Build with the CheckHumans human and agent trust API.

CheckHumans is now positioned as a human and agent trust layer, not just a CAPTCHA replacement.

The core problem is not only bots. It is fake humans, low-intent traffic, autonomous agents, and workflows that should not all get the same access.

Your product can now treat trust as a decision input instead of a binary challenge.

Create a site in the dashboard and copy your public site key. Keep the secret key for privileged API calls like policies, feedback, and server-side analytics access.

Send an event to `/api/v2/events` or `/api/v2/decide` whenever a signup, lead, login, or agent interaction happens.

Use the returned trust score, intent score, classification, and policy outcome to drive your own product logic.

Only send the minimum data needed for your use case, and make sure your own site or app discloses any collection required by applicable law.

Event: the incoming interaction such as a signup, lead, login, API request, or agent request.

Decision: the computed trust score, intent score, classification, recommended action, and policy outcome.

Policy: your mapping between certain risk conditions and the actions your product should take.

Protect trial signups from low-intent or abusive accounts.

Route demo requests and contact forms away from junk pipeline.

Control login and WordPress auth flows without blanket friction.

Allow, deny, or restrict AI-agent traffic based on path and intent.

`POST /api/v2/events`: ingest and score an event.

`POST /api/v2/decide`: alias for events when you want to treat the response as a business decision.

`GET /api/v2/analytics`: fetch tenant-scoped trust analytics for the signed-in account or with a secret key bearer token.

`GET|POST /api/v2/policies`: list or create routing policies with a secret key bearer token.

`POST /api/v2/feedback`: label a decision as good or bad with a secret key bearer token tied to the same site.

`allow`: frictionless path for high-trust events.

`allow_with_friction`: add email verification, delay, or constrained access.

`block`: deny the event entirely.

`allow_with_policy`: use AI-agent or workflow-specific routing instead of static blocking.

Classify autonomous and human-assisted agents separately from real users.

Set per-path rules for docs, pricing, search, account actions, and sensitive endpoints.

Use agent policy outcomes to control access, metering, or block decisions.

Install the CheckHumans WordPress plugin from the repo plugin package.

Connect your site using the public site key and hosted API base from the dashboard.

Start with native WordPress login, registration, and comments before extending the scaffold to more plugins.

Secret keys are server-side credentials. Do not embed them in frontend code or public plugins.

Reveal and rotate actions are audited. Security alerts can be sent by email or Slack when secret access comes from a new IP or unusual client fingerprint.

Public pricing, docs, and trust-center pages are informational. Enterprise retention, DPA, SLA, or custom deployment commitments need a separate written agreement.