ato login endpoints v2

patriciasantaana · patriciasantaana · commit eb269bdcc9db · 2026-02-02T15:21:29.000-08:00
diff --git a/src/content/docs/bots/additional-configurations/detection-ids/account-takeover-detections.mdx b/src/content/docs/bots/additional-configurations/detection-ids/account-takeover-detections.mdx
@@ -18,9 +18,9 @@ Using the detection IDs below, you can detect and mitigate account takeover atta
 :::caution[Login endpoints]
 Not all login endpoints are automatically detected. 
 
-By default, endpoints [labeled](/api-shield/management-and-monitoring/endpoint-labels/#categories) as `cf-log-in` will be evaluated for account takeover detection IDs.
+Cloudflare evaluates and automatically detects your website or application's login endpoint. However, if you have a non-traditional login endpoint, you should label it with `cf-log-in` using the [endpoint labeling service](/api-shield/management-and-monitoring/endpoint-labels/#create-a-label). 
 
-However, if you have a non-traditional login endpoint, you should label your login endpoint with `cf-log-in` using the [endpoint labeling service](/api-shield/management-and-monitoring/endpoint-labels/#create-a-label).
+Cloudflare will use the endpoint that you label instead of the endpoint that we detect.
 :::
 
 ## Challenges for account takeover detections
