Use Case

API Security with Sentinel

Classify every API caller before your app logic runs

The problem

Modern APIs are called by a growing mix of browsers, mobile apps, AI agents, CLI tools, and malicious bots. Without visibility into caller identity, teams are forced to choose between locking down their API (blocking legitimate use) or leaving it open to abuse.

The solution

Sentinel classifies every API caller using TLS fingerprinting, header analysis, and behavioral patterns — all at the edge, before your application code executes. Allow verified browsers and AI agents, challenge suspicious callers, and block bots automatically.

Code example

const caller = await sentinel.classify(request);

if (caller.type === "bot" && !caller.isVerifiedCrawler) {
  return new Response("Blocked", { status: 403 });
}

if (caller.type === "ai-agent") {
  return handleAgentRequest(request, caller);
}

return handleBrowserRequest(request);

Key signals

TLS AnomalyHeadless BrowserGood BotBad BotBrowser Tampering

Related

signal

TLS Anomaly

Detect browser spoofing via TLS fingerprint analysis

signal

Headless Browser

Detect Selenium, Puppeteer, and Playwright automation

feature

Sentinel — API Caller Classification

Know exactly who is calling your API

Start identifying devices today

Free tier includes 25,000 identifications per month. No credit card required.

Get started free