# Verify The Token

When you made super-safe key, but it's meaningless until you get the keyhole that check the key.

But don't worry, verifying the token is so much simpler than making keyhole.

### /validate

<mark style="color:green;">`POST`</mark> <https://hamutan86.pythonanywhere.com/nonstress/validate>

#### Request (Content-Type: application/json)

{% tabs %}
{% tab title="Example" %}

```json
{
  "token": "0dc240c66802f7329a1cb9f85804c49f6bb34a..."
}
```

{% endtab %}

{% tab title="Parameters" %}

| name          | description |
| ------------- | ----------- |
| token         | the token.  |
| {% endtab %}  |             |
| {% endtabs %} |             |

#### Response

{% tabs %}
{% tab title="200 OK" %}

```json
{
  "error": "",
  "pass": true,
  "score": 0.98,
  "risk_rate": "low",
  "user_data": {
    "user-agent": "Mozilla/5.0 (Windows NT 10.0; Win64...",
    "ip": "d3be2698fceafeb3a93dda396941118588743...",
    "ip_type": "ipv4"
  }
}
```

{% endtab %}

{% tab title="400 Bad Request" %}

#### When token was invaild:

```json
{
  "error": "token doesn't exist",
  "pass": false
}
```

#### When token was expired:

```json
{
  "error": "expired token",
  "pass": false
}
```

{% endtab %}

{% tab title="Parameters" %}

| name                    | description                                                                                                  |
| ----------------------- | ------------------------------------------------------------------------------------------------------------ |
| error                   | error text will be here when validation is failed.                                                           |
| pass                    | user passed the nonstress challenge or not. it will be false when `score` is 0.0 even error doesn't happend. |
| score                   | token's suspicion. range is 0.0 - 1.0, and high score means low suspicious, low score means high suspicious. |
| risk\_rate              | verbalized `score`, here's all risk\_rate: `clean`, `low`, `medium`, `high`, `bot( pass: false )`.           |
| user\_data              | user's some infomations. it is useful to make validation more secure.                                        |
| user\_data\[user-agent] | the `user-agent` header.                                                                                     |
| user\_data\[ip]         | user's ip address. it's hashed with sha-256 for user's privacy, but still useful for validation.             |
| user\_data\[ip\_type]   | ip version of user\_data\[ip]. this param will be only `ipv4` or `ipv6`.                                     |
| {% endtab %}            |                                                                                                              |
| {% endtabs %}           |                                                                                                              |


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://nonstress.gitbook.io/nonstress-docs/verify-the-token.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.