---
title: Evaluations
description: An evaluation is Rupt's verdict on a single user action: what an evaluation contains, when to run one, and how it relates to checks, risks, and policies.
---

# Evaluations

An evaluation is Rupt's assessment of a single [action](/docs/v3/concepts/actions) by a single user from a single device at a single moment. It is the entry point to everything Rupt does: every fingerprinting probe, every risk score, every challenge starts with an evaluation.

When you call `evaluate()` from the SDK, Rupt collects [signals](/docs/v3/concepts/signals) from the user's environment, derives [checks](/docs/v3/concepts/checks) from those signals plus the user's history, computes [risks](/docs/v3/concepts/risks) from the checks, and matches the result against your active [policies](/docs/v3/concepts/policies) to produce a [verdict](/docs/v3/concepts/verdicts). If the verdict is `challenge`, Rupt also creates a [challenge](/docs/v3/concepts/challenges) record.

## What an evaluation contains

- The **action** the user is trying to take (`login`, `signup`, or `access`).
- The **user**: a unique identifier when you have one, optional email and phone, and any metadata you want linked to the user.
- The **[device](/docs/v3/concepts/devices)** and a browser **[fingerprint](/docs/v3/concepts/fingerprints)** the user is using.
- The **geolocation** (IP, latitude/longitude, city, country, and anonymity flags for VPN, proxy, Tor, and hosting).
- The **checks** derived from the signals and history.
- The **risks** that were classified, each with a severity of `low`, `medium`, `high`, or `maximum`.
- The **policy** that matched and the **verdict** it produced.
- The **challenge** details, if one was issued.

## Where this fits

This page explains what an evaluation _is_. The mechanics of wiring `evaluate()` into a login, signup, or access flow (and confirming the result server-side) live in the [Quick start](/docs/v3/quick-start).