Enterprise Recaptcha Setup | Community
Skip to main content
D
dMallicoat
New Participant
January 16, 2023
Solved

Enterprise Recaptcha Setup

  • January 16, 2023
  • 2 replies
  • 5453 views

I apologize if I've put this in the wrong place, or if I've missed other posts about it. I searched and scanned and didn't see anything. 


I am trying to set up Enterprise Recaptcha, mainly for the more granular responses and am struggling. Reading through the docs I'm not entirely sure if it's even possible to use Marketo Webhooks to do it. Has anyone else set up Enterprise Recaptcha in Marketo? 

https://cloud.google.com/recaptcha-enterprise/docs/create-assessment

 

we currently have recaptcha v3 setup, not using the native integration as I'd already set it up previously and didn't want to undo it all. 

I've made several efforts, but so far haven't had any success. 

Best answer by dMallicoat

ok, so after a ton of tests and connecting with my lead dev I got it to work. 

 

The key to getting Enterprise Recaptcha v3 to work in Marketo:
There is the front end script that adds recaptcha to your form page to get your token. 
The back end processing to validate the token to get a score. 

For the back end processing you will need: 

  • From Google Cloud: 
    • API Key, Site Key, Project ID
  • From front end recaptcha response: Token
  • From front end code:  
    • USER_ACTION - this is what you set in your front end script, most likely "form" 

Marketo Webhook Settings
URL: recaptchaenterprise.googleapis.com/v1/projects/PROJECT_ID/assessments?key=API_KEY
Request Type: POST
Template:

{
    "event": {
    "token": "TOKEN",
    "siteKey": "KEY",
    "expectedAction": "USER_ACTION"
    }
}

Request Token Encoding: JSON
Response Type: JSON

Custom Headers
Content-Type = application/json; charset=utf-8



The response will contain much more than free v3, a real response shown below with substitions for privacy marked as REDACTED. 

{
"name": "REDACTED",
"event": {
"token": "REDACTED",
"siteKey": "REDACTED",
"userAgent": "",
"userIpAddress": "",
"expectedAction": "form",
"hashedAccountId": ""
},
"riskAnalysis": {
"score": 0.9,
"reasons": []
},
"tokenProperties": {
"valid": true,
"invalidReason": "INVALID_REASON_UNSPECIFIED",
"hostname": "REDACTED",
"androidPackageName": "",
"iosBundleId": "",
"action": "form",
"createTime": "2023-01-17T21:52:28.472Z"
}
}

2 replies

D
dMallicoatAuthorAccepted solution
New Participant
January 17, 2023

ok, so after a ton of tests and connecting with my lead dev I got it to work. 

 

The key to getting Enterprise Recaptcha v3 to work in Marketo:
There is the front end script that adds recaptcha to your form page to get your token. 
The back end processing to validate the token to get a score. 

For the back end processing you will need: 

  • From Google Cloud: 
    • API Key, Site Key, Project ID
  • From front end recaptcha response: Token
  • From front end code:  
    • USER_ACTION - this is what you set in your front end script, most likely "form" 

Marketo Webhook Settings
URL: recaptchaenterprise.googleapis.com/v1/projects/PROJECT_ID/assessments?key=API_KEY
Request Type: POST
Template:

{
    "event": {
    "token": "TOKEN",
    "siteKey": "KEY",
    "expectedAction": "USER_ACTION"
    }
}

Request Token Encoding: JSON
Response Type: JSON

Custom Headers
Content-Type = application/json; charset=utf-8



The response will contain much more than free v3, a real response shown below with substitions for privacy marked as REDACTED. 

{
"name": "REDACTED",
"event": {
"token": "REDACTED",
"siteKey": "REDACTED",
"userAgent": "",
"userIpAddress": "",
"expectedAction": "form",
"hashedAccountId": ""
},
"riskAnalysis": {
"score": 0.9,
"reasons": []
},
"tokenProperties": {
"valid": true,
"invalidReason": "INVALID_REASON_UNSPECIFIED",
"hostname": "REDACTED",
"androidPackageName": "",
"iosBundleId": "",
"action": "form",
"createTime": "2023-01-17T21:52:28.472Z"
}
}
SanfordWhiteman
SanfordWhiteman
New Participant
January 17, 2023

Well, yes. Not sure what else you would have tried (there would never be any reason to pre-JSON-encode the payload).

 

You also don't need the custom header. The endpoint defaults to expecting UTF-8, as dictated by the JSON standard.

D
dMallicoatAuthor
New Participant
January 19, 2023

I banged my head through dozens and dozens of attempts messing with every setting I could to try and figure out what I missing. I received error responses every time until I did what I explained in my answer.  To verify, I removed the custom header and received an error, put it back in and it works. So, not sure there. 

SanfordWhiteman
SanfordWhiteman
New Participant
January 17, 2023

Would be better if you'd describe what you've tried and how the results didn't match your expectations.

 

Yes, you can call the Enterprise endpoint as a Marketo webhook using an API key to authenticate. However, mapping the riskAnalysis.reasons responses to individual fields is tricky because you don't know the order of items in the array. But you can map riskAnalysis.reasons[0], riskAnalysis.reasons[1], etc. to a few different custom string fields in Marketo.

D
dMallicoatAuthor
New Participant
January 17, 2023

From the create an assessment https://cloud.google.com/recaptcha-enterprise/docs/create-assessment I've put the correct values into the URL: 

https://recaptchaenterprise.googleapis.com/v1/projects/PROJECT_ID/assessments?key=API_KEY

and then putting the JSON into  the Template section of the webhook with the appropriate values and marking it as JSON Encoding. 

{
  "event": {
    "token": "TOKEN",
    "siteKey": "KEY",
    "expectedAction": "USER_ACTION"
  }
}


I've tried converting the JSON to a string: 
"{\"event\":{\"token\":\"TOKEN\",\"siteKey\":\"KEY\",\"expectedAction\":\"USER_ACTION\"}}"

All efforts so far have resulted in a 400 error response. 
I'm not quite sure what I need to set in the Webhook options or how to adjust the JSON body they show in the documentation. https://cloud.google.com/recaptcha-enterprise/docs/create-assessment

D
dMallicoatAuthor
New Participant
January 17, 2023

I've put all the various values for the variables, just can't share them here. 

Terms & ConditionsAccessibility statement

Loading footer...