---
title: Authentication not detected on route used to invite users
description: Datadog, the leading service for cloud-scale monitoring.
breadcrumbs: >-
  Docs > Datadog Security > OOTB Rules > Authentication not detected on route
  used to invite users
---

# Authentication not detected on route used to invite users
 
## Description{% #description %}

No authentication was detected for an API route that handles user invitations, which may expose your application to potential security risks.

A malicious actor could abuse this endpoint to send unauthorized invitations, potentially leading to account enumeration, spamming, or social engineering attacks.

## Remediation{% #remediation %}

- Validate that the code isn't expecting the user to be authenticated to have access to this resource (AuthN). If this API is in fact authenticated, ensure your code is [instrumented correctly](https://docs.datadoghq.com/security/application_security/how-it-works/add-user-info).
- To improve authentication detection, you can configure custom authentication detection via the [Endpoint Tagging Rules](https://app.datadoghq.com/security/configuration/asm/trace-tagging) settings.