Captcha Tab

CAPTCHA is a new security mechanism introduced in Cross Identity. It helps to authenticate whether a user is valid to log in to the website. It safeguards websites against spam and abuse.

Pre-requisites

1. A user must have a valid Google account. 

2. While enabling the Captcha, make sure to device whitelist the following URLs on the end-user machine as well as on Cross Identity servers:

• https://www.gstatic.com/recaptcha/releases/dPctOHA2ifhWm5WzFM_B5TjT/recaptcha__en.js

• https://www.google.com/recaptcha/api2/

• https://www.google.com/recaptcha/api.js

3. To enable Captcha, the site and secret keys must be generated. Refer to 9.12.3 How to generate Captcha Site Key and Captcha Secret Key

Enable Captcha tab:

1. Click Security from the main menu.

2. Click Captcha tab. The Captcha tab screen is displayed.

3. Here, an admin can Enable Captcha For The Following Page:

• End User Login Page – The user will see reCAPTCHA on the login page.

b. End User Forgot/Unlock Page- When a user forgets and attempts to reset the password, enabling it gives the option to enter reCAPTCHA while resetting the password.

5. Captcha Config Details: Enter the Captcha Site Key and Captcha Secret Key.

This needs to be generated through Google. Refer to How to generate Captcha Site Key and Captcha Secret Key

6. Click Save.

How to generate Captcha Site Key and Captcha Secret Key

1. Click on reCAPTCHA (google.com)

2. Fill in the required fields:

a. In Label, enter reCAPTCHA.

b. reCAPTCHA type: Challenge (v2) and select "I'm not a robot" Checkbox

c. Domains: the host you are using. Example: Here, it is the host.com

3. Click on Submit.

4. It will take you to the next screen, which shows the Site Key and Secret Key.

5. Copy the site and secret keys and paste them into the CAPTCHA tab under Security in Cross Identity.