Method: projects.keys.retrieveLegacySecretKey

Returns the secret key related to the specified public key. You must use the legacy secret key only in a 3rd party integration with legacy reCAPTCHA.

HTTP request


The URL uses gRPC Transcoding syntax.

Path parameters



Required. The public key name linked to the requested secret key in the format "projects/{project}/keys/{key}".

Request body

The request body must be empty.

Response body

If successful, the response body contains data with the following structure:

Secret key is used only in legacy reCAPTCHA. It must be used in a 3rd party integration with legacy reCAPTCHA.

JSON representation
  "legacySecretKey": string


The secret key (also known as shared secret) authorizes communication between your application backend and the reCAPTCHA Enterprise server to create an assessment. The secret key needs to be kept safe for security purposes.

Authorization Scopes

Requires the following OAuth scope:


For more information, see the Authentication Overview.

IAM Permissions

Requires the following IAM permission on the key resource:

  • recaptchaenterprise.keys.retrievelegacysecretkey

For more information, see the IAM documentation.