User-Agent Identification
This document describes the User-Agent string used by the Stayforge API backend services when interacting with external identity providers (such as Auth0) and third-party APIs.
User-Agent Format
Stayforge uses a specific User-Agent header to identify its automated requests:
Stayforge-API/<version> (+<documentation-url>)
Example
Stayforge-API/webhook (+https://docs.stayforge.io/apis/stayforge-api/useragent)
Purpose of this User-Agent
The Stayforge API performs automated backend operations, including:
- Identity Management: Communicating with Auth0 for user authentication and metadata updates.
- Webhooks: Sending event notifications to integrated services.
- Third-party Integration: Connecting to external data providers.
By identifying our traffic, we allow security administrators and automated systems to:
- Distinguish legitimate system traffic from unauthorized scrapers or generic scripts (like
curloraxios). - Whitelist our services in security policies (Actions, WAFs, or Firewalls).
- Reduce false-positive security alerts for "New Device Logins" when performed via our backend.
For System Administrators
If you see this User-Agent in your logs, it indicates a request originating from Stayforge's core infrastructure.
Contact Us
If you notice suspicious activity or have questions regarding requests with this User-Agent, please contact our security team at:
- Email: [email protected]
- Website: https://www.stayforge.io