-takeover",[77],"nofollow","project settings"," and enable account takeover protection and the managed challenge page. This will redirect suspected users to a managed challenge page where they can verify their identity. If you don't want to use the managed challenge page, you can disable it and write your own challenge page using ",[73,81,82],{"href":34},"this guide",".",[85,86],"hr",{},[65,88,90],{"id":89},"browser-side","Browser side",[92,93,94],"ol",{},[95,96,97],"li",{},"Install the Rupt Browser SDK:",[99,100,105],"pre",{"className":101,"code":102,"language":103,"meta":104,"style":104},"language-bash shiki shiki-themes one-dark-pro monokai","yarn add rupt\n#OR\nnpm install rupt\n","bash","",[106,107,108,124,131],"code",{"__ignoreMap":104},[109,110,113,117,121],"span",{"class":111,"line":112},"line",1,[109,114,116],{"class":115},"sUpKv","yarn",[109,118,120],{"class":119},"sgpKs"," add",[109,122,123],{"class":119}," rupt\n",[109,125,127],{"class":111,"line":126},2,[109,128,130],{"class":129},"sDDnO","#OR\n",[109,132,134,137,140],{"class":111,"line":133},3,[109,135,136],{"class":115},"npm",[109,138,139],{"class":119}," install",[109,141,123],{"class":119},[92,143,144],{"start":126},[95,145,146],{},"Include the Rupt Browser SDK on the authentication page:",[99,148,152],{"className":149,"code":150,"language":151,"meta":104,"style":104},"language-js shiki shiki-themes one-dark-pro monokai","import Rupt from \"rupt\";\n","js",[106,153,154],{"__ignoreMap":104},[109,155,156,160,164,167,170],{"class":111,"line":112},[109,157,159],{"class":158},"sqnWQ","import",[109,161,163],{"class":162},"sskXI"," Rupt",[109,165,166],{"class":158}," from",[109,168,169],{"class":119}," \"rupt\"",[109,171,173],{"class":172},"sFXR2",";\n",[56,175,176],{},"Or include the Rupt Browser SDK from a CDN:",[99,178,182],{"className":179,"code":180,"language":181,"meta":104,"style":104},"language-html shiki shiki-themes one-dark-pro monokai","\u003Cscript src=\"https:\u002F\u002Fcdn.rupt.dev\u002Fjs\u002Frupt.js\">\u003C\u002Fscript>\n","html",[106,183,184],{"__ignoreMap":104},[109,185,186,189,193,197,200,203,206,208],{"class":111,"line":112},[109,187,188],{"class":172},"\u003C",[109,190,192],{"class":191},"s2zKK","script",[109,194,196],{"class":195},"spIlZ"," src",[109,198,199],{"class":172},"=",[109,201,202],{"class":119},"\"https:\u002F\u002Fcdn.rupt.dev\u002Fjs\u002Frupt.js\"",[109,204,205],{"class":172},">\u003C\u002F",[109,207,192],{"class":191},[109,209,210],{"class":172},">\n",[92,212,213],{"start":133},[95,214,215,216,219],{},"Call the ",[106,217,218],{},"evaluate"," method from the browser SDK:",[99,221,223],{"className":149,"code":222,"language":151,"meta":104,"style":104},"await Rupt.evaluate({\n  client_id: process.env.NEXT_PUBLIC_CLIENT_ID,\n  action: \"login\",\n  user: \"USER_ID\",\n  email: \"EMAIL\",\n  phone: \"PHONE\",\n  success_url: \"https:\u002F\u002Fexample.com\u002Fsuccess\",\n});\n",[106,224,225,240,264,276,289,302,315,328],{"__ignoreMap":104},[109,226,227,230,233,235,237],{"class":111,"line":112},[109,228,229],{"class":158},"await",[109,231,163],{"class":232},"syDQ0",[109,234,83],{"class":172},[109,236,218],{"class":115},[109,238,239],{"class":172},"({\n",[109,241,242,245,248,251,253,256,258,261],{"class":111,"line":126},[109,243,244],{"class":162},"  client_id",[109,246,247],{"class":172},": ",[109,249,250],{"class":232},"process",[109,252,83],{"class":172},[109,254,255],{"class":232},"env",[109,257,83],{"class":172},[109,259,260],{"class":162},"NEXT_PUBLIC_CLIENT_ID",[109,262,263],{"class":172},",\n",[109,265,266,269,271,274],{"class":111,"line":133},[109,267,268],{"class":162},"  action",[109,270,247],{"class":172},[109,272,273],{"class":119},"\"login\"",[109,275,263],{"class":172},[109,277,279,282,284,287],{"class":111,"line":278},4,[109,280,281],{"class":162},"  user",[109,283,247],{"class":172},[109,285,286],{"class":119},"\"USER_ID\"",[109,288,263],{"class":172},[109,290,292,295,297,300],{"class":111,"line":291},5,[109,293,294],{"class":162},"  email",[109,296,247],{"class":172},[109,298,299],{"class":119},"\"EMAIL\"",[109,301,263],{"class":172},[109,303,305,308,310,313],{"class":111,"line":304},6,[109,306,307],{"class":162},"  phone",[109,309,247],{"class":172},[109,311,312],{"class":119},"\"PHONE\"",[109,314,263],{"class":172},[109,316,318,321,323,326],{"class":111,"line":317},7,[109,319,320],{"class":162},"  success_url",[109,322,247],{"class":172},[109,324,325],{"class":119},"\"https:\u002F\u002Fexample.com\u002Fsuccess\"",[109,327,263],{"class":172},[109,329,331],{"class":111,"line":330},8,[109,332,333],{"class":172},"});\n",[56,335,336],{},"If the device should be challenged, the user will be redirected to the managed challenge page for the user to verify their identity via a two-factor authentication code. If the evaluation method does not redirect, you can continue with your authentication flow as normal.",[92,338,339],{"start":278},[95,340,341,342,345],{},"Once the user has verified their identity, they will be redirected to the ",[106,343,344],{},"success_url"," with the challenge id:",[99,347,352],{"className":348,"code":350,"language":351},[349],"language-text","https:\u002F\u002Fexample.com\u002Fsuccess?challenge=CHALLENGE_ID\n","text",[106,353,350],{"__ignoreMap":104},[56,355,356,357,360],{},"You should use the ",[106,358,359],{},"CHALLENGE_ID"," to verify the status of the challenge to ensure that the user has verified their identity. It is highly recommended to do this on the server side.",[85,362],{},[65,364,366],{"id":365},"server-side","Server side",[368,369,372,373],"div",{"className":370},[371],"relative","\n  ",[368,374,379,380,379,386,372],{"className":375},[376,377,378],"absolute","right-0","top-[-40px]","\n    ",[109,381,385],{"className":382},[383,384],"text-sm","pr-2","Language",[387,388,393,394,393,399,379],"select",{"id":389,"className":390},"languageSelect",[387,391,392],"select-bordered","select-sm","\n      ",[395,396,398],"option",{"value":397},"node","Node",[395,400,402],{"value":401},"curl","cURL",[368,404,407,412,438,443],{"className":405},[406],"language-node",[92,408,409],{},[95,410,411],{},"Include the Rupt Node SDK:",[99,413,415],{"className":101,"code":414,"language":103,"meta":104,"style":104},"yarn add @ruptjs\u002Fcore\n#OR\nnpm install @ruptjs\u002Fcore\n",[106,416,417,426,430],{"__ignoreMap":104},[109,418,419,421,423],{"class":111,"line":112},[109,420,116],{"class":115},[109,422,120],{"class":119},[109,424,425],{"class":119}," @ruptjs\u002Fcore\n",[109,427,428],{"class":111,"line":126},[109,429,130],{"class":129},[109,431,432,434,436],{"class":111,"line":133},[109,433,136],{"class":115},[109,435,139],{"class":119},[109,437,425],{"class":119},[92,439,440],{"start":126},[95,441,442],{},"Initialize the Rupt Node SDK with your project API secret:",[99,444,446],{"className":149,"code":445,"language":151,"meta":104,"style":104},"import Rupt from \"@ruptjs\u002Fcore\";\nconst rupt = new Rupt(\"API_SECRET\");\n",[106,447,448,461],{"__ignoreMap":104},[109,449,450,452,454,456,459],{"class":111,"line":112},[109,451,159],{"class":158},[109,453,163],{"class":162},[109,455,166],{"class":158},[109,457,458],{"class":119}," \"@ruptjs\u002Fcore\"",[109,460,173],{"class":172},[109,462,463,467,470,474,477,479,482,485],{"class":111,"line":126},[109,464,466],{"class":465},"sfrnW","const",[109,468,469],{"class":232}," rupt",[109,471,473],{"class":472},"sBBc0"," =",[109,475,476],{"class":158}," new",[109,478,163],{"class":115},[109,480,481],{"class":172},"(",[109,483,484],{"class":119},"\"API_SECRET\"",[109,486,487],{"class":172},");\n",[56,489,490,494,499,500,503],{},[109,491,493],{"className":492},[406],"3.",[109,495,498],{"className":496},[497],"language-curl","1."," Call the ",[106,501,502],{},"getChallenge"," method to get the challenge status:",[368,505,507],{"className":506},[406],[99,508,510],{"className":149,"code":509,"language":151,"meta":104,"style":104},"const challenge = await Rupt.getChallenge(CHALLENGE_ID);\n",[106,511,512],{"__ignoreMap":104},[109,513,514,516,519,521,524,526,528,530,532,534],{"class":111,"line":112},[109,515,466],{"class":465},[109,517,518],{"class":232}," challenge",[109,520,473],{"class":472},[109,522,523],{"class":158}," await",[109,525,163],{"class":232},[109,527,83],{"class":172},[109,529,502],{"class":115},[109,531,481],{"class":172},[109,533,359],{"class":232},[109,535,487],{"class":172},[368,537,539],{"className":538},[497],[99,540,542],{"className":101,"code":541,"language":103,"meta":104,"style":104},"curl -X GET https:\u002F\u002Fapi.rupt.com\u002Fv2\u002Fchallenges\u002FCHALLENGE_ID \\\n  -H \"Authorization: Bearer API_SECRET\" \\\n  -H \"Content-Type: application\u002Fjson\"\n",[106,543,544,562,572],{"__ignoreMap":104},[109,545,546,548,552,555,558],{"class":111,"line":112},[109,547,401],{"class":115},[109,549,551],{"class":550},"sRaZW"," -X",[109,553,554],{"class":119}," GET",[109,556,557],{"class":119}," https:\u002F\u002Fapi.rupt.com\u002Fv2\u002Fchallenges\u002FCHALLENGE_ID",[109,559,561],{"class":560},"sLJFi"," \\\n",[109,563,564,567,570],{"class":111,"line":126},[109,565,566],{"class":550},"  -H",[109,568,569],{"class":119}," \"Authorization: Bearer API_SECRET\"",[109,571,561],{"class":560},[109,573,574,576],{"class":111,"line":133},[109,575,566],{"class":550},[109,577,578],{"class":119}," \"Content-Type: application\u002Fjson\"\n",[56,580,581,582,83],{},"For more information, see ",[73,583,585],{"href":584},"\u002Fapi\u002Fchallenges\u002Fretrieve-a-challenge","retrieve a challenge",[56,587,588,589,592],{},"If the challenge status is ",[106,590,591],{},"completed",", you can continue with your authentication flow.",[594,595,596],"style",{},"html pre.shiki code .sUpKv, html code.shiki .sUpKv{--shiki-default:#61AFEF;--shiki-dark:#A6E22E}html pre.shiki code .sgpKs, html code.shiki .sgpKs{--shiki-default:#98C379;--shiki-dark:#E6DB74}html pre.shiki code .sDDnO, html code.shiki .sDDnO{--shiki-default:#7F848E;--shiki-default-font-style:italic;--shiki-dark:#88846F;--shiki-dark-font-style:inherit}html .default .shiki span {color: var(--shiki-default);background: var(--shiki-default-bg);font-style: var(--shiki-default-font-style);font-weight: var(--shiki-default-font-weight);text-decoration: var(--shiki-default-text-decoration);}html .shiki span {color: var(--shiki-default);background: var(--shiki-default-bg);font-style: var(--shiki-default-font-style);font-weight: var(--shiki-default-font-weight);text-decoration: var(--shiki-default-text-decoration);}html .dark .shiki span {color: var(--shiki-dark);background: var(--shiki-dark-bg);font-style: var(--shiki-dark-font-style);font-weight: var(--shiki-dark-font-weight);text-decoration: var(--shiki-dark-text-decoration);}html.dark .shiki span {color: var(--shiki-dark);background: var(--shiki-dark-bg);font-style: var(--shiki-dark-font-style);font-weight: var(--shiki-dark-font-weight);text-decoration: var(--shiki-dark-text-decoration);}html pre.shiki code .sqnWQ, html code.shiki .sqnWQ{--shiki-default:#C678DD;--shiki-dark:#F92672}html pre.shiki code .sskXI, html code.shiki .sskXI{--shiki-default:#E06C75;--shiki-dark:#F8F8F2}html pre.shiki code .sFXR2, html code.shiki .sFXR2{--shiki-default:#ABB2BF;--shiki-dark:#F8F8F2}html pre.shiki code .s2zKK, html code.shiki .s2zKK{--shiki-default:#E06C75;--shiki-dark:#F92672}html pre.shiki code .spIlZ, html code.shiki .spIlZ{--shiki-default:#D19A66;--shiki-dark:#A6E22E}html pre.shiki code .syDQ0, html code.shiki .syDQ0{--shiki-default:#E5C07B;--shiki-dark:#F8F8F2}html pre.shiki code .sfrnW, html code.shiki .sfrnW{--shiki-default:#C678DD;--shiki-default-font-style:inherit;--shiki-dark:#66D9EF;--shiki-dark-font-style:italic}html pre.shiki code .sBBc0, html code.shiki .sBBc0{--shiki-default:#56B6C2;--shiki-dark:#F92672}html pre.shiki code .sRaZW, html code.shiki .sRaZW{--shiki-default:#D19A66;--shiki-dark:#AE81FF}html pre.shiki code .sLJFi, html code.shiki .sLJFi{--shiki-default:#56B6C2;--shiki-dark:#AE81FF}",{"title":104,"searchDepth":126,"depth":126,"links":598},[599],{"id":62,"depth":126,"text":63,"children":600},[601,602,603],{"id":67,"depth":133,"text":68},{"id":89,"depth":133,"text":90},{"id":365,"depth":133,"text":366},"md",{"head":606},{"title":54},true,{"title":14,"description":58},{"loc":15},"xU2VVZtGvSXBZvK0CojrSfn2jkvehIeLRLf9ZqBlONs",1776449526136]