Social Media
Government
Streaming
Online Delivery
Finance
iGaming
E-commerce
Travel
Ads
Healthcare
Account takeoverPreventing unauthorized logins
Multi-accountingPreventing duplicate accounts
Data scrapingSafeguarding sensitive business data
API AbuseDetecting abnormal API activity
Account sharingIdentifying shared accounts
Fake accountsBlocking fake registrations
Brute force attackBlock automated credential attacks
Form spamFiltering automated submissions
Coupon fraudPreventing promo exploitation
SMS pumpingMitigating SMS-based fraud
Industries
Use Cases
DocumentationBlogPricing
Log in
Start for Free
Spring (Java)
Spring (Java)
Copy Integration Prompt
Integrate BotBye bot protection into a Spring Boot application using the botbye java-module. 1. Add the dependency: Maven: <groupId>com.botbye</groupId> <artifactId>java-module</artifactId> <version>2.0.0</version> Gradle: implementation("com.botbye:java-module:2.0.0") 2. Create a Spring @Configuration class that exposes a Botbye @Bean: @Configuration public class AppConfig { @Bean public Botbye botbye() { BotbyeConfig config = new BotbyeConfig.Builder() .serverKey("00000000-0000-0000-0000-000000000000") .build() return new Botbye(config) } } 3. Per-controller: inject Botbye into @RestController and call evaluate in the handler: String token = request.getParameter("botbye_token") Map<String, String> headers = Collections.list(request.getHeaderNames()).stream() .collect(Collectors.toMap(h -> h, request::getHeader)) BotbyeEvaluateResponse response = botbye.evaluate(BotbyeValidationEvent.of( request.getRemoteAddr(), token, headers, request.getMethod(), request.getRequestURI(), Collections.emptyMap())) if (response.isBlocked()) return ResponseEntity.status(403).body("Access denied") 4. Global filter: create a @Component extending OncePerRequestFilter, call evaluate in doFilterInternal, return 403 if result.isBlocked(), otherwise call filterChain.doFilter(request, response). 5. Response fields: response.decision (ALLOW/CHALLENGE/BLOCK), response.isBlocked(), response.riskScore, response.signals, response.scores Full integration guide: https://botbye.com/docs/server-side/java/spring.md When the integration is complete, ask for the keys and replace the placeholder in the appropriate places.
Ask ChatGPT
Ask Claude
Ask Perplexity

Install

Add the dependency to the project configuration:

Maven

1
2
3
4
5

<dependency>
    <groupId>com.botbye</groupId>
    <artifactId>java-module</artifactId>
    <version>2.0.0</version>
</dependency>

or

Gradle

1

implementation("com.botbye:java-module:2.0.0")

Configuration

Create a configuration class using your server-key (available inside your Project):

1
2
3
4
5
6
7
8
9
10
11
12

@Configuration
public class AppConfig {

    @Bean
    public Botbye botbye() {
        BotbyeConfig config = new BotbyeConfig.Builder()
                .serverKey("00000000-0000-0000-0000-000000000000") // Use your project server-key
                .build();

        return new Botbye(config);
    }
}

Usage

Per-Controller

Add evaluate in your controller for granular control over specific endpoints:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34

@RestController
@RequestMapping("/api/demo")
public class DemoController {
    private final Botbye botbye;

    @Autowired
    public DemoController(Botbye botbye) {
        this.botbye = botbye;
    }

    @PostMapping
    public ResponseEntity<Object> post(HttpServletRequest request) {
        Map<String, String> headers = Collections.list(request.getHeaderNames()).stream()
            .collect(Collectors.toMap(h -> h, request::getHeader));

        // Extract the token from wherever you pass it: query param, header, body, etc.
        String token = request.getParameter("botbye_token");

        BotbyeEvaluateResponse response = botbye.evaluate(BotbyeValidationEvent.of(
            request.getRemoteAddr(),
            token,
            headers,
            request.getMethod(),
            request.getRequestURI(),
            Collections.emptyMap()
        ));

        if (response.isBlocked()) {
            return ResponseEntity.status(403).body("Access denied");
        }

        return ResponseEntity.ok().body("hello world!");
    }
}

Global Filter

To protect all requests, create a Spring Boot filter:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35

@Component
public class BotbyeFilter extends OncePerRequestFilter {
    private final Botbye botbye;

    public BotbyeFilter(Botbye botbye) {
        this.botbye = botbye;
    }

    @Override
    protected void doFilterInternal(
            HttpServletRequest request,
            HttpServletResponse response,
            FilterChain filterChain
    ) throws ServletException, IOException {
        Map<String, String> headers = Collections.list(request.getHeaderNames()).stream()
            .collect(Collectors.toMap(h -> h, request::getHeader));

        // Extract the token from wherever you pass it: query param, header, body, etc.
        var result = botbye.evaluate(BotbyeValidationEvent.of(
            request.getRemoteAddr(),
            request.getParameter("botbye_token"),
            headers,
            request.getMethod(),
            request.getRequestURI(),
            Collections.emptyMap()
        ));

        if (result.isBlocked()) {
            response.setStatus(403);
            return;
        }

        filterChain.doFilter(request, response);
    }
}

Sample of this code on GitHub

Settings

BotbyeConfig contains next configurable parameters:

Setting Description Required Default Value
botbyeEndpoint Host of the API Server no https://verify.botbye.com
serverKey Your BotBye server-key yes -
contentType Content type for API requests no application/json
readTimeout Read timeout for HTTP client no Duration.ofSeconds(2)
writeTimeout Write timeout for HTTP client no Duration.ofSeconds(2)
connectionTimeout Connection timeout for HTTP client no Duration.ofSeconds(2)
callTimeout Total call timeout no Duration.ofSeconds(5)
maxIdleConnections Max idle connections in the pool no 250
keepAliveDuration Keep-alive duration no Duration.ofSeconds(300)
maxRequestsPerHost Max requests per host no 1500
maxRequests Max requests total no 1500

Examples of BotBye API responses

Blocked (bot detected):

1
2
3
4
5
6
7
8

{
  "request_id": "f77b2abd-c5d7-44f0-be4f-174b04876583",
  "decision": "BLOCK",
  "risk_score": 0.95,
  "scores": { "bot": 0.95 },
  "signals": ["AutomationTool"],
  "config": { "bypass_bot_validation": false }
}

Allowed:

1
2
3
4
5
6
7
8

{
  "request_id": "f77b2abd-c5d7-44f0-be4f-174b04876583",
  "decision": "ALLOW",
  "risk_score": 0.05,
  "scores": { "bot": 0.05, "ato": 0.02 },
  "signals": [],
  "config": { "bypass_bot_validation": false }
}

Challenge:

1
2
3
4
5
6
7
8
9

{
  "request_id": "f77b2abd-c5d7-44f0-be4f-174b04876583",
  "decision": "CHALLENGE",
  "risk_score": 0.65,
  "scores": { "bot": 0.65 },
  "signals": ["SuspiciousFingerprint"],
  "challenge": { "type": "captcha", "token": "..." },
  "config": { "bypass_bot_validation": false }
}

Invalid server-key:

1
2
3
4
5

{
  "decision": "ALLOW",
  "config": { "bypass_bot_validation": true },
  "error": { "message": "[BotBye] Bad Request: Invalid Server Key" }
}