Creating an action
To create an action, navigate to the actions page and click the Create a new action button.
Core components of an action
1. Action outcomes
Every action in Authsignal results in one of four possible outcomes that determine how to handle the user’s request:- ALLOW: Let the action proceed without additional authentication
- CHALLENGE: Require the user to complete an authentication challenge
- REVIEW: Place the action in a queue for manual review
- BLOCK: Prevent the action from proceeding entirely

2. Rules
The conditional logic that determines which outcome to apply based on risk factors and context. Rules can override the action’s default outcome. When you track an action, you provide the context needed for evaluation:Setting up your action
1. Tracking an action
In your app’s backend, use an Authsignal Server SDK to track an action which represents what your user is doing (e.g.withdraw-funds
).
This step will return a token which can be passed to a client SDK to perform a challenge for that user.
- Custom UI
- Pre-built UI
2. Challenging the user
Challenging the user performing an action.- Custom UI
- Pre-built UI
In your frontend, call
setToken
with the client token obtained, then use the relevant SDK methods to progress the user through a challenge.3. Validating a challenge
After the user completes the challenge, you’ll receive atoken
that you can validate on your backend to verify the authentication result.
For pre-built UI, this token
is appended to your redirect URL as a query parameter, while for custom UI implementation, you’ll get the token
directly from the challenge completion result.
- Custom UI
- Pre-built UI
Pass the token obtained from the challenge result to your backend and validate it server-side to complete authentication.