Managing Projects
Create, configure, and manage Checkpoint projects for AI agent detection
What Are Projects?
A project in Checkpoint represents a single property (website, API, or application) that you want to protect. Each project has its own:
- Project ID and API Key — Credentials for SDK integration
- Detection settings — Classification preferences and sensitivity
- Enforcement policies — How to handle detected agents
- Analytics — Detection data, trends, and reports
- Team access — Who can view and manage the project
Creating a Project
- Sign in to the Checkpoint dashboard
- Select your organization (or create one)
- Click New Project
- Enter:
- Project name — A descriptive name (e.g., "Production Website")
- Domain — The domain you want to protect (e.g.,
example.com)
- Click Create
The project is created immediately and you'll see the Deployment tab with integration instructions.
You can create multiple projects per organization. Use separate projects for different environments (production, staging) or different properties (website, API, mobile).
Project Credentials
Every project has two credentials:
| Credential | Purpose | Where to Use |
|---|---|---|
| Project ID | Identifies your project | Pixel, Beacon, Middleware, Gateway |
| API Key | Authenticates API requests | Server-side integrations, Govern middleware |
Find these in the Deployment tab or Settings → API Keys.
Keep your API Key secret. Never expose it in client-side code. The Project ID is safe to use in client-side integrations (Pixel, Beacon).
Project Settings
General
Configure basic project properties:
- Project name
- Domain
- Description
- Environment (production, staging, development)
Detection
Configure detection behavior:
- Detection sensitivity
- Classification preferences
- Custom detection rules
Enforce
Set up active enforcement:
- Gateway — Add DNS-based enforcement domains. See Gateway.
- Middleware — View integration code for Next.js or Express. See Middleware.
- Policies — Configure enforcement rules. See Policies.
Control Access (Govern)
Configure MCP-I (Model Context Protocol with Identity) governance:
- Tools — Define tool-level permissions and scope requirements
- Consent — Customize the agent consent page
- Config — General governance settings
See Govern for details.
API Keys
Manage API keys for your project:
- View existing keys
- Create new keys
- Revoke compromised keys
- Set key permissions and expiration
Deny List
Manually block specific traffic:
- Block by IP address or CIDR range
- Block by user agent string
- Block by browser fingerprint
The deny list is checked before other detection methods and takes priority in policy evaluation.
Deployment
The Deployment tab provides integration instructions for each detection method:
- Pixel — Copy the script tag or GTM instructions
- Beacon — npm install command and initialization code
- Middleware — Next.js or Express setup code
- Gateway — DNS record configuration
Each section includes your Project ID pre-filled for easy copy-paste.
Team Management
Manage who can access the project:
- Navigate to organization Settings → Team
- Invite members by email
- Set roles:
- Owner — Full access, can delete projects
- Admin — Manage settings and team
- Member — View data, cannot change settings
- Viewer — Read-only access
Multiple Projects
Common multi-project setups:
| Project | Purpose |
|---|---|
| Production Website | Main site protection |
| Staging | Test detection before production |
| API | Protect API endpoints separately |
| Marketing Site | Pixel-only detection for marketing |
Each project has independent settings, policies, and analytics. Use the project switcher in the dashboard sidebar to navigate between them.
Next Steps
- Analytics & Reporting — Understand your detection data
- Detect — Choose and configure detection methods
- Enforce — Set up enforcement policies
- Govern — Configure MCP-I governance