Overview
This article clarifies that security features like Bot Detection and CAPTCHA do not affect non-interactive clients, such as Machine-to-Machine (M2M) applications.
Applies To
- Attack protection
- Bot detection
- Machine-to-Machine clients
Solution
Bot Detection and CAPTCHA challenges are designed to protect against malicious traffic from bots during end-user authentication flows that occur in a browser. These security measures require user interaction to solve a challenge, proving a human is present.
Non-interactive clients, such as M2M applications or direct API calls, authenticate without any user or browser involvement. Therefore, they are not subjected to Bot Detection or CAPTCHA challenges as part of their authentication process. These features do not cause any failed API requests from M2M clients.