PingFederate Server

Managing CAPTCHA and risk providers

PingFederate lets you add and configure CAPTCHA and risk service provider instances. PingFederate includes plugins that support Google’s reCAPTCHA v2 Invisible and v3 services.

Before you begin

Before you can add an instance of a Google reCAPTCHA service provider, get a project ID and API key pair from Google. The key pair consists of a site key and secret key. Learn more in Google’s reCAPTCHA Developer’s Guide.

If you’re replacing the default JavaScript file to be loaded for reCAPTCHA, ensure the replacement file is in the <pf_install>/pingfederate/server/default/conf/template/assets/scripts/captcha directory.

Steps

  1. Go to System > External Systems > CAPTCHA and Risk Providers.

    Screenshot of the Captcha and Risk Providers page

  2. Click Create New Instance. The Create Risk Provider Instance page opens.

  3. On the Type tab, enter a provider Instance Name and Instance ID. Select a Type.

  4. On the Instance Configuration tab:

    1. Enter the Site Key and Secret Key from Google.

    2. If you’re adding a reCAPTCHA v3 instance, enter the Pass Score Threshold.

    3. (Optional) To replace the default JavaScript file to be loaded for reCAPTCHA, click Show Advanced Fields and enter the new JavaScript File Name.

      Screenshot of the Create Risk Provider Instance page’s Instance Configuration tab

  5. Click Next.

  6. On the Summary tab, review the configuration.

  7. Click Save.