Google reCAPTCHA

What is reCAPTCHA?

reCAPTCHA protects the webforms from fraud and abuse without creating friction. It uses an advanced risk analysis engine and adaptive challenges to keep malicious software from engaging in abusive activities on the webforms. For more information, view the Google reCAPTCHA article.

Note: Enabling the captcha on your web forms is an important security measure. Disabling the captcha is at your discretion and may impact security.

How to enable reCAPTCHA in webforms?

Note: The following workflow applies to the OnPrem application. If keys are configured in LongJump and the Show Captcha is enabled for the web form, the captcha will be enabled by default. For new web forms, the captcha will be disabled and user can enable it based on their preference during the web form creation process.

Step 1: Generating Private and Public keys

1. Go to the Google reCAPTCHA page.
2. Click the v3 Admin Console button at the top.
3. Enter a label for easy site identification (e.g., domain.com).
4. Choose the desired reCAPTCHA type.
5. In the Domains field, enter the desired domain (e.g., subdomain.domain.com) and click the + (Add domain) icon.
   
6. If you have additional domains, add them in the next field.
7. Read the terms and check the respective checkbox.
8. Click the Submit button.
9. The site key and secret key will now appear. The site key is the public key, and the secret key is the private key.
10. Copy both keys. These keys need to be configured in LongJump.

Step 2: Configuring the public and private keys in LongJump

1. Log in to your LongJump account.
2. Navigate to Settings > Service Provider Settings > Service Configuration.
3. Click the Edit button at the top.
4. Under Basic Service Configuration, locate the Recaptcha Public Key and Recaptcha Private Key fields.
5. Paste the site key copied from Google reCAPTCHA into the Recaptcha Public Key field.
6. Paste the secret key copied from Google reCAPTCHA into the Recaptcha Private Key field.
7. Click the Save button.
8. Under Security Headers Configuration, you can observe that the CSP Whitelisted Domains and CORS Whitelisted Domains are populated automatically.

Step 3: Enabling Captcha in Web Forms

1. Log in to your AgileApps account.
2. Navigate to > Customization > Objects > {object} > Web Forms.
3. Click [New Web Form] or open an existing web form.
4. Check the Show Captcha checkbox.
5. Populate the required fields.
6. Click Save.
7. The web forms will be available with the captcha.

Note: If a user has previously enabled the captcha in the web form and the keys are removed, the user must manually update it again to enable captcha visibility in the web form.