Setting Up Arkose Edge
About the Product
Arkose Edge delivers powerful server-side protection through a streamlined API solution that seamlessly integrates into customer infrastructure with a lightweight call at any endpoint, collecting essential data signals to deliver intelligent risk assessments and actionable allow/deny recommendations based on comprehensive consortium intelligence.
Edge API Overview
Arkose Edge API is a lightweight, high-performance integration point with no client-side component to install providing:
- Server-Side Protection: Secures surfaces where client-side JavaScript or SDK implementation isn't possible
- Lightweight Integration: Straightforward implementation with minimal development resources required
- Low Cost & Low Latency: Delivers high-speed protection with cost-efficient implementation
- Risk Assessment: Analyzes payload data and returns comprehensive risk signals and scores
Step 1: Get your keys
Arkose Edge authenticates requests using a public/private key pair, issued per workflow (e.g., login, signup, checkout).
- Log in to the Arkose Command Center.
- Go to Settings > Keys to find your public and private keys for Edge.
- If you don't yet have Command Center access or keys for Arkose Edge, then please contact your Arkose Customer Success Manager (CSM).
Recommended: use a separate key pair for each workflow you protect, and a dedicated development key for testing.
Step 2: Make your first API call
Send a POST request from your server to the Edge API endpoint with your private key, the caller's IP address, and at least one additional signal.
curl https://client-api.arkoselabs.com/api/edge/v1/<public_key>
-H "Content-Type: application/json"
-d '{
"private_key": "<private_key>",
"ip_address": "1.2.3.4",
"workflow": "login",
"os": "OS X",
"platform": "MacIntel"
}'private_key , workflow and ip_address are the only strictly required fields, but the API also requires at least one additional signal — OS, platform, JA3/JA4 fingerprint, TLS details, or full headers. Requests that are missing one additional fields are rejected with an error so please do include at least one. The more fields received in the Request, the better would be the risk assessment.
For the full request schema, all supported fields (including headers, request, and tls objects), and additional examples, see Edge API Request Parameters.
Step 3: Handle the response
Arkose Edge returns a recommended_action of allow, challenge, or block, along with the data behind that recommendation:
session_details— session ID, creation time, and the telltale(s) that firedip_intelligence— proxy/VPN/Tor flags, geolocation, ISP, connection type, ASNsession_risk— arisk_band(Low/Medium/High) plus separate global and custom risk scores, each broken down by contributing telltaleaggregations— short- and long-term request volume from this IP, against your configured thresholdsemail_intelligence(optional, if an email address was sent) — email risk score, domain enrichment, and validity/enumeration flags
Note that challenge is a recommendation only — Arkose Edge doesn't serve a challenge itself. The customer application needs to decide the final action based on the recommendations received in the response.
For the full response schema and field-by-field descriptions, see Edge API Response Parameters.
Step 4: Test each protected workflow
If you're protecting more than one workflow (login, signup, checkout, password reset, etc.), repeat this setup for each — each workflow should use its own unique key pair so you can tune and monitor them independently.
Step 5: Monitor in the Command Center
Once live, use the Arkose Command Center to monitor traffic, risk scores, and outcomes for each workflow protected by Arkose Edge, and to tune your allow/challenge/block thresholds over time.
Next : Check out the below API specification document for more details:
-
Contact your Arkose CSM if you need Command Center access, keys, or help choosing risk thresholds for your workflows.