Captcha

Infraon’s CAPTCHA integration enables organizations to embed their CAPTCHA systems for enhanced user verification. Businesses gain complete control over security checks by configuring API endpoints for CAPTCHA generation and validation. It also supports flexible request methods, headers, and parameters, offering a customizable and secure way to manage human verification during user interactions.

How to Install

Installation Steps

Step 1: Go to the Marketplace tab on the left navigation panel to begin the integration. Click on the Captcha card from the available integrations to open the plugin details page.

Step 2: On the plugin page, click the Install button to add the Captcha integration to your Infraon environment.

Once installed, the Captcha configuration page will become available for setup.

Captcha Configuration

This section allows you to configure how your custom or third-party CAPTCHA service will be connected. Users can define the API metadata, including request type and content type. These details are essential for initializing communication between the Infraon platform and the external CAPTCHA service.

Step 3: In this step, enter the basic CAPTCHA configuration details. Users are required to provide the general API information necessary to initiate the integration setup.

API Information | Basic Details

Once this information is entered, proceed to the Fetch Captcha Configuration section to define the API responsible for generating the CAPTCHA challenge.

Fetch Captcha Configuration

This section configures how Infraon fetches CAPTCHA challenges from the customer's external or third-party server. The system will make an API call to the configured URL using the defined headers and query parameters. The expected response should be a CAPTCHA text, which will be displayed for user verification.

Step 4: In this step, users must configure the API that retrieves the CAPTCHA image or code from the external service. Input the base URL along with any required headers and query parameters.

Fetch Captcha | Basic Details

Once the required fields are filled:

• Click on Test & Save to validate the connection.

• Upon success, a CAPTCHA text (based on the API response) will be displayed.

• A confirmation message will indicate that the CAPTCHA fetch configuration has been saved.

Expected API Response

This is the first API, responsible for retrieving the CAPTCHA challenge. The system expects the customer's API to return the following response fields:

Expected API Response from Customer:

{
"message": "success",
"captcha_image": "<base64_encoded_image_or_url>",
"alt_message": "Please enter the text you see"
}

• message – The value "success" must be returned to indicate a valid CAPTCHA generation.

• captcha_image – Should contain the CAPTCHA visual (as image or base64).

• alt_message – A fallback message to be displayed if the image isn’t available.

Verify Captcha Configuration

This section defines how Infraon validates the CAPTCHA input entered by the user. Once the CAPTCHA is displayed and filled by the user, this API will verify the correctness of the code through a call to the customer’s validation endpoint.

Step 5: Configure the CAPTCHA verification by providing the API endpoint and necessary parameters to validate the user-submitted CAPTCHA response.

Verify Captcha | Basic Details

After entering the above:

• Click on Test & Submit to verify and save the configuration.

• A success message will appear, and the integration will be ready.

• If the API returns an error, users may recheck the endpoint, headers, or parameter values.

Expected Payload and Response

This is the second API, responsible for validating the CAPTCHA code entered by the user.

Payload Sent to Customer:

{
"captcha_txt": "<user_input>"
}
Expected API Response from Customer:
{
"message": "success"
}

• captcha_txt – The value the user enters in the CAPTCHA input field.

• message – The response must contain "success" if the entered CAPTCHA is valid.

The integration is now completed.