Configure reCAPTCHA - Lacuna PSC

Lacuna PSC uses Google reCAPTCHA to protect the API from abuse by ensuring that API requests claiming to have come from the website were indeed originated by a human operator and not an automated bot.

Note

Enabling both reCAPTCHA and Firebase App Check is essential in production environments to protect the API from abuse

Create a reCAPTCHA project

1. Sign in to the Google reCAPTCHA admin console
2. On the Register a new site form, fill out:
   • A label of your choice, e.g. My PSC
   • Select reCAPTCHA v2, then Invisible reCAPTCHA badge
   • Type the domain of your Lacuna PSC instance, e.g. psc.yourcompany.com
   • Accept the terms of service
3. Click on Submit
4. Copy the site key and the secret key

Configuring Lacuna PSC

Having both keys, edit the Lacuna PSC configuration file and fill the section Recaptcha, settings SiteKey and SecretKey.

Example (.ini or .conf file):

[Recaptcha]
SiteKey=6LdfItkZAAAAAIxxxxxxxxxxxxxxxxxxxxxxxxxx
SecretKey=6LdfItkZAAAAALxxxxxxxxxxxxxxxxxxxxxxxxxx

Example (environment variables):

Recaptcha__SiteKey=6LdfItkZAAAAAIxxxxxxxxxxxxxxxxxxxxxxxxxx
Recaptcha__SecretKey=6LdfItkZAAAAALxxxxxxxxxxxxxxxxxxxxxxxxxx

See also

• Configure Firebase
• Lacuna PSC on-premises