REST Resource: projects.assessments

Resource: Assessment
- JSON representation
Event
- JSON representation
TokenProperties
- JSON representation
InvalidReason
ClassificationReason
PasswordLeakVerification
- JSON representation
Methods

Resource: Assessment

A recaptcha assessment resource.

JSON representation

JSON representation
{ "name": string, "event": { object (`Event`) }, "score": number, "tokenProperties": { object (`TokenProperties`) }, "reasons": [ enum (`ClassificationReason`) ], "passwordLeakVerification": { object (`PasswordLeakVerification`) } }

{
  "name": string,
  "event": {
    object (Event)
  },
  "score": number,
  "tokenProperties": {
    object (TokenProperties)
  },
  "reasons": [
    enum (ClassificationReason)
  ],
  "passwordLeakVerification": {
    object (PasswordLeakVerification)
  }
}

Fields
`name`	`string` Output only. The resource name for the Assessment in the format "projects/{project_number}/assessments/{assessment_id}".
`event`	`object (Event)` The event being assessed.
`score`	`number` Output only. Legitimate event score from 0.0 to 1.0. (1.0 means very likely legitimate traffic while 0.0 means very likely non-legitimate traffic).
`tokenProperties`	`object (TokenProperties)` Output only. Properties of the provided event token.
`reasons[]`	`enum (ClassificationReason)` Output only. Reasons contributing to the risk analysis verdict.
`passwordLeakVerification`	`object (PasswordLeakVerification)` Information about the user's credentials used to check for leaks. This feature is part of the Early Access Program (EAP). Exercise caution, and do not deploy integrations based on this feature in a production environment.

Event

JSON representation
{ "token": string, "siteKey": string, "userAgent": string, "userIpAddress": string, "expectedAction": string }

Fields
`token`	`string` Optional. The user response token provided by the reCAPTCHA client-side integration on your site.
`siteKey`	`string` Optional. The site key that was used to invoke reCAPTCHA on your site and generate the token.
`userAgent`	`string` Optional. The user agent present in the request from the user's device related to this event.
`userIpAddress`	`string` Optional. The IP address in the request from the user's device related to this event.
`expectedAction`	`string` Optional. The expected action for this type of event. This should be the same action provided at token generation time on client-side platforms already integrated with recaptcha enterprise.

TokenProperties

JSON representation
{ "valid": boolean, "invalidReason": enum (`InvalidReason`), "createTime": string, "hostname": string, "action": string }

Fields
`valid`	`boolean` Whether the provided user response token is valid. When valid = false, the reason could be specified in invalidReason or it could also be due to a user failing to solve a challenge or a sitekey mismatch (i.e the sitekey used to generate the token was different than the one specified in the assessment).
`invalidReason`	`enum (InvalidReason)` Reason associated with the response when valid = false.
`createTime`	`string (Timestamp format)` The timestamp corresponding to the generation of the token. A timestamp in RFC3339 UTC "Zulu" format, accurate to nanoseconds. Example: `"2014-10-02T15:01:23.045123456Z"`.
`hostname`	`string` The hostname of the page on which the token was generated.
`action`	`string` Action name provided at token generation.

InvalidReason

LINT.IfChange Enum that represents the types of invalid token reasons.

Enums
`INVALID_REASON_UNSPECIFIED`	Default unspecified type.
`UNKNOWN_INVALID_REASON`	If the failure reason was not accounted for.
`MALFORMED`	The provided user verification token was malformed.
`EXPIRED`	The user verification token had expired.
`DUPE`	The user verification had already been seen.
`SITE_MISMATCH`	The user verification token did not match the provided site key. This may be a configuration error (e.g. development keys used in production) or end users trying to use verification tokens from other sites. This item is deprecated!
`MISSING`	The user verification token was not present. It is a required input.

ClassificationReason

LINT.IfChange(classification_reason) Reasons contributing to the risk analysis verdict.

Enums
`CLASSIFICATION_REASON_UNSPECIFIED`	Default unspecified type.
`AUTOMATION`	Interactions matched the behavior of an automated agent.
`UNEXPECTED_ENVIRONMENT`	The event originated from an illegitimate environment.
`TOO_MUCH_TRAFFIC`	Traffic volume from the event source is higher than normal.
`UNEXPECTED_USAGE_PATTERNS`	Interactions with the site were significantly different than expected patterns.
`LOW_CONFIDENCE_SCORE`	Too little traffic has been received from this site thus far to generate quality risk analysis.

PasswordLeakVerification

Password leak verification info.

JSON representation
{ "hashedUserCredentials": string, "credentialsLeaked": boolean, "canonicalizedUsername": string }

Fields

Fields
`hashedUserCredentials`	`string (bytes format)` Optional. Scrypt hash of the username+password that the customer wants to verify against a known password leak. A base64-encoded string.
`credentialsLeaked`	`boolean` Output only. Whether or not the user's credentials are present in a known leak.
`canonicalizedUsername`	`string` Optional. The username part of the user credentials for which we want to trigger a leak check in canonicalized form. This is the same data used to create the hashedUserCredentials on the customer side.

hashedUserCredentials

string (bytes format)

Optional. Scrypt hash of the username+password that the customer wants to verify against a known password leak.

A base64-encoded string.

credentialsLeaked

boolean

Output only. Whether or not the user's credentials are present in a known leak.

canonicalizedUsername

string

Optional. The username part of the user credentials for which we want to trigger a leak check in canonicalized form. This is the same data used to create the hashedUserCredentials on the customer side.

Methods
`annotate`	Annotates a previously created Assessment to provide additional information on whether the event turned out to be authentic or fradulent.
`create`	Creates an Assessment of the likelihood an event is legitimate.