Security
Security features in the Horizon GraphQL API include rate limiting protection and CAPTCHA verification systems.
Rate Limiting and CAPTCHA
The API supports multiple CAPTCHA providers to bypass rate limiting when legitimate users are affected:
- Cloudflare Turnstile: Cloudflare’s CAPTCHA alternative
- hCaptcha: Alternative to reCAPTCHA
- reCAPTCHA: Traditional Google CAPTCHA with visible and invisible modes
All CAPTCHA providers use the same request header patterns for consistent implementation.