Use cases

The most common uses cases are:

• Enforce granular access control to resources. Includes access control based on criteria such as user agent, IP address, referrer, host, country, and world region.
• Protect against credential stuffing and account takeover attacks.
• Limit the number of operations performed by individual clients. Includes preventing scraping by bots, accessing sensitive data, bulk creation of new accounts, and programmatic buying in ecommerce platforms.
• Protect REST APIs from resource exhaustion (targeted DDoS attacks) and resources from abuse in general.
• Protect GraphQL APIs by preventing server overload and limiting the number of operations.