---
title: Actions
description: An action is the user-initiated event you ask Rupt to judge: login, signup, or access. Each tunes Rupt's checks and risks to the threats most relevant to that flow.
---

# Actions

An action is the user-initiated event you ask Rupt to judge. Every [evaluation](/docs/v3/concepts/evaluations) is bound to exactly one action, and Rupt tunes its [checks](/docs/v3/concepts/checks) and [risks](/docs/v3/concepts/risks) to the threats most relevant to that flow.

## The reserved actions

V3 supports the following reserved actions:

### `login`

A user authenticates to an existing account. Rupt prioritizes the following **risks** for this action:

- [account takeover](/docs/v3/concepts/account-takeover)
- [account sharing](/docs/v3/concepts/account-sharing)
- [bot activity](/docs/v3/concepts/bots)
- [scraping](/docs/v3/concepts/scraping)
- [linked accounts](/docs/v3/concepts/linked-accounts)

Rupt infers those risks from the following **checks**:

- [new fingerprint](/docs/v3/concepts/fingerprints)
- [new IP](/docs/v3/concepts/ip)
- [impossible travel](/docs/v3/concepts/impossible-travel)
- [anonymizing network](/docs/v3/concepts/anonymizing-network)
- [concurrent sessions](/docs/v3/concepts/concurrency)
- [device count](/docs/v3/concepts/devices)
- [velocity](/docs/v3/concepts/velocity)
- [shared fingerprint](/docs/v3/concepts/linked-accounts)

### `signup`

A new user is created. Rupt prioritizes the following **risks** for this action:

- [fake account](/docs/v3/concepts/fake-account)
- [bot activity](/docs/v3/concepts/bots)
- [linked accounts](/docs/v3/concepts/linked-accounts)

Rupt infers those risks from the following **checks**:

- [disposable email](/docs/v3/concepts/email)
- [invalid email](/docs/v3/concepts/email)
- [unverified email](/docs/v3/concepts/email)
- [webmail email](/docs/v3/concepts/email)
- [shared fingerprint](/docs/v3/concepts/linked-accounts)

### `access`

A page view or app open. Rupt prioritizes the following **risks** for this action:

- [account sharing](/docs/v3/concepts/account-sharing)
- [bot activity](/docs/v3/concepts/bots)
- [scraping](/docs/v3/concepts/scraping)
- [linked accounts](/docs/v3/concepts/linked-accounts)

Rupt infers those risks from the following **checks**:

- [concurrent sessions](/docs/v3/concepts/concurrency)
- [impossible travel](/docs/v3/concepts/impossible-travel)
- [device count](/docs/v3/concepts/devices)
- [velocity](/docs/v3/concepts/velocity)
- [anonymizing network](/docs/v3/concepts/anonymizing-network)
- [shared fingerprint](/docs/v3/concepts/linked-accounts)

### `custom actions` (coming soon)

A custom action is one that you define. You can use this to protect any user-facing flow that doesn't fit into the reserved actions. Each risk contains checks that are derived from signals. In the dashboard, you can create a custom risk, define the checks and signals that contribute to it as well as the weight of each check based on the outcome as well as the level of severity based on the score.

<!-- FIXME: This is coming soon. -->

## Choosing the right action

Pick the action that matches the user-facing flow you are protecting. The underlying [signals](/docs/v3/concepts/signals) and [checks](/docs/v3/concepts/checks) are shared across all actions; the difference is which combinations Rupt weights most heavily and which [risks](/docs/v3/concepts/risks) get scored.

V3 grew out of the v2 account-sharing focus (`access`) but now covers more of the fraud surface: ATO via `login`, fake accounts via `signup`, and sharing via `access`. There will be more actions in the future.