Code360 powered by Coding Ninjas X Code360 powered by Coding Ninjas X
Table of contents
Need of reCAPTCHA Enterprise
Working of reCAPTCHA Enterprise
Comparison Between reCAPTCHA and reCAPTCHA Enterprise
Migration from reCAPTCHA to reCAPTCHA Enterprise
Types of reCAPTCHA Keys
How to setup reCAPTCHA Enterprise
Frequently Asked Questions
I want to conceal the reCAPTCHA badge. What is permitted?
Are cookies used by reCAPTCHA?
Google reCAPTCHA: Is it free for businesses?
What does reCAPTCHA serve as?
Last Updated: Jun 21, 2024

reCAPTCHA Enterprise

Leveraging ChatGPT - GenAI as a Microsoft Data Expert
Prerita Agarwal
Data Specialist @
23 Jul, 2024 @ 01:30 PM


You can learn more about the reCAPTCHA Enterprise, a service or product offered by Google Cloud Provider, by reading this article. But first, we must comprehend reCAPTCHA, which I'm sure most of you are already aware of.

reCAPTCHA Enterprise

For more than ten years, Google has used reCAPTCHA to protect millions of websites. In order to differentiate between humans and bots, reCAPTCHA Enterprise is based on the already-existing reCAPTCHA API.

Need of reCAPTCHA Enterprise

Need of reCAPTCHA Enterprise

You can guard your website against spam and abuse with reCAPTCHA Enterprise, and you can also find other sorts of fraud on the site, like credential stuffing and account takeover (ATO), and automated account creation. To safeguard corporate enterprises, reCAPTCHA Enterprise provides improved detection with more detailed scores, explanation codes for problematic occurrences, mobile app SDKs, password breach/leak detection, Multi-factor authentication (MFA), and the capacity to fine-tune your site-specific model.

Get the tech career you deserve, faster!
Connect with our expert counsellors to understand how to hack your way to success
User rating 4.7/5
1:1 doubt support
95% placement record
Akash Pal
Senior Software Engineer
326% Hike After Job Bootcamp
Himanshu Gusain
Programmer Analyst
32 LPA After Job Bootcamp
After Job

Working of reCAPTCHA Enterprise


reCAPTCHA working
  1. First the browser used by the customer loads the web pages on the server or backend, then after that it will run the reCAPTCHA javascript through reCAPTCHA Enterprise.

  2. The web page sends signals that are gathered in the browser to reCAPTCHA Enterprise for assessment when the end user initiates an HTML activity protected by reCAPTCHA, such as logging in.

  3. The reCAPTCHA Enterprise will then send an encrypted reCAPTCHA to the website for further usage.

  4. The backend/web server receives the encoded reCAPTCHA token from the web page and evaluates it.

  5. The create assessment (assessments.create) request and the encrypted reCAPTCHA token are sent to reCAPTCHA Enterprise by the backend/web server.

  6. Following evaluation, reCAPTCHA Enterprise provides the backend/web server with a score (ranging from 0.0 to 1.0) and reason code (depending on the interactions).

  7. You (the developer) can choose the following actions to perform about the user based on the score.

Comparison Between reCAPTCHA and reCAPTCHA Enterprise

Difference in Features of reCAPTCHA Enterprise and reCAPTCHA.


This table compares the features of different versions of reCAPTCHA


reCAPTCHA Enterprise


ChargeFree up to one million evaluations each month*Free up to one million evaluations each month*
Type of licensingPurchase or CommitN/A
Supportincluded basic assistanceN/A
Visual challenge supportYesYes
Security at WAF (Preview)YesN/A
Multi-factor authentication (MFA) SMS and EmailN/A
detect password leaks (security-review required)YesN/A
Account defender (security-review required)YesN/A
Defender of payment (security-review required)YesN/A
Score specificity (security-review required)11 Levels4 Levels
Reason codes (security-review required)YesN/A
Observations regarding tests utilising the Annotation API (security-review required)YesN/A
SDK for iOS (Preview) (security-review required)YesN/A
SDK for Android (Preview) (security-review required)YesN/A
SLA99.9% + uptimeN/A
Google Cloud termsYesN/A

Migration from reCAPTCHA to reCAPTCHA Enterprise

Migration from reCAPTCHA to reCAPTCHA Enterprise

Selecting an active site key from the reCAPTCHA Admin panel and transferring the site key are required steps in the migration from a non-Enterprise version of reCAPTCHA to reCAPTCHA Enterprise. One or more active site keys can be migrated. One site key can only be migrated at a time, though.

You must possess a reCAPTCHA user account that complies with the following criteria in order to carry out the migration process:

  • The user account is shown as an administrator for the site key you would like to migrate in the reCAPTCHA Admin panel.
  • The user account for the Google Cloud project where the reCAPTCHA Enterprise API is enabled has one of the following IAM roles:
    • Roles and Owner of the Project
    • Editor for Projects (editor positions)
    • Enterprise Admin for reCAPTCHA (roles/recaptchaenterprise.admin)

Types of reCAPTCHA Keys

You can secure your endpoints by confirming user engagement on your web sites and mobile applications using reCAPTCHA keys, also called as site keys. You must comprehend the variations among reCAPTCHA Enterprise key types, CAPTCHA challenge caveats, and end-user use scenarios in order to select the proper reCAPTCHA key type.

To validate user interactions on your web pages and mobile applications, reCAPTCHA Enterprise offers score-based (no challenge) and checkbox (checkbox challenge) site keys. For each request, both key kinds produce a score that is determined by how users engage with your website or application. With the aid of this score, you can assess the risk that the connection poses and decide what steps to take for your website or application.

score-based (no challenge) 

Without involving any users, score-based site keys enable you to confirm the validity of an interaction.

checkbox (checkbox challenge

To ensure that a user is not a robot, checkbox site keys use a checkbox challenge that necessitates user input. Additionally, you may use checkbox site keys to secure particular actions using CAPTCHA tests.

How to setup reCAPTCHA Enterprise

How to setup reCAPTCHA Enterprise

migration from Recaptcha to Recaptcha enterprise

The functionality you require for your environment and for reCAPTCHA Enterprise depend on some factors.

Start using reCAPTCHA Enterprise by performing the actions below:

  • In the Google Cloud console, register to create a Google account.
  • Make projects in the Google Cloud and assign them to reCAPTCHA Enterprise.

Based on the following variables, you can configure reCAPTCHA Enterprise as you see fit:

Type of deployment: Upgrade from an earlier version or new installation.


Location of the backend: Backend locations include on-premises, Google Cloud, third-party clouds, and CRM or SaaS providers.


Authentication methods:  Authentication procedures support for service accounts and other external authentication mechanisms in your environment, such as OAuth.

flowchart GCP


Now that you are aware of the factors that you need to consider when you want to associate reCAPTCHA Enterprise check out the following official documentation for enable and configuration for the reCAPTCHA Enterprise on Google Cloud and Non-Google Cloud environment.

reCAPTCHA Enterprise on Google Cloud


reCAPTCHA Enterprise on non-Google Cloud environment


reCAPTCHA Enterprise on non-Google Cloud environment using API keys

To learn  about  Libraries for the reCAPTCHA Enterprise API in the cloud you can go through the official documentation given below:

reCAPTCHA Enterprise client libraries

Frequently Asked Questions

I want to conceal the reCAPTCHA badge. What is permitted?

As long as the reCAPTCHA branding is clearly visible in the user flow, you are permitted to conceal the badge.

Are cookies used by reCAPTCHA?

When reCAPTCHA is used, a crucial cookie (_GRECAPTCHA) is established in order to do its risk analysis. Use if you'd rather avoid using the domain, which might already be using cookies.

Google reCAPTCHA: Is it free for businesses?

For reCAPTCHA Enterprise, Google charges $1 per 1000 requests, making each request now more expensive than it would be to compromise the service's security as a whole.

What does reCAPTCHA serve as?

Your website is safeguarded against fraud and misuse with the help of reCAPTCHA. To prevent malicious malware from abusing your website, reCAPTCHA employs an innovative risk assessment engine and adaptive challenges.


We learned about reCAPTCHA Enterprise in this article and why your website or application needs it. Additionally, we learned how the backend work for reCAPTCHA Enterprise was completed as well as how to put it up in our environment..

To learn more about the GCP please refer to the following articles:
 Cloud Audit logs in GCP

Introduction to AI Platform in GCP

Manage self-serve account in GCP

To learn more about DSA, competitive coding and many more knowledgeable topics, please look into the guided paths on Coding Ninjas Studio. Also, you can enroll in our courses and check out the mock test and problems available to you. Please check out our interview experiences and interview bundle for placement preparations.

thank you


Please upvote our blog to help other ninjas grow.

Happy Learning

Live masterclass