> ## Documentation Index
> Fetch the complete documentation index at: https://stytch.com/docs/llms.txt
> Use this file to discover all available pages before exploring further.

# Add external metadata

> Provide context by attaching additional metadata to your fingerprints and verdicts.

## Overview

Device Fingerprinting is more useful with the full context of your application. To provide context, you can attach additional metadata to your fingerprints and verdicts.

Without external metadata, it can be difficult to interpret your data. For example, you might see a large volume of lookups for the same fingerprints. Is it because one user is very active and taking many actions on their own account? Or is it because an attacker is creating many different accounts using the same device?

Using the Stytch Dashboard and external metadata, you can understand user behavior and fraud patterns with full context.

<Note>
  You should consider your company's [privacy and compliance policy](/fraud-risk/device-fingerprinting/privacy-and-compliance#external-metadata) when using external metadata.

  Device Fingerprinting stores the `external_metadata` and does not use it for decisioning or enforcement.
</Note>

***

## External metadata fields

The Fingerprint Lookup API has an optional parameter for `external_metadata`:

```json theme={null}
"external_metadata": {
    "external_id": "user-123",
    "organization_id": "organization-123",
    "user_action": "LOGIN"
}
```

Each field is optional and you can provide any string data in these fields:

<ResponseField name="external_id" type="string">
  Represents a specific user identifier, like an email address or user ID.
</ResponseField>

<ResponseField name="organization_id" type="string">
  Represents a group identifier, like an organization or other group.
</ResponseField>

<ResponseField name="user_action" type="string">
  Represents the action that was fingerprinted.
</ResponseField>

### How Protected Auth uses external metadata

Stytch authentication methods are protected using Device Fingerprinting. Each protected method adds external metadata to provide context:

<ResponseField name="external_id" type="string">
  Stores different identifiers depending on the action: email address, biometric registration ID, User ID or Member ID..
</ResponseField>

<ResponseField name="organization_id" type="string">
  Stores the member's organization when using multi-tenant authentication.
</ResponseField>

<ResponseField name="user_action" type="string">
  Stores the associate API action (SDK method), like `OTPsSMSSend` or `SDKB2BDiscoveryPasswordReset`.
</ResponseField>

***

## In the Stytch Dashboard

After you start sending external metadata in your Fingerprint Lookup API requests, you will be able to view and query them in the [Dashboard](https://stytch.com/dashboard/activity?tab=dfp-logs).

Here are some examples of questions you can ask:

* In a recent spike of signups (`user_action`), what were the fingerprints? Is there a common pattern in their email addresses or domains (`external_id`)?
* A specific user recently reported unauthorized activity on their account. Are there different fingerprints associated with their `external_id` that might indicate an account takeover?
* Recently you've seen more account takeover attempts against one particular business customers (`organization_id`).
  Is there a pattern in their fingerprints?

The Dashboard is a convenient way to perform ad-hoc queries against your recent Device Fingerprinting data. You can also store the Fingerprint Lookup responses yourself and correlate it with your other logs.