BotD is an open source library that we created to make it easy for every developer to detect basic bots in their web apps.
It is available under a permissive MIT license and will always be free for developers and commercial use.
We keep the open-source BotD package healthy with timely critical fixes and regressions addressed as fast as possible. That said, the near-term roadmap is stability-only, so new features are unlikely to land soon. Please plan accordingly if you depend on upcoming enhancements.
For more demanding applications we created a professional API-based bot detection software that is called Fingerprint Pro Bot Detection.
<script>
// Initialize an agent at application startup, once per page/app.
const botdPromise = import('https://openfpcdn.io/botd/v2').then((Botd) => Botd.load())
// Get detection results when you need them.
botdPromise
.then((botd) => botd.detect())
.then((result) => console.log(result))
.catch((error) => console.error(error))
</script>npm i @fingerprintjs/botd
# or
yarn add @fingerprintjs/botdimport { load } from '@fingerprintjs/botd'
// Initialize an agent at application startup, once per page/app.
const botdPromise = load()
// Get detection results when you need them.
botdPromise
.then((botd) => botd.detect())
.then((result) => console.log(result))
.catch((error) => console.error(error))π Full documentation
Fingerprint Bot Detection API is a professional bot detection API service that processes all information server-side and transmits it securely to your servers.
Fingerprint Bot Detection API provides both browser and server-side APIs that make the process of bot detection fast and secure. When using the Bot Detection, use the browser JavaScript SDK to detect browser automation tools and server-side Automation Intelligence API to detect more bot bot types, such as AI agents, AI assistants, and AI/LLM crawlers.
The commercial product combines vast amounts of auxiliary data that bots expose (network properties, browser overrides) to be able to reliably deduplicate real users from automated software, resulting in the detection of popular AI tools, browser automation tools, their derivatives and plugins.
A big advantage of the paid product is that it's able to distinguish good bots from bad ones that allow you to block malicious traffic without blocking search engine crawlers, monitoring workers, etc.
Full product comparison:
| Open Source Library | Bot Detection API | |
|---|---|---|
| 100% open source | yes | no |
| AI Agent Detection OpenAI, Manus, AWS AgentCore | β | β |
| AI Assistant Detection ChatGPT, Anthropic, Google Gemini | β | β |
| Web Bot Auth support Detect verified, signed, and spoofed identities | β | β |
| Search Engine detection Google, Bing, DuckDuckGo | β | β |
| Anti Detect Browser detection AdsPower, Dolphin Anty, Kameleo | β | β |
| Browser Automation Tools detection | partial | full |
| Headless Browsers (Chrome, Firefox) | β | β |
| seleniumHQ/selenium umbrella project encapsulating a variety of tools and libraries enabling web browser automation | β | β |
| microsoft/playwright Node.js library to automate Chromium, Firefox and WebKit with a single API | β | β |
| ariya/phantomjs headless WebKit scriptable with JavaScript | β | β |
| segmentio/nightmare high-level browser automation library | β | β |
| electron/electron framework lets you write cross-platform desktop applications using JavaScript, HTML and CSS | β | β |
| laurentj/slimerjs scriptable browser | β | β |
| berstend/puppeteer-extra/packages/puppeteer-extra-plugin-stealth plugin for puppeteer-extra to prevent detection. | - | β |
| microlinkhq/browserless efficient driver for controlling headless browsers built on top of puppeteer developed for scenarios where performance matters | - | β |
| ultrafunkamsterdam/undetected-chromedriver optimized Selenium Chromedriver patch which does not trigger anti-bot services | - | β |
| MeiK2333/pyppeteer_stealth stealth plugin for pyppeteer | - | β |
| Requires JavaScript Requires a JavaScript library to detect bots | yes | no |
| Server-side accuracy increase based on additional server-side data, such as TLS crypto support, ipv4/v6 data and others | β | β |
| Query API build flexible workflows | β | β |
| Data security | Your infrastructure | Encrypted at rest |
| Storage | Your infrastructure | Unlimited up to 1 yr |
| Regions | Your infrastructure | Hosting in US, EU and Mumbai |
| Compliance | Your infrastructure | GDPR, CCPA compliant1 |
| SLA | No SLA | 99.9% Uptime |
| Support | GitHub community | Support team via email, chat, and call-back within 1 business day |
1. Fingerprint Pro is GDPR and CCPA compliant as the data processor. You still need to be compliant as the data controller and use the bot detection for fraud prevention under legitimate interest or ask for user consent.
Bot detection API result example:
{
"bot": "bad",
"bot_type": "headless_chrome",
"bot_info": {
"category": "browser_automation",
"provider": "chromium/chromium",
"name": "ChromeHeadless",
"identity": "unknown",
"confidence": "medium"
}
}πΏ Live demo
π Fingerprint Bot Detection API Docs
See the Contribution guidelines to learn how to contribute to the project or run the project locally. Please read it carefully before making a pull request.
- FingerprintJS -- browser fingerprinting library that queries browser attributes and computes a hashed visitor identifier from them
- Fingerprint Android -- Android identification and fingerprinting in native apps
- Fingerprint iOS -- iOS identification and fingerprinting in native apps
Β© 2026 FingerprintJS, Inc