The Automation Intelligence API (in public preview) gives you the tools to determine whether traffic is legitimate and should be accepted by your application.
Feature in Public PreviewThis feature is currently in a Public Preview testing phase. All feedback is welcome! If you encounter any issues, please contact our support team.
The API detects automation tools like AI Agents, AI Assistants, and AI Browsers. Additionally, it provides IP intelligence like geolocation and data center detection.Automation Intelligence is derived from HTTP request metadata that reaches your server. It does not require the use of a Javascript agent to collect browser context. The API is fast, with average response times of less than 30ms, making it a great fit for edge, pre-origin or middleware contexts. The API is platform-agnostic and can be used with different CDN providers, cloud platforms, or any server backend. If you are a Cloudflare user, consider using Flow.
Forward all of the original request’s headers to the API, preserving their original order and capitalization. Detection accuracy depends on receiving the request as the client sent it.
Send authentication and session headers with empty values — do not drop themHeaders that carry authentication or session data, such as Authorization, Cookie, and Set-Cookie, must still be included, but with their value set to an empty string. Omitting them entirely changes the shape of the request and can affect detection. Never forward the real secret values.
For example, given an incoming request with these headers:
Enter a URL, some example Headers, an HTTP Method, and an IP address.
Make sure the Base URL corresponds to your workspace region.
Click Send!
A real API response will appear in the Response section. Alternatively, you can view the prepared response examples there.You can also point an API client like Postman to the OpenAPI Schema directly.