@fingerprintjs/fingerprintjs
Advanced tools
@fingerprintjs/fingerprintjs is a JavaScript library that provides a way to uniquely identify users based on their browser and device characteristics. It is commonly used for fraud prevention, user authentication, and personalization.
Generate a Visitor Identifier
This feature allows you to generate a unique identifier for a visitor based on their browser and device characteristics. The code sample demonstrates how to load the FingerprintJS library, generate a visitor identifier, and log it to the console.
const FingerprintJS = require('@fingerprintjs/fingerprintjs');
FingerprintJS.load().then(fp => {
fp.get().then(result => {
const visitorId = result.visitorId;
console.log(visitorId);
});
});Get Detailed Visitor Data
This feature provides detailed information about the visitor's browser and device characteristics. The code sample shows how to access and log the detailed components of the visitor's fingerprint.
const FingerprintJS = require('@fingerprintjs/fingerprintjs');
FingerprintJS.load().then(fp => {
fp.get().then(result => {
const components = result.components;
console.log(components);
});
});ClientJS is a JavaScript library for generating a client-side fingerprint based on browser and device characteristics. It offers similar functionality to @fingerprintjs/fingerprintjs but may not be as comprehensive in terms of the data it collects and analyzes.
FingerprintJS2 is an older version of the FingerprintJS library. It provides similar functionality for generating unique visitor identifiers but lacks some of the newer features and improvements found in @fingerprintjs/fingerprintjs.
UA-Parser-JS is a JavaScript library for parsing user-agent strings to identify browser, engine, OS, CPU, and device type/model. While it does not generate a unique visitor identifier, it provides detailed information about the user's environment, which can be used in conjunction with other libraries for fingerprinting.
Makes a website visitor identifier from a browser fingerprint. Unlike cookies and local storage, fingerprint stays the same in incognito/private mode and even when browser data is purged.
<script>
function onFingerprintJSLoad(fpAgent) {
// The FingerprintJS agent is ready. Get a visitor identifier when you'd like to.
fpAgent.get().then(result => {
// This is the visitor identifier:
const visitorId = result.visitorId;
console.log(visitorId);
});
}
</script>
<script
async src="https://cdn.jsdelivr.net/npm/@fingerprintjs/fingerprintjs@3/dist/fp.min.js"
onload="FingerprintJS.load().then(onFingerprintJSLoad)"
></script>
We recommend to upload the JS script to your server because AdBlock and other browser extensions can block the public script URL.
npm i @fingerprintjs/fingerprintjs
# or
yarn add @fingerprintjs/fingerprintjs
import FingerprintJS from '@fingerprintjs/fingerprintjs';
(async () => {
// We recommend to call `load` at application startup.
const fpAgent = await FingerprintJS.load();
// The FingerprintJS agent is ready. Get a visitor identifier when you'd like to.
const result = await fpAgent.get();
// This is the visitor identifier:
const visitorId = result.visitorId;
console.log(visitorId);
})();
Open Source version | Pro version | |
|---|---|---|
| Identification accuracy | 60% | 99.5% |
| Bot detection | ❌ | ✅ |
| Incognito / Private mode detection | ❌ | ✅ |
| Geolocation | ❌ | ✅ |
| Security | ❌ | ✅ |
| Server API | ❌ | ✅ |
| Webhooks | ❌ | ✅ |
Pro result example:
{
"requestId": "HFMlljrzKEiZmhUNDx7Z",
"visitorId": "kHqPGWS1Mj18sZFsP8Wl",
"visitorFound": true,
"incognito": false,
"bot": { "probability": 0.96 },
"browserName": "Chrome",
"browserVersion": "85.0.4183",
"os": "Mac OS X",
"osVersion": "10.15.6",
"device": "Other",
"ip": "192.65.67.131",
"ipLocation": {
"accuracyRadius": 100,
"latitude": 37.409657,
"longitude": -121.965467
// ...
}
}
⏱ How to upgrade from Open Source to Pro in 30 seconds
📕 FingerprintJS Pro documentation
The library is shipped in various formats:
<script>
function initFingerprintJS() {
// ...
}
</script>
<script
async
src="https://cdn.jsdelivr.net/npm/@fingerprintjs/fingerprintjs@3/dist/fp.min.js"
onload="initFingerprintJS()"
></script>
require(['https://cdn.jsdelivr.net/npm/@fingerprintjs/fingerprintjs@3/dist/fp.umd.min.js'], (FingerprintJS) => {/* ... */});
import FingerprintJS from '@fingerprintjs/fingerprintjs';
const FingerprintJS = require('@fingerprintjs/fingerprintjs');
FingerprintJS.load({ delayFallback?: number }): Promise<Agent>
Builds an instance of Agent and waits a delay required for a proper operation.
delayFallback is an optional parameter that sets duration (milliseconds) of the fallback for browsers that don't support requestIdleCallback;
it has a good default value which we don't recommend to change.
agent.get({ debug?: boolean }): Promise<{ visitorId: string, components: {/* ... */} }>
Gets the visitor identifier.
debug: true prints debug messages to the console.
visitorId is the visitor identifier.
components is a dictionary of components that have formed the identifier;
each value is an object like { value: any, duration: number } in case of success
and { error: object, duration: number } in case of an unexpected error during getting the component.
FingerprintJS.hashComponents(components: object): string
Converts a dictionary of components (described above) into a short hash string a.k.a. a visitor identifier. Designed for extending the library with your own components.
FingerprintJS.componentsToDebugString(components: object): string
Converts a dictionary of components (described above) into human-friendly format.
The library doesn't guarantee the same visitor identifier between versions, but will try to keep them the same as much as possible.
The documented JS API follows Semantic Versioning. Use undocumented features at your own risk.
npx browserslist "> 1% in us"
See the contribution guidelines to learn how to start a playground, test and build.
FAQs
Browser fingerprinting library with the highest accuracy and stability
We found that @fingerprintjs/fingerprintjs demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 3 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
A malicious npm package disguised as a WhatsApp client is exploiting authentication flows with a remote kill switch to exfiltrate data and destroy files.
Security News
PyPI now supports digital attestations, enhancing security and trust by allowing package maintainers to verify the authenticity of Python packages.
Security News
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.