--- title: reCAPTCHA Enterprise node description: The reCAPTCHA Enterprise node adds Google reCAPTCHA Enterprise support to your journeys. component: auth-node-ref version: latest page_id: auth-node-ref::recaptcha-enterprise canonical_url: https://docs.pingidentity.com/auth-node-ref/latest/recaptcha-enterprise.html keywords: ["Nodes & Trees", "Journeys", "Authentication", "CAPTCHA"] page_aliases: ["auth-node-recaptcha-enterprise.adoc"] superseded_by: https://docs.pingidentity.com/auth-node-ref/latest/recaptcha-enterprise.html section_ids: example: Example availability: Availability inputs: Inputs dependencies: Dependencies configuration: Configuration outputs: Outputs outcomes: Outcomes errors: Errors --- # reCAPTCHA Enterprise node The **reCAPTCHA Enterprise** node adds Google reCAPTCHA Enterprise support to your journeys. Google reCAPTCHA Enterprise offers improvements over previous versions, including more granular scores, reason codes for events deemed higher risk, Web Application Firewall (WAF) support, and native support for Android and iOS. | | | | - | ------------------------------------------------------------------------------------------------------------------------------------------------- | | | This node only supports Google reCAPTCHA Enterprise. For reCAPTCHA v2 and v3 support, and hCaptcha support, use the [CAPTCHA node](captcha.html). | ## Example The following journey uses a [Page node](page.html) and a [Data Store Decision node](data-store-decision.html) to collect and verify the credentials and a CAPTCHA response: ![The reCAPTCHA Enterprise node in context](_images/auth-node-recaptcha-enterprise-example.png) This example uses the following nodes: * The [Page node](page.html) prompts the user to input their username and password: * The [Platform Username node](platform-username.html) collects the username and stores it in the shared state. * The [Platform Password node](platform-password.html) collects the password and stores it in the shared state. * The [reCAPTCHA Enterprise node](recaptcha-enterprise.html) collects and verifies the reCAPTCHA Enterprise response. * The [Data Store Decision node](data-store-decision.html) uses the username and password to determine successful authentication. ## Availability | Product | Available? | | ------------------------------------- | ---------- | | PingOne Advanced Identity Cloud | Yes | | PingAM (self-managed) | Yes | | Ping Identity Platform (self-managed) | Yes | This node's reCAPTCHA Enterprise functionality is supported in * [Ping SDKs](https://docs.pingidentity.com/sdks/latest/sdks/integrations/integrate-with-recaptcha-enterprise.html) * [Advanced Identity Cloud hosted pages](https://docs.pingidentity.com/pingoneaic/end-user/hosted-pages.html) ## Inputs This node reads an optional `CaptchaEnterpriseNode.PAYLOAD` variable from shared state. Use this variable to customize the payload the node sends to the Google reCAPTCHA Enterprise server for assessment. You can set the value by using a [Set State node](set-state.html), or by using a [Scripted Decision node](scripted-decision.html), using a script similar to the following: ```javascript var username = nodeState.get("username"); var customPayload = JSON.parse(`{"userInfo": {"accountId": "${username}"}}`); sharedState.put("CaptchaEnterpriseNode.PAYLOAD", customPayload); outcome = "true"; ``` To learn more about the payload, refer to [Project Assessments - Event](https://cloud.google.com/recaptcha/docs/reference/rest/v1/projects.assessments#event) in the Google Developer documentation. ## Dependencies You need to sign up for access to the [reCAPTCHA API](https://www.google.com/recaptcha/admin/create) to get the API key pair required to configure the node. ## Configuration | Property | Usage | | --------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | **Google Cloud project ID** | The ID of the project that has Google reCAPTCHA enabled.You can get the ID of your project in the [Google Cloud console](https://console.cloud.google.com).For example, `my-project-65746-07969469388`. | | **reCAPTCHA Site Key** *(required)* | The ID of the reCAPTCHA key you created in the Google Cloud console.The key can be for any platform type, `Website`, `Android app`, or `iOS app`.Sometimes referred to as a *key ID* in the Google Cloud console and documentation. | | **reCAPTCHA API key secret identifier** | An identifier used to create a secret label for mapping to your Google reCAPTCHA API key in a secret store.Get or create your API key from the **Google Cloud Console** under **APIs and Services > Credentials**.The secret label takes the form `am.authentication.nodes.captchaEnterprise.identifier.secret` where identifier is the value of **reCAPTCHA API key secret identifier**.The identifier can only contain alphanumeric characters `a-z`, `A-Z`, `0-9`, and periods (`.`). It can't start or end with a period. | | **Score Threshold** | The score threshold for determining if a user is likely to be a real person.reCAPTCHA scores are between `0.0` and `1.0`, with higher scores indicating higher confidence that the user is a real person.If the returned score is equal to or greater than the threshold the journey continues along the `true` outcome path.To learn more, refer to [Interpret scores](https://cloud.google.com/recaptcha/docs/interpret-assessment-website#interpret_scores) in the Google documentation. | | **Store reCAPTCHA assessment JSON** | Stores the assessment response JSON for future reference within the journey.The node stores the JSON response in the `CaptchaEnterpriseNode.ASSESSMENT_RESULT` variable. | | **Store reCAPTCHA error messages** | Stores the error messages for future reference within the journey.The node stores the error messages in the `CaptchaEnterpriseNode.FAILURE` variable.The error consists of an error code and description of the error.> **Collapse: View the possible error codes** > > * `INVALID_TOKEN` > > * `INVALID_PROJECT_ID` > > * `CLIENT_ERROR` > > * `INVALID_SECRET_KEY` > > * `VALIDATION_ERROR` > > * `API_ERROR` > > * `IO_ERROR` > > * `UNKNOWN` | | **reCAPTCHA CSS class** | A CSS class to apply to the HTML elements reCAPTCHA adds to JavaScript apps.The default is `g-recaptcha`. | | **reCAPTCHA Verification URL** | The URL to send the reCAPTCHA to for verification.Only change this if Google updates the URL used for reCAPTCHA verifications.The default is `https://recaptchaenterprise.googleapis.com/v1`. | | **JavaScript reCAPTCHA API URL** | The URL of the JavaScript file containing the reCAPTCHA API.Only change this if Google releases a new version of the JavaScript reCAPTCHA API.The default is `https://www.google.com/recaptcha/enterprise.js`. | ## Outputs If you enable the **Store reCAPTCHA assessment JSON** property, the node outputs the reCAPTCHA assessment response JSON in a state variable named `CaptchaEnterpriseNode.ASSESSMENT_RESULT`. If you enable the **Store reCAPTCHA error messages** property, the node outputs the error response JSON in a state variable named `CaptchaEnterpriseNode.FAILURE`. ## Outcomes * `True` The reCAPTCHA response was successfully verified. * `False` The reCAPTCHA response wasn't verified or failed verification. ## Errors This node doesn't log any error or warning messages of its own.