recaptcha icon indicating copy to clipboard operation
recaptcha copied to clipboard

Published 20 hours ago verified publisher icon ambethia

Invalid API key when using Enterprise

Open ephracis opened this issue 2 years ago • 5 comments

Hi,

I am trying to figure out how to configure this gem for Enterprise reCaptcha.

First issue I ran into was that it seems like one needs to specify config.site_key, even when using enterprise. Should this be the same as config.enterprise_api_key? If so, it seems weird to specify the same data twice.

Next issue is that my recaptcha_reply states:

{
  "error"=>{
    "code"=>400, 
    "message"=>"API key not valid. Please pass a valid API key.", 
    "status"=>"INVALID_ARGUMENT", 
    "details"=>[
      {
        "@type"=>"type.googleapis.com/google.rpc.ErrorInfo", 
        "reason"=>"API_KEY_INVALID", 
        "domain"=>"googleapis.com", 
        "metadata"=>{
          "service"=>"recaptchaenterprise.googleapis.com"
        }
      }
    ]
  }
}

I have tried using both the name of the key (that I chose), and the key ID (which was generated and is used in Googles example JS snippet), but I get the same error for both: Invalid API key.

Any ideas?

ephracis avatar Jun 30 '22 09:06 ephracis

seems like it's supposed to be a different key

      @site_key = ENV['RECAPTCHA_SITE_KEY']

... idk how this is supposed to work, please check other issues, the wiki or possibly the setup guide for other languages on where these come from

grosser avatar Jul 01 '22 15:07 grosser

@ephracis I was having the same problem. This worked for me.

  • config.site_key is the Recaptcha Enterprise key you see at your Recaptcha console.
  • config.enterprise_api_key has nothing to do with Recaptcha, it's an enterprise key of your Google Cloud Project, you should see it at https://console.cloud.google.com/apis/credentials.

This is the request the gem makes:

POST https://recaptchaenterprise.googleapis.com/v1/projects/ENV["RECAPTCHA_ENTERPRISE_PROJECT_ID"]/assessments?key=ENV["RECAPTCHA_ENTERPRISE_API_KEY"]

Body:
{
  "event": {
    "token": "TOKEN",
    "siteKey": ENV["RECAPTCHA_SITE_KEY"],
    "expectedAction": "USER_ACTION"
  }
}

matheusazzi avatar Jul 07 '22 19:07 matheusazzi

Even if using the RECAPTCHA_SITE_KEY as credentials, I received error

thadeu avatar Aug 21 '23 15:08 thadeu

@ephracis I was having the same problem. This worked for me.

  • config.site_key is the Recaptcha Enterprise key you see at your Recaptcha console.
  • config.enterprise_api_key has nothing to do with Recaptcha, it's an enterprise key of your Google Cloud Project, you should see it at https://console.cloud.google.com/apis/credentials.

This is the request the gem makes:

POST https://recaptchaenterprise.googleapis.com/v1/projects/ENV["RECAPTCHA_ENTERPRISE_PROJECT_ID"]/assessments?key=ENV["RECAPTCHA_ENTERPRISE_API_KEY"]

Body:
{
  "event": {
    "token": "TOKEN",
    "siteKey": ENV["RECAPTCHA_SITE_KEY"],
    "expectedAction": "USER_ACTION"
  }
}

Thank you for explaining, the Google documentation completely skipped over this important detail.

joshh20 avatar Apr 03 '24 20:04 joshh20

if the readme can be clearer about that, please make a PR :)

grosser avatar Apr 04 '24 15:04 grosser