Package google.cloud.recaptchaenterprise.v1

Index

RecaptchaEnterpriseService (interface)
AccountDefenderAssessment (message)
AccountDefenderAssessment.AccountDefenderLabel (enum)
AndroidKeySettings (message)
AnnotateAssessmentRequest (message)
AnnotateAssessmentRequest.Annotation (enum)
AnnotateAssessmentRequest.Reason (enum)
AnnotateAssessmentResponse (message)
Assessment (message)
ChallengeMetrics (message)
CreateAssessmentRequest (message)
CreateKeyRequest (message)
DeleteKeyRequest (message)
Event (message)
GetKeyRequest (message)
GetMetricsRequest (message)
IOSKeySettings (message)
Key (message)
ListKeysRequest (message)
ListKeysResponse (message)
ListRelatedAccountGroupMembershipsRequest (message)
ListRelatedAccountGroupMembershipsResponse (message)
ListRelatedAccountGroupsRequest (message)
ListRelatedAccountGroupsResponse (message)
Metrics (message)
MigrateKeyRequest (message)
PrivatePasswordLeakVerification (message)
RelatedAccountGroup (message)
RelatedAccountGroupMembership (message)
RetrieveLegacySecretKeyRequest (message)
RetrieveLegacySecretKeyResponse (message)
RiskAnalysis (message)
RiskAnalysis.ClassificationReason (enum)
ScoreDistribution (message)
ScoreMetrics (message)
SearchRelatedAccountGroupMembershipsRequest (message)
SearchRelatedAccountGroupMembershipsResponse (message)
TestingOptions (message)
TestingOptions.TestingChallenge (enum)
TokenProperties (message)
TokenProperties.InvalidReason (enum)
UpdateKeyRequest (message)
WafSettings (message)
WafSettings.WafFeature (enum)
WafSettings.WafService (enum)
WebKeySettings (message)
WebKeySettings.ChallengeSecurityPreference (enum)
WebKeySettings.IntegrationType (enum)

RecaptchaEnterpriseService

Service to determine the likelihood an event is legitimate.

AnnotateAssessment

AnnotateAssessment
`rpc AnnotateAssessment(AnnotateAssessmentRequest) returns (AnnotateAssessmentResponse)` Annotates a previously created Assessment to provide additional information on whether the event turned out to be authentic or fraudulent. Authorization Scopes Requires the following OAuth scope: `https://www.googleapis.com/auth/cloud-platform` For more information, see the Authentication Overview. IAM Permissions Requires the following IAM permission on the `name` resource: `recaptchaenterprise.assessments.annotate` For more information, see the IAM documentation.

rpc AnnotateAssessment(AnnotateAssessmentRequest) returns (AnnotateAssessmentResponse)

Annotates a previously created Assessment to provide additional information on whether the event turned out to be authentic or fraudulent.

Authorization Scopes

Requires the following OAuth scope:

https://www.googleapis.com/auth/cloud-platform

For more information, see the Authentication Overview.

IAM Permissions

Requires the following IAM permission on the name resource:

recaptchaenterprise.assessments.annotate

For more information, see the IAM documentation.

CreateAssessment

CreateAssessment
`rpc CreateAssessment(CreateAssessmentRequest) returns (Assessment)` Creates an Assessment of the likelihood an event is legitimate. Authorization Scopes Requires the following OAuth scope: `https://www.googleapis.com/auth/cloud-platform` For more information, see the Authentication Overview. IAM Permissions Requires the following IAM permission on the `parent` resource: `recaptchaenterprise.assessments.create` For more information, see the IAM documentation.

rpc CreateAssessment(CreateAssessmentRequest) returns (Assessment)

Creates an Assessment of the likelihood an event is legitimate.

Authorization Scopes

Requires the following OAuth scope:

https://www.googleapis.com/auth/cloud-platform

For more information, see the Authentication Overview.

IAM Permissions

Requires the following IAM permission on the parent resource:

recaptchaenterprise.assessments.create

For more information, see the IAM documentation.

CreateKey

CreateKey
`rpc CreateKey(CreateKeyRequest) returns (Key)` Creates a new reCAPTCHA Enterprise key. Authorization Scopes Requires the following OAuth scope: `https://www.googleapis.com/auth/cloud-platform` For more information, see the Authentication Overview. IAM Permissions Requires the following IAM permission on the `parent` resource: `recaptchaenterprise.keys.create` For more information, see the IAM documentation.

rpc CreateKey(CreateKeyRequest) returns (Key)

Creates a new reCAPTCHA Enterprise key.

Authorization Scopes

Requires the following OAuth scope:

https://www.googleapis.com/auth/cloud-platform

For more information, see the Authentication Overview.

IAM Permissions

Requires the following IAM permission on the parent resource:

recaptchaenterprise.keys.create

For more information, see the IAM documentation.

DeleteKey

DeleteKey
`rpc DeleteKey(DeleteKeyRequest) returns (Empty)` Deletes the specified key. Authorization Scopes Requires the following OAuth scope: `https://www.googleapis.com/auth/cloud-platform` For more information, see the Authentication Overview. IAM Permissions Requires the following IAM permission on the `name` resource: `recaptchaenterprise.keys.delete` For more information, see the IAM documentation.

rpc DeleteKey(DeleteKeyRequest) returns (Empty)

Deletes the specified key.

Authorization Scopes

Requires the following OAuth scope:

https://www.googleapis.com/auth/cloud-platform

For more information, see the Authentication Overview.

IAM Permissions

Requires the following IAM permission on the name resource:

recaptchaenterprise.keys.delete

For more information, see the IAM documentation.

GetKey

GetKey
`rpc GetKey(GetKeyRequest) returns (Key)` Returns the specified key. Authorization Scopes Requires the following OAuth scope: `https://www.googleapis.com/auth/cloud-platform` For more information, see the Authentication Overview. IAM Permissions Requires the following IAM permission on the `name` resource: `recaptchaenterprise.keys.get` For more information, see the IAM documentation.

rpc GetKey(GetKeyRequest) returns (Key)

Returns the specified key.

Authorization Scopes

Requires the following OAuth scope:

https://www.googleapis.com/auth/cloud-platform

For more information, see the Authentication Overview.

IAM Permissions

Requires the following IAM permission on the name resource:

recaptchaenterprise.keys.get

For more information, see the IAM documentation.

GetMetrics

GetMetrics
`rpc GetMetrics(GetMetricsRequest) returns (Metrics)` Get some aggregated metrics for a Key. This data can be used to build dashboards. Authorization Scopes Requires the following OAuth scope: `https://www.googleapis.com/auth/cloud-platform` For more information, see the Authentication Overview. IAM Permissions Requires the following IAM permission on the `name` resource: `recaptchaenterprise.metrics.get` For more information, see the IAM documentation.

rpc GetMetrics(GetMetricsRequest) returns (Metrics)

Get some aggregated metrics for a Key. This data can be used to build dashboards.

Authorization Scopes

Requires the following OAuth scope:

https://www.googleapis.com/auth/cloud-platform

For more information, see the Authentication Overview.

IAM Permissions

Requires the following IAM permission on the name resource:

recaptchaenterprise.metrics.get

For more information, see the IAM documentation.

ListKeys

ListKeys
`rpc ListKeys(ListKeysRequest) returns (ListKeysResponse)` Returns the list of all keys that belong to a project. Authorization Scopes Requires the following OAuth scope: `https://www.googleapis.com/auth/cloud-platform` For more information, see the Authentication Overview. IAM Permissions Requires the following IAM permission on the `parent` resource: `recaptchaenterprise.keys.list` For more information, see the IAM documentation.

rpc ListKeys(ListKeysRequest) returns (ListKeysResponse)

Returns the list of all keys that belong to a project.

Authorization Scopes

Requires the following OAuth scope:

https://www.googleapis.com/auth/cloud-platform

For more information, see the Authentication Overview.

IAM Permissions

Requires the following IAM permission on the parent resource:

recaptchaenterprise.keys.list

For more information, see the IAM documentation.

ListRelatedAccountGroupMemberships

ListRelatedAccountGroupMemberships
`rpc ListRelatedAccountGroupMemberships(ListRelatedAccountGroupMembershipsRequest) returns (ListRelatedAccountGroupMembershipsResponse)` Get memberships in a group of related accounts. Authorization Scopes Requires the following OAuth scope: `https://www.googleapis.com/auth/cloud-platform` For more information, see the Authentication Overview. IAM Permissions Requires the following IAM permission on the `parent` resource: `recaptchaenterprise.relatedaccountgroupmemberships.list` For more information, see the IAM documentation.

rpc ListRelatedAccountGroupMemberships(ListRelatedAccountGroupMembershipsRequest) returns (ListRelatedAccountGroupMembershipsResponse)

Get memberships in a group of related accounts.

Authorization Scopes

Requires the following OAuth scope:

https://www.googleapis.com/auth/cloud-platform

For more information, see the Authentication Overview.

IAM Permissions

Requires the following IAM permission on the parent resource:

recaptchaenterprise.relatedaccountgroupmemberships.list

For more information, see the IAM documentation.

ListRelatedAccountGroups

ListRelatedAccountGroups
`rpc ListRelatedAccountGroups(ListRelatedAccountGroupsRequest) returns (ListRelatedAccountGroupsResponse)` List groups of related accounts. Authorization Scopes Requires the following OAuth scope: `https://www.googleapis.com/auth/cloud-platform` For more information, see the Authentication Overview. IAM Permissions Requires the following IAM permission on the `parent` resource: `recaptchaenterprise.relatedaccountgroups.list` For more information, see the IAM documentation.

rpc ListRelatedAccountGroups(ListRelatedAccountGroupsRequest) returns (ListRelatedAccountGroupsResponse)

List groups of related accounts.

Authorization Scopes

Requires the following OAuth scope:

https://www.googleapis.com/auth/cloud-platform

For more information, see the Authentication Overview.

IAM Permissions

Requires the following IAM permission on the parent resource:

recaptchaenterprise.relatedaccountgroups.list

For more information, see the IAM documentation.

MigrateKey

MigrateKey
`rpc MigrateKey(MigrateKeyRequest) returns (Key)` Migrates an existing key from reCAPTCHA to reCAPTCHA Enterprise. Once a key is migrated, it can be used from either product. SiteVerify requests are billed as CreateAssessment calls. You must be authenticated as one of the current owners of the reCAPTCHA Site Key, and your user must have the reCAPTCHA Enterprise Admin IAM role in the destination project. Authorization Scopes Requires the following OAuth scope: `https://www.googleapis.com/auth/cloud-platform` For more information, see the Authentication Overview. IAM Permissions Requires the following IAM permission on the `name` resource: `recaptchaenterprise.keys.update` For more information, see the IAM documentation.

rpc MigrateKey(MigrateKeyRequest) returns (Key)

Migrates an existing key from reCAPTCHA to reCAPTCHA Enterprise. Once a key is migrated, it can be used from either product. SiteVerify requests are billed as CreateAssessment calls. You must be authenticated as one of the current owners of the reCAPTCHA Site Key, and your user must have the reCAPTCHA Enterprise Admin IAM role in the destination project.

Authorization Scopes

Requires the following OAuth scope:

https://www.googleapis.com/auth/cloud-platform

For more information, see the Authentication Overview.

IAM Permissions

Requires the following IAM permission on the name resource:

recaptchaenterprise.keys.update

For more information, see the IAM documentation.

RetrieveLegacySecretKey

RetrieveLegacySecretKey
`rpc RetrieveLegacySecretKey(RetrieveLegacySecretKeyRequest) returns (RetrieveLegacySecretKeyResponse)` Returns the secret key related to the specified public key. You must use the legacy secret key only in a 3rd party integration with legacy reCAPTCHA. Authorization Scopes Requires the following OAuth scope: `https://www.googleapis.com/auth/cloud-platform` For more information, see the Authentication Overview. IAM Permissions Requires the following IAM permission on the `key` resource: `recaptchaenterprise.keys.retrievelegacysecretkey` For more information, see the IAM documentation.

rpc RetrieveLegacySecretKey(RetrieveLegacySecretKeyRequest) returns (RetrieveLegacySecretKeyResponse)

Returns the secret key related to the specified public key. You must use the legacy secret key only in a 3rd party integration with legacy reCAPTCHA.

Authorization Scopes

Requires the following OAuth scope:

https://www.googleapis.com/auth/cloud-platform

For more information, see the Authentication Overview.

IAM Permissions

Requires the following IAM permission on the key resource:

recaptchaenterprise.keys.retrievelegacysecretkey

For more information, see the IAM documentation.

SearchRelatedAccountGroupMemberships

SearchRelatedAccountGroupMemberships
`rpc SearchRelatedAccountGroupMemberships(SearchRelatedAccountGroupMembershipsRequest) returns (SearchRelatedAccountGroupMembershipsResponse)` Search group memberships related to a given account. Authorization Scopes Requires the following OAuth scope: `https://www.googleapis.com/auth/cloud-platform` For more information, see the Authentication Overview. IAM Permissions Requires the following IAM permission on the `project` resource: `recaptchaenterprise.relatedaccountgroupmemberships.list` For more information, see the IAM documentation.

rpc SearchRelatedAccountGroupMemberships(SearchRelatedAccountGroupMembershipsRequest) returns (SearchRelatedAccountGroupMembershipsResponse)

Search group memberships related to a given account.

Authorization Scopes

Requires the following OAuth scope:

https://www.googleapis.com/auth/cloud-platform

For more information, see the Authentication Overview.

IAM Permissions

Requires the following IAM permission on the project resource:

recaptchaenterprise.relatedaccountgroupmemberships.list

For more information, see the IAM documentation.

UpdateKey

UpdateKey
`rpc UpdateKey(UpdateKeyRequest) returns (Key)` Updates the specified key. Authorization Scopes Requires the following OAuth scope: `https://www.googleapis.com/auth/cloud-platform` For more information, see the Authentication Overview. IAM Permissions Requires the following IAM permission on the `name` resource: `recaptchaenterprise.keys.update` For more information, see the IAM documentation.

rpc UpdateKey(UpdateKeyRequest) returns (Key)

Updates the specified key.

Authorization Scopes

Requires the following OAuth scope:

https://www.googleapis.com/auth/cloud-platform

For more information, see the Authentication Overview.

IAM Permissions

Requires the following IAM permission on the name resource:

recaptchaenterprise.keys.update

For more information, see the IAM documentation.

AccountDefenderAssessment

Account defender risk assessment.

Fields

Fields
`labels[]`	`AccountDefenderLabel` Labels for this request.

labels[]

AccountDefenderLabel

Labels for this request.

AccountDefenderLabel

Labels returned by account defender for this request.

Enums
`ACCOUNT_DEFENDER_LABEL_UNSPECIFIED`	Default unspecified type.
`PROFILE_MATCH`	The request matches a known good profile for the user.
`SUSPICIOUS_LOGIN_ACTIVITY`	The request is potentially a suspicious login event and must be further verified either through multi-factor authentication or another system.
`SUSPICIOUS_ACCOUNT_CREATION`	The request matched a profile that previously had suspicious account creation behavior. This can mean that this is a fake account.
`RELATED_ACCOUNTS_NUMBER_HIGH`	The account in the request has a high number of related accounts. It does not necessarily imply that the account is bad but can require further investigation.

AndroidKeySettings

Settings specific to keys that can be used by Android apps.

Fields

Fields
`allow_all_package_names`	`bool` If set to true, allowed_package_names are not enforced.
`allowed_package_names[]`	`string` Android package names of apps allowed to use the key. Example: 'com.companyname.appname'

allow_all_package_names

bool

If set to true, allowed_package_names are not enforced.

allowed_package_names[]

string

Android package names of apps allowed to use the key. Example: 'com.companyname.appname'

AnnotateAssessmentRequest

The request message to annotate an Assessment.

Fields
`name`	`string` Required. The resource name of the Assessment, in the format "projects/{project}/assessments/{assessment}".
`annotation`	`Annotation` Optional. The annotation that will be assigned to the Event. This field can be left empty to provide reasons that apply to an event without concluding whether the event is legitimate or fraudulent.
`reasons[]`	`Reason` Optional. Optional reasons for the annotation that will be assigned to the Event.
`hashed_account_id`	`bytes` Optional. Unique stable hashed user identifier to apply to the assessment. This is an alternative to setting the hashed_account_id in CreateAssessment, for example when the account identifier is not yet known in the initial request. It is recommended that the identifier is hashed using hmac-sha256 with stable secret.

Annotation

Enum that represents the types of annotations.

Enums
`ANNOTATION_UNSPECIFIED`	Default unspecified type.
`LEGITIMATE`	Provides information that the event turned out to be legitimate.
`FRAUDULENT`	Provides information that the event turned out to be fraudulent.
`PASSWORD_CORRECT`	Provides information that the event was related to a login event in which the user typed the correct password. Deprecated, prefer indicating CORRECT_PASSWORD through the reasons field instead. This item is deprecated!
`PASSWORD_INCORRECT`	Provides information that the event was related to a login event in which the user typed the incorrect password. Deprecated, prefer indicating INCORRECT_PASSWORD through the reasons field instead. This item is deprecated!

Reason

Enum that represents potential reasons for annotating an assessment.

Enums
`REASON_UNSPECIFIED`	Default unspecified reason.
`CHARGEBACK`	Indicates that the transaction had a chargeback issued with no other details. When possible, specify the type by using CHARGEBACK_FRAUD or CHARGEBACK_DISPUTE instead.
`CHARGEBACK_FRAUD`	Indicates that the transaction had a chargeback issued related to an alleged unauthorized transaction from the cardholder's perspective (for example, the card number was stolen).
`CHARGEBACK_DISPUTE`	Indicates that the transaction had a chargeback issued related to the cardholder having provided their card details but allegedly not being satisfied with the purchase (for example, misrepresentation, attempted cancellation).
`REFUND`	Indicates that the completed payment transaction was refunded by the seller.
`REFUND_FRAUD`	Indicates that the completed payment transaction was determined to be fraudulent by the seller, and was cancelled and refunded as a result.
`TRANSACTION_ACCEPTED`	Indicates that the payment transaction was accepted, and the user was charged.
`TRANSACTION_DECLINED`	Indicates that the payment transaction was declined, for example due to invalid card details.
`PAYMENT_HEURISTICS`	Indicates the transaction associated with the assessment is suspected of being fraudulent based on the payment method, billing details, shipping address or other transaction information.
`INITIATED_TWO_FACTOR`	Indicates that the user was served a 2FA challenge. An old assessment with `ENUM_VALUES.INITIATED_TWO_FACTOR` reason that has not been overwritten with `PASSED_TWO_FACTOR` is treated as an abandoned 2FA flow. This is equivalent to `FAILED_TWO_FACTOR`.
`PASSED_TWO_FACTOR`	Indicates that the user passed a 2FA challenge.
`FAILED_TWO_FACTOR`	Indicates that the user failed a 2FA challenge.
`CORRECT_PASSWORD`	Indicates the user provided the correct password.
`INCORRECT_PASSWORD`	Indicates the user provided an incorrect password.

AnnotateAssessmentResponse

Empty response for AnnotateAssessment.

Assessment

A recaptcha assessment resource.

Fields
`name`	`string` Output only. The resource name for the Assessment in the format "projects/{project}/assessments/{assessment}".
`event`	`Event` The event being assessed.
`risk_analysis`	`RiskAnalysis` Output only. The risk analysis result for the event being assessed.
`token_properties`	`TokenProperties` Output only. Properties of the provided event token.
`account_defender_assessment`	`AccountDefenderAssessment` Assessment returned by account defender when a hashed_account_id is provided.
`private_password_leak_verification`	`PrivatePasswordLeakVerification` The private password leak verification field contains the parameters that are used to to check for leaks privately without sharing user credentials.

ChallengeMetrics

Metrics related to challenges.

Fields
`pageload_count`	`int64` Count of reCAPTCHA checkboxes or badges rendered. This is mostly equivalent to a count of pageloads for pages that include reCAPTCHA.
`nocaptcha_count`	`int64` Count of nocaptchas (successful verification without a challenge) issued.
`failed_count`	`int64` Count of submitted challenge solutions that were incorrect or otherwise deemed suspicious such that a subsequent challenge was triggered.
`passed_count`	`int64` Count of nocaptchas (successful verification without a challenge) plus submitted challenge solutions that were correct and resulted in verification.

CreateAssessmentRequest

The create assessment request message.

Fields

Fields
`parent`	`string` Required. The name of the project in which the assessment will be created, in the format "projects/{project}".
`assessment`	`Assessment` Required. The assessment details.

parent

string

Required. The name of the project in which the assessment will be created, in the format "projects/{project}".

assessment

Assessment

Required. The assessment details.

CreateKeyRequest

The create key request message.

Fields

Fields
`parent`	`string` Required. The name of the project in which the key will be created, in the format "projects/{project}".
`key`	`Key` Required. Information to create a reCAPTCHA Enterprise key.

parent

string

Required. The name of the project in which the key will be created, in the format "projects/{project}".

key

Key

Required. Information to create a reCAPTCHA Enterprise key.

DeleteKeyRequest

The delete key request message.

Fields

Fields
`name`	`string` Required. The name of the key to be deleted, in the format "projects/{project}/keys/{key}".

name

string

Required. The name of the key to be deleted, in the format "projects/{project}/keys/{key}".

Event

Fields
`token`	`string` Optional. The user response token provided by the reCAPTCHA client-side integration on your site.
`site_key`	`string` Optional. The site key that was used to invoke reCAPTCHA on your site and generate the token.
`user_agent`	`string` Optional. The user agent present in the request from the user's device related to this event.
`user_ip_address`	`string` Optional. The IP address in the request from the user's device related to this event.
`expected_action`	`string` Optional. The expected action for this type of event. This should be the same action provided at token generation time on client-side platforms already integrated with recaptcha enterprise.
`hashed_account_id`	`bytes` Optional. Unique stable hashed user identifier for the request. The identifier must be hashed using hmac-sha256 with stable secret.

GetKeyRequest

The get key request message.

Fields

Fields
`name`	`string` Required. The name of the requested key, in the format "projects/{project}/keys/{key}".

name

string

Required. The name of the requested key, in the format "projects/{project}/keys/{key}".

GetMetricsRequest

The get metrics request message.

Fields

Fields
`name`	`string` Required. The name of the requested metrics, in the format "projects/{project}/keys/{key}/metrics".

name

string

Required. The name of the requested metrics, in the format "projects/{project}/keys/{key}/metrics".

IOSKeySettings

Settings specific to keys that can be used by iOS apps.

Fields

Fields
`allow_all_bundle_ids`	`bool` If set to true, allowed_bundle_ids are not enforced.
`allowed_bundle_ids[]`	`string` iOS bundle ids of apps allowed to use the key. Example: 'com.companyname.productname.appname'

allow_all_bundle_ids

bool

If set to true, allowed_bundle_ids are not enforced.

allowed_bundle_ids[]

string

iOS bundle ids of apps allowed to use the key. Example: 'com.companyname.productname.appname'

Key

A key used to identify and configure applications (web and/or mobile) that use reCAPTCHA Enterprise.

Fields
`name`	`string` The resource name for the Key in the format "projects/{project}/keys/{key}".
`display_name`	`string` Human-readable display name of this key. Modifiable by user.
`labels`	`map<string, string>` See Creating and managing labels.
`create_time`	`Timestamp` The timestamp corresponding to the creation of this Key.
`testing_options`	`TestingOptions` Options for user acceptance testing.
`waf_settings`	`WafSettings` Settings for WAF
Union field `platform_settings`. Platform specific settings for this key. The key can only be used on a platform for which the settings are enabled. `platform_settings` can be only one of the following:
`web_settings`	`WebKeySettings` Settings for keys that can be used by websites.
`android_settings`	`AndroidKeySettings` Settings for keys that can be used by Android apps.
`ios_settings`	`IOSKeySettings` Settings for keys that can be used by iOS apps.

ListKeysRequest

The list keys request message.

Fields

Fields
`parent`	`string` Required. The name of the project that contains the keys that will be listed, in the format "projects/{project}".
`page_size`	`int32` Optional. The maximum number of keys to return. Default is 10. Max limit is 1000.
`page_token`	`string` Optional. The next_page_token value returned from a previous. ListKeysRequest, if any.

parent

string

Required. The name of the project that contains the keys that will be listed, in the format "projects/{project}".

page_size

int32

Optional. The maximum number of keys to return. Default is 10. Max limit is 1000.

page_token

string

Optional. The next_page_token value returned from a previous. ListKeysRequest, if any.

ListKeysResponse

Response to request to list keys in a project.

Fields

Fields
`keys[]`	`Key` Key details.
`next_page_token`	`string` Token to retrieve the next page of results. It is set to empty if no keys remain in results.

keys[]

Key

Key details.

next_page_token

string

Token to retrieve the next page of results. It is set to empty if no keys remain in results.

ListRelatedAccountGroupMembershipsRequest

The request message to list memberships in a related account group.

Fields

Fields
`parent`	`string` Required. The resource name for the related account group in the format `projects/{project}/relatedaccountgroups/{relatedaccountgroup}`.
`page_size`	`int32` Optional. The maximum number of accounts to return. The service might return fewer than this value. If unspecified, at most 50 accounts are returned. The maximum value is 1000; values above 1000 are coerced to 1000.
`page_token`	`string` Optional. A page token, received from a previous `ListRelatedAccountGroupMemberships` call. When paginating, all other parameters provided to `ListRelatedAccountGroupMemberships` must match the call that provided the page token.

parent

string

Required. The resource name for the related account group in the format projects/{project}/relatedaccountgroups/{relatedaccountgroup}.

page_size

int32

Optional. The maximum number of accounts to return. The service might return fewer than this value. If unspecified, at most 50 accounts are returned. The maximum value is 1000; values above 1000 are coerced to 1000.

page_token

string

Optional. A page token, received from a previous ListRelatedAccountGroupMemberships call.

When paginating, all other parameters provided to ListRelatedAccountGroupMemberships must match the call that provided the page token.

ListRelatedAccountGroupMembershipsResponse

The response to a ListRelatedAccountGroupMemberships call.

Fields

Fields
`related_account_group_memberships[]`	`RelatedAccountGroupMembership` The memberships listed by the query.
`next_page_token`	`string` A token, which can be sent as `page_token` to retrieve the next page. If this field is omitted, there are no subsequent pages.

related_account_group_memberships[]

RelatedAccountGroupMembership

The memberships listed by the query.

next_page_token

string

A token, which can be sent as page_token to retrieve the next page. If this field is omitted, there are no subsequent pages.

ListRelatedAccountGroupsRequest

The request message to list related account groups.

Fields

Fields
`parent`	`string` Required. The name of the project to list related account groups from, in the format "projects/{project}".
`page_size`	`int32` Optional. The maximum number of groups to return. The service might return fewer than this value. If unspecified, at most 50 groups are returned. The maximum value is 1000; values above 1000 are coerced to 1000.
`page_token`	`string` Optional. A page token, received from a previous `ListRelatedAccountGroups` call. Provide this to retrieve the subsequent page. When paginating, all other parameters provided to `ListRelatedAccountGroups` must match the call that provided the page token.

parent

string

Required. The name of the project to list related account groups from, in the format "projects/{project}".

page_size

int32

Optional. The maximum number of groups to return. The service might return fewer than this value. If unspecified, at most 50 groups are returned. The maximum value is 1000; values above 1000 are coerced to 1000.

page_token

string

Optional. A page token, received from a previous ListRelatedAccountGroups call. Provide this to retrieve the subsequent page.

When paginating, all other parameters provided to ListRelatedAccountGroups must match the call that provided the page token.

ListRelatedAccountGroupsResponse

The response to a ListRelatedAccountGroups call.

Fields

Fields
`related_account_groups[]`	`RelatedAccountGroup` The groups of related accounts listed by the query.
`next_page_token`	`string` A token, which can be sent as `page_token` to retrieve the next page. If this field is omitted, there are no subsequent pages.

related_account_groups[]

RelatedAccountGroup

The groups of related accounts listed by the query.

next_page_token

string

A token, which can be sent as page_token to retrieve the next page. If this field is omitted, there are no subsequent pages.

Metrics

Metrics for a single Key.

Fields
`name`	`string` Output only. The name of the metrics, in the format "projects/{project}/keys/{key}/metrics".
`start_time`	`Timestamp` Inclusive start time aligned to a day (UTC).
`score_metrics[]`	`ScoreMetrics` Metrics will be continuous and in order by dates, and in the granularity of day. All Key types should have score-based data.
`challenge_metrics[]`	`ChallengeMetrics` Metrics will be continuous and in order by dates, and in the granularity of day. Only challenge-based keys (CHECKBOX, INVISIBLE), will have challenge-based data.

MigrateKeyRequest

The migrate key request message.

Fields

Fields
`name`	`string` Required. The name of the key to be migrated, in the format "projects/{project}/keys/{key}".

name

string

Required. The name of the key to be migrated, in the format "projects/{project}/keys/{key}".

PrivatePasswordLeakVerification

Private password leak verification info.

Fields
`lookup_hash_prefix`	`bytes` Optional. Exactly 26-bit prefix of the SHA-256 hash of the canonicalized username. It is used to look up password leaks associated with that hash prefix.
`encrypted_user_credentials_hash`	`bytes` Optional. Encrypted Scrypt hash of the canonicalized username+password. It is re-encrypted by the server and returned through `reencrypted_user_credentials_hash`.
`encrypted_leak_match_prefixes[]`	`bytes` Output only. List of prefixes of the encrypted potential password leaks that matched the given parameters. They must be compared with the client-side decryption prefix of `reencrypted_user_credentials_hash`
`reencrypted_user_credentials_hash`	`bytes` Output only. Corresponds to the re-encryption of the `encrypted_user_credentials_hash` field. It is used to match potential password leaks within `encrypted_leak_match_prefixes`.

RelatedAccountGroup

A group of related accounts.

Fields

Fields
`name`	`string` Required. The resource name for the related account group in the format `projects/{project}/relatedaccountgroups/{related_account_group}`.

name

string

Required. The resource name for the related account group in the format projects/{project}/relatedaccountgroups/{related_account_group}.

RelatedAccountGroupMembership

A membership in a group of related accounts.

Fields

Fields
`name`	`string` Required. The resource name for this membership in the format `projects/{project}/relatedaccountgroups/{relatedaccountgroup}/memberships/{membership}`.
`hashed_account_id`	`bytes` The unique stable hashed user identifier of the member. The identifier corresponds to a `hashed_account_id` provided in a previous `CreateAssessment` or `AnnotateAssessment` call.

name

string

Required. The resource name for this membership in the format projects/{project}/relatedaccountgroups/{relatedaccountgroup}/memberships/{membership}.

hashed_account_id

bytes

The unique stable hashed user identifier of the member. The identifier corresponds to a hashed_account_id provided in a previous CreateAssessment or AnnotateAssessment call.

RetrieveLegacySecretKeyRequest

The retrieve legacy secret key request message.

Fields

Fields
`key`	`string` Required. The public key name linked to the requested secret key in the format "projects/{project}/keys/{key}".

key

string

Required. The public key name linked to the requested secret key in the format "projects/{project}/keys/{key}".

RetrieveLegacySecretKeyResponse

Secret key is used only in legacy reCAPTCHA. It must be used in a 3rd party integration with legacy reCAPTCHA.

Fields

Fields
`legacy_secret_key`	`string` The secret key (also known as shared secret) authorizes communication between your application backend and the reCAPTCHA Enterprise server to create an assessment. The secret key needs to be kept safe for security purposes.

legacy_secret_key

string

The secret key (also known as shared secret) authorizes communication between your application backend and the reCAPTCHA Enterprise server to create an assessment. The secret key needs to be kept safe for security purposes.

RiskAnalysis

Risk analysis result for an event.

Fields

Fields
`score`	`float` Legitimate event score from 0.0 to 1.0. (1.0 means very likely legitimate traffic while 0.0 means very likely non-legitimate traffic).
`reasons[]`	`ClassificationReason` Reasons contributing to the risk analysis verdict.

score

float

Legitimate event score from 0.0 to 1.0. (1.0 means very likely legitimate traffic while 0.0 means very likely non-legitimate traffic).

reasons[]

ClassificationReason

Reasons contributing to the risk analysis verdict.

ClassificationReason

Reasons contributing to the risk analysis verdict.

Enums
`CLASSIFICATION_REASON_UNSPECIFIED`	Default unspecified type.
`AUTOMATION`	Interactions matched the behavior of an automated agent.
`UNEXPECTED_ENVIRONMENT`	The event originated from an illegitimate environment.
`TOO_MUCH_TRAFFIC`	Traffic volume from the event source is higher than normal.
`UNEXPECTED_USAGE_PATTERNS`	Interactions with the site were significantly different than expected patterns.
`LOW_CONFIDENCE_SCORE`	Too little traffic has been received from this site thus far to generate quality risk analysis.

ScoreDistribution

Score distribution.

Fields

Fields
`score_buckets`	`map<int32, int64>` Map key is score value multiplied by 100. The scores are discrete values between [0, 1]. The maximum number of buckets is on order of a few dozen, but typically much lower (ie. 10).

score_buckets

map<int32, int64>

Map key is score value multiplied by 100. The scores are discrete values between [0, 1]. The maximum number of buckets is on order of a few dozen, but typically much lower (ie. 10).

ScoreMetrics

Metrics related to scoring.

Fields

Fields
`overall_metrics`	`ScoreDistribution` Aggregated score metrics for all traffic.
`action_metrics`	`map<string, ScoreDistribution>` Action-based metrics. The map key is the action name which specified by the site owners at time of the "execute" client-side call. Populated only for SCORE keys.

overall_metrics

ScoreDistribution

Aggregated score metrics for all traffic.

action_metrics

map<string, ScoreDistribution>

Action-based metrics. The map key is the action name which specified by the site owners at time of the "execute" client-side call. Populated only for SCORE keys.

SearchRelatedAccountGroupMembershipsRequest

The request message to search related account group memberships.

Fields
`project`	`string` Required. The name of the project to search related account group memberships from. Specify the project name in the following format: "projects/{project}".
`hashed_account_id`	`bytes` Optional. The unique stable hashed user identifier we should search connections to. The identifier should correspond to a `hashed_account_id` provided in a previous `CreateAssessment` or `AnnotateAssessment` call.
`page_size`	`int32` Optional. The maximum number of groups to return. The service might return fewer than this value. If unspecified, at most 50 groups are returned. The maximum value is 1000; values above 1000 are coerced to 1000.
`page_token`	`string` Optional. A page token, received from a previous `SearchRelatedAccountGroupMemberships` call. Provide this to retrieve the subsequent page. When paginating, all other parameters provided to `SearchRelatedAccountGroupMemberships` must match the call that provided the page token.

SearchRelatedAccountGroupMembershipsResponse

The response to a SearchRelatedAccountGroupMemberships call.

Fields

Fields
`related_account_group_memberships[]`	`RelatedAccountGroupMembership` The queried memberships.
`next_page_token`	`string` A token, which can be sent as `page_token` to retrieve the next page. If this field is omitted, there are no subsequent pages.

related_account_group_memberships[]

RelatedAccountGroupMembership

The queried memberships.

next_page_token

string

A token, which can be sent as page_token to retrieve the next page. If this field is omitted, there are no subsequent pages.

TestingOptions

Options for user acceptance testing.

Fields

Fields
`testing_score`	`float` All assessments for this Key will return this score. Must be between 0 (likely not legitimate) and 1 (likely legitimate) inclusive.
`testing_challenge`	`TestingChallenge` For challenge-based keys only (CHECKBOX, INVISIBLE), all challenge requests for this site will return nocaptcha if NOCAPTCHA, or an unsolvable challenge if CHALLENGE.

testing_score

float

All assessments for this Key will return this score. Must be between 0 (likely not legitimate) and 1 (likely legitimate) inclusive.

testing_challenge

TestingChallenge

For challenge-based keys only (CHECKBOX, INVISIBLE), all challenge requests for this site will return nocaptcha if NOCAPTCHA, or an unsolvable challenge if CHALLENGE.

TestingChallenge

Enum that represents the challenge option for challenge-based (CHECKBOX, INVISIBLE) testing keys.

Enums
`TESTING_CHALLENGE_UNSPECIFIED`	Perform the normal risk analysis and return either nocaptcha or a challenge depending on risk and trust factors.
`NOCAPTCHA`	Challenge requests for this key always return a nocaptcha, which does not require a solution.
`UNSOLVABLE_CHALLENGE`	Challenge requests for this key always return an unsolvable challenge.

TokenProperties

Fields
`valid`	`bool` Whether the provided user response token is valid. When valid = false, the reason could be specified in invalid_reason or it could also be due to a user failing to solve a challenge or a sitekey mismatch (i.e the sitekey used to generate the token was different than the one specified in the assessment).
`invalid_reason`	`InvalidReason` Reason associated with the response when valid = false.
`create_time`	`Timestamp` The timestamp corresponding to the generation of the token.
`hostname`	`string` The hostname of the page on which the token was generated.
`action`	`string` Action name provided at token generation.

InvalidReason

Enum that represents the types of invalid token reasons.

Enums
`INVALID_REASON_UNSPECIFIED`	Default unspecified type.
`UNKNOWN_INVALID_REASON`	If the failure reason was not accounted for.
`MALFORMED`	The provided user verification token was malformed.
`EXPIRED`	The user verification token had expired.
`DUPE`	The user verification had already been seen.
`MISSING`	The user verification token was not present.
`BROWSER_ERROR`	A retriable error (such as network failure) occurred on the browser. Could easily be simulated by an attacker.

UpdateKeyRequest

The update key request message.

Fields

key

Key

Required. The key to update.

update_mask

FieldMask

Optional. The mask to control which fields of the key get updated. If the mask is not present, all fields will be updated.

WafSettings

Settings specific to keys that can be used for WAF (Web Application Firewall).

Fields

waf_service

WafService

Required. The WAF service that uses this key.

waf_feature

WafFeature

Required. The WAF feature for which this key is enabled.

WafFeature

Supported WAF features. For more information, see https://cloud.google.com/recaptcha-enterprise/docs/usecase#comparison_of_features.

Enums
`WAF_FEATURE_UNSPECIFIED`	Undefined feature.
`CHALLENGE_PAGE`	Redirects suspicious traffic to reCAPTCHA.
`SESSION_TOKEN`	Use reCAPTCHA session-tokens to protect the whole user session on the site's domain.
`ACTION_TOKEN`	Use reCAPTCHA action-tokens to protect user actions.

WafService

Web Application Firewalls supported by reCAPTCHA Enterprise.

Enums
`WAF_SERVICE_UNSPECIFIED`	Undefined WAF
`CA`	Cloud Armor

WebKeySettings

Settings specific to keys that can be used by websites.

Fields
`allow_all_domains`	`bool` If set to true, it means allowed_domains will not be enforced.
`allowed_domains[]`	`string` Domains or subdomains of websites allowed to use the key. All subdomains of an allowed domain are automatically allowed. A valid domain requires a host and must not include any path, port, query or fragment. Examples: 'example.com' or 'subdomain.example.com'
`allow_amp_traffic`	`bool` If set to true, the key can be used on AMP (Accelerated Mobile Pages) websites. This is supported only for the SCORE integration type.
`integration_type`	`IntegrationType` Required. Describes how this key is integrated with the website.
`challenge_security_preference`	`ChallengeSecurityPreference` Settings for the frequency and difficulty at which this key triggers captcha challenges. This should only be specified for IntegrationTypes CHECKBOX and INVISIBLE.

ChallengeSecurityPreference

Enum that represents the possible challenge frequency and difficulty configurations for a web key.

Enums
`CHALLENGE_SECURITY_PREFERENCE_UNSPECIFIED`	Default type that indicates this enum hasn't been specified.
`USABILITY`	Key tends to show fewer and easier challenges.
`BALANCE`	Key tends to show balanced (in amount and difficulty) challenges.
`SECURITY`	Key tends to show more and harder challenges.

IntegrationType

Enum that represents the integration types for web keys.

Enums
`INTEGRATION_TYPE_UNSPECIFIED`	Default type that indicates this enum hasn't been specified. This is not a valid IntegrationType, one of the other types must be specified instead.
`SCORE`	Only used to produce scores. It doesn't display the "I'm not a robot" checkbox and never shows captcha challenges.
`CHECKBOX`	Displays the "I'm not a robot" checkbox and may show captcha challenges after it is checked.
`INVISIBLE`	Doesn't display the "I'm not a robot" checkbox, but may show captcha challenges after risk analysis.