TypeAuth provides robust security features to protect your application from various types of fraud and abuse. This comprehensive suite of tools helps maintain the integrity of your authentication system and safeguard your users.

Features Overview

Global Rate Limiting

TypeAuth implements intelligent rate limiting across your entire application to prevent brute force attacks and abuse.

Configuration

curl --request POST \
  --url https://api.typeauth.com/{account_id}/abuse/create \
  --header 'Content-Type: application/json' \
  --data '{
  "name": "Global Rate Limit",
  "ratelimit": {
    "requests": "1m", // 1 million request
    "interval": "10m" // 10 minutes
  },
}'

Key Features

  • Flexible Window Sizes: Configure time windows from seconds to days
  • Custom Throttling Rules: Set different limits for specific endpoints or user types
  • IP-based Tracking: Automatically detect and block suspicious IP patterns
  • Burst Protection: Handle sudden spikes in traffic appropriately

Disposable Email Detection

Prevent registration abuse by detecting and blocking disposable email addresses.

Usage

curl --request POST \
  --url https://api.typeauth.com/{account_id}/abuse/create \
  --header 'Content-Type: application/json' \
  --data '{
  "name": "Bademails",
  "blocklist": [
    "bademail.com"
  ],
  "exceptions": [
    "google.com", "microsoft.com"
  ],
  "checkPropertyName": "email",
  "checkLocations": "header"

}'

Features

  • Real-time Validation: Check emails against constantly updated database
  • Custom Rules: Add your own blocked/allowed domains
  • Comprehensive Database: Access to 100,000+ known disposable email providers
  • API Integration: Easy integration with existing email validation workflows

Geo Sentry

GeoSentry protects your API endpoints by monitoring and detecting suspicious geographic access patterns. It tracks physical locations where authentication tokens are used to identify potentially compromised credentials when they’re used from impossible locations in unrealistic timeframes. For example: If a token is used in London and then 30 minutes later in Buenos Aires, GeoSentry recognizes this physically impossible travel time and can block the request, require verification, or alert your security team - preventing unauthorized access even if the attacker has valid credentials.

Configuration

curl --request POST \
  --url https://api.typeauth.com/{account_id}/abuse/create \
  --header 'Content-Type: application/json' \
  --data '{
  "name": "Protect",
  "geoSentry: "Permissive"
}'

Capabilities

  • Token Geography Tracking: Monitor authentication tokens across different locations
  • Velocity Checking: Detect impossibly fast geographic movements
  • Risk Scoring: Assign risk levels to different geographic patterns
  • Custom Rules: Set specific policies for different regions

Profiles

  • Permissive: Best for global content delivery networks (CDNs) or public APIs where users frequently travel internationally and blocking access would significantly impact service availability.
  • Standard: Ideal for typical business applications, SaaS platforms, or e-commerce sites that need balanced security without overly restricting legitimate global users.
  • Strict: Perfect for financial services, healthcare applications, or government systems where security is paramount and any suspicious geographic patterns must be blocked immediately.
  • Regional: Designed for services that should only operate within specific geographic boundaries due to regulatory requirements (like gambling sites) or business operations limited to certain countries/regions.

Anomaly Detection

TypeAuth’s Anomaly Detection system is an advanced security feature that monitors API behavior patterns to identify potential threats and unusual activities. It analyzes various metrics like request volumes, error rates, response times, payload sizes, and endpoint velocity to detect deviations from normal patterns. For example: If your API typically handles 100 requests per minute and suddenly receives 1,000 requests, or if response times suddenly spike from 200ms to 2 seconds, the system will flag these anomalies and take configured actions based on your profile - from simple monitoring to blocking requests.

Implementation

curl --request POST \
  --url https://api.typeauth.com/{account_id}/abuse/create \
  --header 'Content-Type: application/json' \
  --data '{
  "name": "Protect Anomaly",
  "anomalyDetection: "Permissive"
}'

Key Features

  • Behavioral Analysis: Monitor and learn from normal user patterns
  • Multiple Detection Vectors:
    • Login time patterns
    • Device fingerprinting
    • Network characteristics
    • User interaction patterns
  • Customizable Alerts: Set different notification thresholds
  • Automatic Response: Configure automated actions for detected anomalies

Profiles

  • Permissive: Best for development environments or public APIs where monitoring anomalies is needed but blocking actions could disrupt service availability (uses higher deviation thresholds and only monitors).
  • Standard: Ideal for most production applications needing balanced protection - alerts on moderate anomalies and can challenge suspicious users without immediately blocking them.
  • Strict: Perfect for financial or healthcare applications requiring maximum security - uses stricter thresholds and immediately blocks suspicious activities.
  • API Gateway: Optimized for high-traffic API gateways with very short monitoring windows (1-15 minutes) and specialized thresholds for different types of anomalies.

Best Practices

  1. Start Conservative: Begin with less restrictive settings and adjust based on your needs
  2. Monitor False Positives: Regularly review blocked attempts for legitimate users
  3. Layer Security: Use multiple features together for comprehensive protection
  4. Regular Updates: Keep your TypeAuth installation updated for the latest security definitions

Example Implementation

curl --request POST \
  --url https://api.typeauth.com/{account_id}/abuse/create \
  --header 'Content-Type: application/json' \
  --data '{
  "name": "abuse 1",
  "blocklist": [
    "bademail"
  ],
  "exceptions": [
    "google.com"
  ],
  "ratelimit": {
    "requests": "1m",
    "interval": "10s"
  },
  "checkLocations": "header",
  "checkPropertyName": "email",
  "geoSentry": "Permissive",
  "anomalyDetection": "Permissive"
}'

Additional Resources

Was this page helpful?

Schema ValidationAnomaly Detection