Skip to main content

Managing your DataDome edge integration

Arc XP’s Edge Integration Framework allows you to integrate DataDome’s Advance Bot Management to detect and block malicious bots before they reach your sites.

With this integration, you can:

  • Protect your digital properties from scraping, credential stuffing, fake traffic, and other bot-based threats.

  • Maintain clean analytics and optimize performance by filtering traffic at the edge layer.

  • Leverage DataDome’s expertise without needing complex custom development within Arc XP.

Note

You configure DataDome’s edge integration at only the site level. You cannot configure the integration based on URL paths.

How edge integrations work

When a user requests content from an Arc XP-powered site, the request first passes through the edge layer before it reaches the origin or application. With the DataDome integration enabled, each request is evaluated by DataDome’s real-time detection engine to determine whether it originates from a legitimate user or a malicious bot.

If a request is identified as a bot, DataDome enforces the appropriate response, such as blocking, redirecting, or challenging the request, based on the bot management rules that you configure.

Arc XP facilitates the routing of traffic to DataDome, but you configure all policy management, thresholds, and enforcement behaviors through your DataDome account. This allows your engineering teams to tailor the protection level and response strategies to match your specific needs.

del_Edge_Integration_Simplified_Transaction_Overview.png

Limitations and compatibility with other Arc XP products

Not supported:

  • Edge integrations cannot be used on sites with CDN stacking or that are headless. PageBuilder is required.

  • Pages served from alt-origin are not supported.

Supported:

  • Audience Targeting

Prerequisites

To use this integration, you must have the following items:

  • An active DataDome subscription and work directly with DataDome to configure your bot protection policies. Arc XP facilitates the integration but does not manage bot detection or enforcement.

    If you do not currently have a DataDome subscription, contact your Technical Account Manager who can help you begin a trial.

  • Your DataDome client-side and server-side keys. Your DataDome keys are used for the following items:

    • A client-side key to configure the experience.

    • A server-side key to configure the site in Arc XP’s Delivery application.

  • The Site Manager permission. To complete the integration, you must have access to the Delivery application. SeeManaging roles.

Scenario: Protecting content with a DataDome integration

A media organization using Arc XP notices a surge in non-human traffic targeting its paywalled articles, leading to inflated pageview metrics, increased infrastructure load, and unauthorized content scraping. To mitigate the issue, their team enables the DataDome integration through Arc XP’s Integration Framework.

After activating their DataDome subscription and working directly with the vendor to configure detection rules, the organization begins filtering malicious bot traffic at the edge layer, before it ever reaches the site. This not only protects premium content from unauthorized scraping but also ensures their analytics reflect real user behavior and their infrastructure resources are preserved for actual readers.

Procedures

To fully integrate DataDome with Arc XP’s Edge Integration Framework, you must follow each procedure in order.

Retrieving your DataDome keys

You first must retrieve both the client-side and server-side keys in DataDome. See DataDome’s Key documentation to learn more.

Configuring DataDome's client-side JavaScript tag in your bundle

Instruct your engineer to insert DataDome’s client-side SDK on your page. Your engineering team can follow DataDome’s client-side JavaScript tag guide.

The appropriate place for DataDome’s JavaScript tag is your output types where most of the site-wide integrations, like analytics and Ads SDKs, already are.

Enabling DataDome's edge integration for your site

Follow these steps to turn on the integration within Arc XP.

  1. Navigate to Delivery > Site Settings.

  2. Click the site you want to enable the integration for.

  3. Click the Edge Integrations tab. (If you don’t see the Edge Integrations tab, you likely don’t have the Site Manager permission.)

  4. Complete the following fields:

    • DataDome toggle - toggle this setting on.

    • DataDome License Key - enter your DataDome server-side key.

  5. Click Save.

Verifying your DataDome protection is enabled

After you enable the integration, follow these steps to confirm it’s working correctly:

  1. In a web browser, open your website, and navigate to Developer Tools.

  2. Click the Network tab, find and click the page request (usually the first request, or you can filter the list of network activity by Doc to show only the current page loaded).

  3. Click the Headers tab.

    Arc XP returns headers prefixed with x-*, and the DataDome integration returns an x-Datadome response header.

    When the integration is turned off, the x-Datadome response header does not appear.

    del_no_x_datadome.png

    When the DataDome integration is turned on, the x-Datadome: protected response header appears.

    del_x_datadome.png
In this section: