Skip to main content
You can add Bot Detection to your native applications with little to no additional configuration depending on the SDK and authentication flow you are using.

Auth0.swift and Auth0.Android

If you’re using , is supported automatically by the following SDK versions:
  • Auth0.swift version 1.28.0+
  • Auth0.Android version 1.25.0+
If you’re not using Universal Login, Bot Detection is supported, but you need to configure your application accordingly:
  • Your application must handle the requires_verification exception (which is thrown when a high-risk login attempt is detected) and then trigger a WebAuth flow to render a CAPTCHA verification step.
  • When you trigger the WebAuth flow, you may pass the login_hint parameter to prevent the user from needing to type in their username again.

Auth0.swift example

If your application performs database login/signup through the Authentication API, you must handle the isVerificationRequired error. This error indicates that the request was flagged as suspicious and an additional verification step is necessary to authenticate the user.
This verification step is web-based, so you need to use Universal Login to complete it.
In the case of signup, you can add an additional parameter to make the user land directly on the signup page: .parameters(["login_hint": email, "screen_hint": "signup"]) Read Auth0.swift Getting Started for details on how to set up Universal Login.

Auth0.Android example

If your application performs database login/signup through the Authentication API, you must handle the AuthenticationException#isVerificationRequired() error. This error indicates that the request was flagged as suspicious and an additional verification step is necessary to log the user in.
This verification step is web-based, so you need to use Universal Login to complete it.
In the case of signup, you can add an additional parameter to make the user land directly on the signup page: params.put("screen_hint", "signup"); Read Auth0.Android Authentication with Universal Login SDK documentation for details on how to set up Universal Login.

Lock.Swift and Lock.Android

If you’re using Universal Login, Bot Detection is supported automatically by the following SDK versions:
  • Lock.Swift version 2.19.0+
  • Lock.Android version 2.22.0+
If you’re not using Universal Login, Bot Detection is supported, but you need to configure your application accordingly:
  • Your application must handle the requires_verification exception (which is thrown when a high-risk login attempt is detected) and then trigger a WebAuth flow to render a CAPTCHA verification step.
  • When you trigger the WebAuth flow, you may pass the login_hint parameter to prevent the user from needing to type in their username again.

Authentication API

If you’re using the Authentication API directly, Bot Detection is supported, but you need to configure your application accordingly:
  • Your application must handle the requires_verification error (which is returned by the Authentication API when a high-risk login attempt is detected) and then trigger a WebAuth flow to render a CAPTCHA verification step.

Learn more