Skip to main content
POST
/
api
/
adm
/
companyProjects
/
{id}
/
recaptcha
Set Project reCAPTCHA Settings
curl --request POST \
  --url https://localhost:44371/api/adm/companyProjects/{id}/recaptcha \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --data '{}'
{
  "success": true,
  "code": 200,
  "errorMessage": null
}

Description

Applies reCAPTCHA configuration for bot detection and fraud prevention in payment forms. Used when setting up reCAPTCHA for the first time or updating existing configuration (credential rotation, version upgrades, threshold adjustments).

Input

  • Path Parameter: id (guid, required) — Unique identifier of the project to configure.
  • Body: model (RecaptchaSettingsUpdateCommandRequest, required) — reCAPTCHA configuration including:
    • projectId (guid, required) — Project identifier (must match path parameter).
    • siteKey (string, required) — reCAPTCHA site key (public).
    • secretKey (string, required) — reCAPTCHA secret key (private).
    • version (string, required) — reCAPTCHA version (“v2” or “v3”).
    • scoreThreshold (decimal, optional) — v3 score threshold (0.0-1.0, required for v3).
    • isEnabled (bool, required) — Enable or disable reCAPTCHA validation.

Output

Returns a BaseCommandResponse indicating whether the reCAPTCHA settings were successfully updated.

Example Request (v3 with Score Threshold)

POST /api/admin/companyProjects/7bc94a21-8833-4d2f-a5e1-9f4b2d8c1e7a/recaptcha-settings
Content-Type: application/json
Authorization: Bearer {token}

{
  "projectId": "7bc94a21-8833-4d2f-a5e1-9f4b2d8c1e7a",
  "siteKey": "6LdxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxL",
  "secretKey": "6LdxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxS",
  "version": "v3",
  "scoreThreshold": 0.5,
  "isEnabled": true
}

Example Request (v2 Checkbox)

{
  "projectId": "7bc94a21-8833-4d2f-a5e1-9f4b2d8c1e7a",
  "siteKey": "6LdxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxL",
  "secretKey": "6LdxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxS",
  "version": "v2",
  "scoreThreshold": null,
  "isEnabled": true
}

Example Response

{
  "success": true,
  "code": 200,
  "errorMessage": null
}

Errors

  • 400 Bad Request — Missing required fields, invalid reCAPTCHA keys format, invalid version, or invalid score threshold (must be 0.0-1.0 for v3).
  • 404 Not Found — No project exists with the specified ID.

Notes

  • Changes take effect immediately for new payment form renders.
  • reCAPTCHA v3 score threshold of 0.5 is recommended starting point (lower = stricter, higher = more permissive).
  • reCAPTCHA v2 provides checkbox “I’m not a robot” challenges; v3 provides invisible score-based validation.
  • Site and secret keys must be obtained from Google reCAPTCHA admin console before configuration.
  • Setting isEnabled=false disables reCAPTCHA validation without removing configuration.
  • Test reCAPTCHA configuration in a test environment before applying to production projects.

Authorizations

Authorization
string
header
required

The access token received from the authorization server in the OAuth 2.0 flow.

Path Parameters

id
string<guid>
required

The unique identifier of the project to configure.

Body

application/json

The reCAPTCHA configuration including site key, secret key, version (v2/v3), and optional score threshold.

Base structure for command requests that modify data.

id
string<guid>
recaptchaThreshold
number<double> | null

Response

Always returned. Check the success property in the response body to determine if the operation succeeded.

Standard response structure containing operation status and error information. Standard command response indicating the result of a data modification.

success
boolean

True if the operation completed successfully; false if an error occurred.

Example:

true

code
enum<string>

Result code indicating the outcome of the operation.

Available options:
Unknown,
Success,
BadRequest,
Unauthorized,
NotFound,
Error
Example:

200

errorMessage
string | null

Human-readable error message when an error occurs.

Example:

null