Google Recaptcha Enterprise Implementation

AkankshaPrat007 · 12-19-2023 11:45 PM

We are trying to implement Enterprise reCaptcha for our project and we are following recaptcha documentation https://cloud.google.com/recaptcha-enterprise/docs/instrument-web-pages for generating token & https://cloud.google.com/recaptcha-enterprise/docs/create-assessment-website for creating score based assessment.

However for creating assessment we could find documentation only for creating assessment using API key. Our client is suggesting to use private key for the authentication and is not providing the API key.

We have got values for below properties from client's service account:
"type": "service_account"
project_id
private_key_id
private_key
Site Key
Please note that we are using using REST calls via typescript.

Kindly suggest what would be the approach for using private key for recaptcha assessment rest call authentication and share some documentation on the same.

lawrencenelson

Hi @AkankshaPrat007,

Welcome to the Google Cloud Community!

Based from the official documentation[1]:

To identify a service that sends requests to your API, you use a service account. The calling service uses the service account's private key to sign a secure JSON Web Token (JWT) and sends the signed JWT in the request to your API.

Next, you may view the steps provided in this documentation on how to use the signed JWT to authenticate.

You can always contact Google Cloud Support to further look into your case. Thank you!

[1]. https://cloud.google.com/api-gateway/docs/authentication-method#service_accounts

AkankshaPrat007

do we have any reference/example for this implementation ?