reCAPTCHA keys overview

This document provides an overview of reCAPTCHA keys (also known as keys).

A reCAPTCHA key is a unique, case-sensitive, alphanumeric string of 40 characters that needs to be installed on web pages, in mobile applications, or at the WAF layer to integrate reCAPTCHA.

A reCAPTCHA key returns a score for each request, which is based on the user interactions with your site or application. By interpreting these scores, you can take appropriate actions for your site or application, such as allowing or blocking users.

Example reCAPTCHA key: 6Lcm3XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX5mfX

reCAPTCHA keys can have one of the following integration types:

  • SCORE: Returns risk scores. It doesn't display the I'm not a robot checkbox and never shows CAPTCHA challenges.
  • CHECKBOX: Displays the I'm not a robot checkbox and might show CAPTCHA challenges after the checkbox is checked.
  • INVISIBLE: Doesn't display the I'm not a robot checkbox, but might show CAPTCHA challenges after risk analysis.
The following table lists reCAPTCHA keys that are supported for each platform:
reCAPTCHA key types Description Supported keys Key integration type
reCAPTCHA keys for web Keys to integrate reCAPTCHA on web pages. Score-based keys SCORE
Checkbox keys CHECKBOX
reCAPTCHA keys for mobile applications Keys to integrate reCAPTCHA on Android and iOS apps. reCAPTCHA keys for Android SCORE
reCAPTCHA keys for iOS SCORE
reCAPTCHA keys for WAF Keys to integrate reCAPTCHA at the WAF layer. action-token keys SCORE and CHECKBOX
session-token keys SCORE
challenge-page keys INVISIBLE
express keys SCORE

What's next