Index
RecaptchaEnterpriseService(interface)AndroidKeySettings(message)AnnotateAssessmentRequest(message)AnnotateAssessmentRequest.Annotation(enum)AnnotateAssessmentRequest.Reason(enum)AnnotateAssessmentResponse(message)Assessment(message)ChallengeMetrics(message)CreateAssessmentRequest(message)CreateKeyRequest(message)DeleteKeyRequest(message)Event(message)GetKeyRequest(message)GetMetricsRequest(message)IOSKeySettings(message)Key(message)ListKeysRequest(message)ListKeysResponse(message)Metrics(message)MigrateKeyRequest(message)RiskAnalysis(message)RiskAnalysis.ClassificationReason(enum)ScoreDistribution(message)ScoreMetrics(message)TestingOptions(message)TestingOptions.TestingChallenge(enum)TokenProperties(message)TokenProperties.InvalidReason(enum)UpdateKeyRequest(message)WebKeySettings(message)WebKeySettings.ChallengeSecurityPreference(enum)WebKeySettings.IntegrationType(enum)
RecaptchaEnterpriseService
Service to determine the likelihood an event is legitimate.
| AnnotateAssessment | |
|---|---|
|
Annotates a previously created Assessment to provide additional information on whether the event turned out to be authentic or fraudulent.
|
|
| CreateAssessment | |
|---|---|
|
Creates an Assessment of the likelihood an event is legitimate.
|
|
| CreateKey | |
|---|---|
|
Creates a new reCAPTCHA Enterprise key.
|
|
| DeleteKey | |
|---|---|
|
Deletes the specified key.
|
|
| GetKey | |
|---|---|
|
Returns the specified key.
|
|
| GetMetrics | |
|---|---|
|
Get some aggregated metrics for a Key. This data can be used to build dashboards.
|
|
| ListKeys | |
|---|---|
|
Returns the list of all keys that belong to a project.
|
|
| MigrateKey | |
|---|---|
|
Migrates an existing key from reCAPTCHA to reCAPTCHA Enterprise. Once a key is migrated, it can be used from either product. SiteVerify requests are billed as CreateAssessment calls. You must be authenticated as one of the current owners of the reCAPTCHA Site Key, and your user must have the reCAPTCHA Enterprise Admin IAM role in the destination project.
|
|
| UpdateKey | |
|---|---|
|
Updates the specified key.
|
|
AndroidKeySettings
Settings specific to keys that can be used by Android apps.
| Fields | |
|---|---|
allowed_package_names[] |
Android package names of apps allowed to use the key. Example: 'com.companyname.appname' |
AnnotateAssessmentRequest
The request message to annotate an Assessment.
| Fields | |
|---|---|
name |
Required. The resource name of the Assessment, in the format "projects/{project}/assessments/{assessment}". Authorization requires the following IAM permission on the specified resource
|
annotation |
Optional. The annotation that will be assigned to the Event. This field can be left empty to provide reasons that apply to an event without concluding whether the event is legitimate or fraudulent. |
reasons[] |
Optional. Optional reasons for the annotation that will be assigned to the Event. |
Annotation
Enum that represents the types of annotations.
| Enums | |
|---|---|
ANNOTATION_UNSPECIFIED |
Default unspecified type. |
LEGITIMATE |
Provides information that the event turned out to be legitimate. |
FRAUDULENT |
Provides information that the event turned out to be fraudulent. |
PASSWORD_CORRECT |
Provides information that the event was related to a login event in which the user typed the correct password. Deprecated, prefer indicating CORRECT_PASSWORD through the reasons field instead. |
PASSWORD_INCORRECT |
Provides information that the event was related to a login event in which the user typed the incorrect password. Deprecated, prefer indicating INCORRECT_PASSWORD through the reasons field instead. |
Reason
Enum that represents potential reasons for annotating an assessment.
| Enums | |
|---|---|
REASON_UNSPECIFIED |
Default unspecified reason. |
CHARGEBACK |
Indicates a chargeback for fraud was issued for the transaction associated with the assessment. |
PAYMENT_HEURISTICS |
Indicates the transaction associated with the assessment is suspected of being fraudulent based on the payment method, billing details, shipping address or other transaction information. |
INITIATED_TWO_FACTOR |
Indicates that the user was served a 2FA challenge. An old assessment with ENUM_VALUES.INITIATED_TWO_FACTOR reason that has not been overwritten with PASSED_TWO_FACTOR is treated as an abandoned 2FA flow. This is equivalent to FAILED_TWO_FACTOR. |
PASSED_TWO_FACTOR |
Indicates that the user passed a 2FA challenge. |
FAILED_TWO_FACTOR |
Indicates that the user failed a 2FA challenge. |
CORRECT_PASSWORD |
Indicates the user provided the correct password. |
INCORRECT_PASSWORD |
Indicates the user provided an incorrect password. |
AnnotateAssessmentResponse
Empty response for AnnotateAssessment.
Assessment
A recaptcha assessment resource.
| Fields | |
|---|---|
name |
Output only. The resource name for the Assessment in the format "projects/{project}/assessments/{assessment}". |
event |
The event being assessed. |
risk_analysis |
Output only. The risk analysis result for the event being assessed. |
token_properties |
Output only. Properties of the provided event token. |
ChallengeMetrics
Metrics related to challenges.
| Fields | |
|---|---|
pageload_count |
Count of reCAPTCHA checkboxes or badges rendered. This is mostly equivalent to a count of pageloads for pages that include reCAPTCHA. |
nocaptcha_count |
Count of nocaptchas (successful verification without a challenge) issued. |
failed_count |
Count of submitted challenge solutions that were incorrect or otherwise deemed suspicious such that a subsequent challenge was triggered. |
passed_count |
Count of nocaptchas (successful verification without a challenge) plus submitted challenge solutions that were correct and resulted in verification. |
CreateAssessmentRequest
The create assessment request message.
| Fields | |
|---|---|
parent |
Required. The name of the project in which the assessment will be created, in the format "projects/{project}". Authorization requires the following IAM permission on the specified resource
|
assessment |
Required. The assessment details. |
CreateKeyRequest
The create key request message.
| Fields | |
|---|---|
parent |
Required. The name of the project in which the key will be created, in the format "projects/{project}". Authorization requires the following IAM permission on the specified resource
|
key |
Required. Information to create a reCAPTCHA Enterprise key. |
DeleteKeyRequest
The delete key request message.
| Fields | |
|---|---|
name |
Required. The name of the key to be deleted, in the format "projects/{project}/keys/{key}". Authorization requires the following IAM permission on the specified resource
|
Event
| Fields | |
|---|---|
token |
Optional. The user response token provided by the reCAPTCHA client-side integration on your site. |
site_key |
Optional. The site key that was used to invoke reCAPTCHA on your site and generate the token. |
user_agent |
Optional. The user agent present in the request from the user's device related to this event. |
user_ip_address |
Optional. The IP address in the request from the user's device related to this event. |
expected_action |
Optional. The expected action for this type of event. This should be the same action provided at token generation time on client-side platforms already integrated with recaptcha enterprise. |
GetKeyRequest
The get key request message.
| Fields | |
|---|---|
name |
Required. The name of the requested key, in the format "projects/{project}/keys/{key}". Authorization requires the following IAM permission on the specified resource
|
GetMetricsRequest
The get metrics request message.
| Fields | |
|---|---|
name |
Required. The name of the requested metrics, in the format "projects/{project}/keys/{key}/metrics". Authorization requires the following IAM permission on the specified resource
|
IOSKeySettings
Settings specific to keys that can be used by iOS apps.
| Fields | |
|---|---|
allowed_bundle_ids[] |
iOS bundle ids of apps allowed to use the key. Example: 'com.companyname.productname.appname' |
Key
A key used to identify and configure applications (web and/or mobile) that use reCAPTCHA Enterprise.
| Fields | ||
|---|---|---|
name |
The resource name for the Key in the format "projects/{project}/keys/{key}". |
|
display_name |
Human-readable display name of this key. Modifiable by user. |
|
labels |
|
|
create_time |
The timestamp corresponding to the creation of this Key. |
|
testing_options |
Options for user acceptance testing. |
|
Union field platform_settings. Platform specific settings for this key. The key can only be used on one platform, the one it has settings for. platform_settings can be only one of the following: |
||
web_settings |
Settings for keys that can be used by websites. |
|
android_settings |
Settings for keys that can be used by Android apps. |
|
ios_settings |
Settings for keys that can be used by iOS apps. |
|
ListKeysRequest
The list keys request message.
| Fields | |
|---|---|
parent |
Required. The name of the project that contains the keys that will be listed, in the format "projects/{project}". Authorization requires the following IAM permission on the specified resource
|
page_size |
Optional. The maximum number of keys to return. Default is 10. Max limit is 1000. |
page_token |
Optional. The next_page_token value returned from a previous. ListKeysRequest, if any. |
ListKeysResponse
Response to request to list keys in a project.
| Fields | |
|---|---|
keys[] |
Key details. |
next_page_token |
Token to retrieve the next page of results. It is set to empty if no keys remain in results. |
Metrics
Metrics for a single Key.
| Fields | |
|---|---|
start_time |
Inclusive start time aligned to a day (UTC). |
score_metrics[] |
Metrics will be continuous and in order by dates, and in the granularity of day. All Key types should have score-based data. |
challenge_metrics[] |
Metrics will be continuous and in order by dates, and in the granularity of day. Only challenge-based keys (CHECKBOX, INVISIBLE), will have challenge-based data. |
MigrateKeyRequest
The migrate key request message.
| Fields | |
|---|---|
name |
Required. The name of the key to be migrated, in the format "projects/{project}/keys/{key}". Authorization requires the following IAM permission on the specified resource
|
RiskAnalysis
Risk analysis result for an event.
| Fields | |
|---|---|
score |
Legitimate event score from 0.0 to 1.0. (1.0 means very likely legitimate traffic while 0.0 means very likely non-legitimate traffic). |
reasons[] |
Reasons contributing to the risk analysis verdict. |
ClassificationReason
Reasons contributing to the risk analysis verdict.
| Enums | |
|---|---|
CLASSIFICATION_REASON_UNSPECIFIED |
Default unspecified type. |
AUTOMATION |
Interactions matched the behavior of an automated agent. |
UNEXPECTED_ENVIRONMENT |
The event originated from an illegitimate environment. |
TOO_MUCH_TRAFFIC |
Traffic volume from the event source is higher than normal. |
UNEXPECTED_USAGE_PATTERNS |
Interactions with the site were significantly different than expected patterns. |
LOW_CONFIDENCE_SCORE |
Too little traffic has been received from this site thus far to generate quality risk analysis. |
ScoreDistribution
Score distribution.
| Fields | |
|---|---|
score_buckets |
Map key is score value multiplied by 100. The scores are discrete values between [0, 1]. The maximum number of buckets is on order of a few dozen, but typically much lower (ie. 10). |
ScoreMetrics
Metrics related to scoring.
| Fields | |
|---|---|
overall_metrics |
Aggregated score metrics for all traffic. |
action_metrics |
Action-based metrics. The map key is the action name which specified by the site owners at time of the "execute" client-side call. Populated only for SCORE keys. |
TestingOptions
Options for user acceptance testing.
| Fields | |
|---|---|
testing_score |
All assessments for this Key will return this score. Must be between 0 (likely not legitimate) and 1 (likely legitimate) inclusive. |
testing_challenge |
For challenge-based keys only (CHECKBOX, INVISIBLE), all challenge requests for this site will return nocaptcha if NOCAPTCHA, or an unsolvable challenge if CHALLENGE. |
TestingChallenge
Enum that represents the challenge option for challenge-based (CHECKBOX, INVISIBLE) testing keys.
| Enums | |
|---|---|
TESTING_CHALLENGE_UNSPECIFIED |
Perform the normal risk analysis and return either nocaptcha or a challenge depending on risk and trust factors. |
NOCAPTCHA |
Challenge requests for this key will always return a nocaptcha, which does not require a solution. |
CHALLENGE |
Challenge requests for this key will always return an unsolvable challenge. |
TokenProperties
| Fields | |
|---|---|
valid |
Whether the provided user response token is valid. When valid = false, the reason could be specified in invalid_reason or it could also be due to a user failing to solve a challenge or a sitekey mismatch (i.e the sitekey used to generate the token was different than the one specified in the assessment). |
invalid_reason |
Reason associated with the response when valid = false. |
create_time |
The timestamp corresponding to the generation of the token. |
hostname |
The hostname of the page on which the token was generated. |
action |
Action name provided at token generation. |
InvalidReason
Enum that represents the types of invalid token reasons.
| Enums | |
|---|---|
INVALID_REASON_UNSPECIFIED |
Default unspecified type. |
UNKNOWN_INVALID_REASON |
If the failure reason was not accounted for. |
MALFORMED |
The provided user verification token was malformed. |
EXPIRED |
The user verification token had expired. |
DUPE |
The user verification had already been seen. |
MISSING |
The user verification token was not present. |
BROWSER_ERROR |
A retriable error (such as network failure) occurred on the browser. Could easily be simulated by an attacker. |
UpdateKeyRequest
The update key request message.
| Fields | |
|---|---|
key |
Required. The key to update. Authorization requires the following IAM permission on the specified resource
|
update_mask |
Optional. The mask to control which fields of the key get updated. If the mask is not present, all fields will be updated. |
WebKeySettings
Settings specific to keys that can be used by websites.
| Fields | |
|---|---|
allow_all_domains |
If set to true, it means allowed_domains will not be enforced. |
allowed_domains[] |
Domains or subdomains of websites allowed to use the key. All subdomains of an allowed domain are automatically allowed. A valid domain requires a host and must not include any path, port, query or fragment. Examples: 'example.com' or 'subdomain.example.com' |
allow_amp_traffic |
Required. Whether this key can be used on AMP (Accelerated Mobile Pages) websites. This can only be set for the SCORE integration type. |
integration_type |
Required. Describes how this key is integrated with the website. |
challenge_security_preference |
Settings for the frequency and difficulty at which this key triggers captcha challenges. This should only be specified for IntegrationTypes CHECKBOX and INVISIBLE. |
ChallengeSecurityPreference
Enum that represents the possible challenge frequency and difficulty configurations for a web key.
| Enums | |
|---|---|
CHALLENGE_SECURITY_PREFERENCE_UNSPECIFIED |
Default type that indicates this enum hasn't been specified. |
USABILITY |
Key tends to show fewer and easier challenges. |
BALANCE |
Key tends to show balanced (in amount and difficulty) challenges. |
SECURITY |
Key tends to show more and harder challenges. |
IntegrationType
Enum that represents the integration types for web keys.
| Enums | |
|---|---|
INTEGRATION_TYPE_UNSPECIFIED |
Default type that indicates this enum hasn't been specified. This is not a valid IntegrationType, one of the other types must be specified instead. |
SCORE |
Only used to produce scores. It doesn't display the "I'm not a robot" checkbox and never shows captcha challenges. |
CHECKBOX |
Displays the "I'm not a robot" checkbox and may show captcha challenges after it is checked. |
INVISIBLE |
Doesn't display the "I'm not a robot" checkbox, but may show captcha challenges after risk analysis. |