Allow

When we return an ALLOW verdict, we have a high level of confidence that the request was made by a legitimate user. Requests that result in ALLOW verdicts originate from devices with verified profiles that match the characteristics of known/ authentic traffic origins.

If you'd like to block a device or group of devices that's receiving an ALLOW verdict, you may use the Set rule endpoint to change the verdict to BLOCK for that device's identifier. Rules can also be viewed, added, removed, and modified via the Authorization rules tab within the Device Fingerprinting section of the Stytch Dashboard.

When you receive an ALLOW verdict in the Fingerprint lookup response, you should allow the request(s) associated with that telemetry_id to proceed.

If you maintain your own risk score based on cumulative DFP verdicts, you should assign a low level of risk to an ALLOW verdict.

When DFP Protected Auth is enabled, our SDK will always allow requests to proceed when an ALLOW verdict is returned.