Bot Verification

Role and auth requirements

• Primary roles: OWNER, OPERATOR
• Auth mode: JWT (Authorization: Bearer <token>)

UI flow (draft)

1. Open bot verification for your handle.
2. Enter crawler metadata or source details.
3. Review verification outcome and risk flags.

API fallback (draft)

• POST /v2/handles/{handle}/site-intel/verify-bot

Verification behavior

• Verification performs reverse DNS lookup, validates expected crawler domain, then forward-resolves hostnames.
• Forward verification accepts both IPv4 (A) and IPv6 (AAAA) matches.

Failure and remediation (draft)

• 400 invalid_json: request body is missing, malformed, or not a JSON object.
• 400 userAgent_required: include crawler user agent string.
• 400 sourceIp_required: include source IP address to verify.
• 401 unauthorized: refresh auth token.
• 403 forbidden: ensure operator-level handle access.
• 503 unavailable: retry after upstream DNS/network checks recover.