# How It Works

* Create [**Identities**](https://dfend.gitbook.io/documentation/developer-api/types/identity) that map to users of your application or service.
* Set up a [**webhook**](https://dfend.gitbook.io/documentation/developer-api/webhook) to receive [**Events**](https://dfend.gitbook.io/documentation/developer-api/types/event) about suspicious behavior or Identity state changes.
* Send digital identity [**Signals**](https://dfend.gitbook.io/documentation/developer-api/types/signal) into our system.

{% hint style="info" %}
Identities can be created on the fly if you include identifying data in a Signal. Learn more about this on the [Signal ](https://dfend.gitbook.io/documentation/developer-api/https-api/signal)section of the HTTPS API documentation.
{% endhint %}