Captcha:Integration guide

Procedure

If you have questions during integration, submit a ticket to contact technical support.

Step 1: Activate CAPTCHA 2.0

1. Log on to the CAPTCHA 2.0 console.

2. On the Alibaba Cloud CAPTCHA 2.0 buy page, click Buy Now.

   On the Overview page of the CAPTCHA 2.0 console, view the identity of the CAPTCHA 2.0 instance that you purchase. You can use the identity to integrate CAPTCHA 2.0 into your business client.Identity For more information, see Integrate CAPTCHA 2.0 into a business client.

Step 2: Create a verification scenario

1. Log on to the CAPTCHA 2.0 console.

2. In the left-side navigation pane, click Scenarios.

3. On the Scenarios page, click Create Scenario.

4. In the Create Scenario panel, configure the following parameters and click OK.

   Parameter	Description
   Scenario Name	The name of the verification scenario. The name must be 1 to 32 characters in length and can contain letters, digits, and underscores (_).
   Client Type	The type of the business client on which you want to call CAPTCHA 2.0. Valid values: Web: If you select this option, you must integrate CAPTCHA 2.0 into your business client and business server. For more information, see the Call CAPTCHA 2.0 on a web or HTML5 client section of this topic. H5: If you select this option, you must integrate CAPTCHA 2.0 into your business client and business server. For more information, see the Call CAPTCHA 2.0 on a web or HTML5 client section of this topic. App(Webview+H5): If you select this option, you must integrate CAPTCHA 2.0 into your business client, business server, and application. For more information, see the Call CAPTCHA 2.0 on an application section of this topic. WeChat Mini Programs: If you select this option, you must integrate CAPTCHA 2.0 with your WeChat mini program. For more information, see Integrate CAPTCHA 2.0 with a WeChat mini program. Note WeChat mini programs do not support the invisible CAPTCHA mode and custom policies.
   Verification Type	The CAPTCHA type. Valid values: Invisible CAPTCHA: An invisible CAPTCHA is imperceptible to users. If you select this option, you must configure the Additional Challenge parameter. Valid values of the Additional Challenge parameter: Slider CAPTCHA, Puzzle Verification, Visual Reasoning CAPTCHA, and Image Restoration. Slider CAPTCHA: Users drag the slider to complete the CAPTCHA. Puzzle Verification: Users drag the slider to complete the puzzle. Visual Reasoning CAPTCHA: Users follow the displayed instructions to complete the CAPTCHA. Image Restoration: Users drag the slider to restore the image.
   Rule Status	The state of the verification scenario. Valid values: Official Release (default): In this state, CAPTCHA 2.0 works to defend website resources against access from malicious programs. After a business server initiates a verification request, CAPTCHA 2.0 performs risk verification and returns the verification result. Test Mode: In this state, CAPTCHA 2.0 only checks whether the access to CAPTCHA 2.0 is normal, but does not perform risk verification. CAPTCHA 2.0 returns only the verification result that you specify when you create the verification scenario. After the test is complete, you must change the state of the verification scenario to Official Release. It takes about 5 minutes for the state to take effect. In the Test Mode state, you can specify the verification result to return for different CAPTCHA types. If you set the Verification Type parameter to Invisible CAPTCHA and the Additional Challenge parameter to Slider CAPTCHA or Puzzle Verification, you can select Pass Invisible CAPTCHA, Fail Invisible CAPTCHA and Pass Additional Challenge, or Fail Invisible CAPTCHA and Additional Challenge. If you set the Verification Type parameter to Invisible CAPTCHA and the Additional Challenge parameter to Visual Reasoning CAPTCHA, you can select Pass Invisible CAPTCHA or Fail Invisible CAPTCHA. If you set the Verification Type parameter to Slider CAPTCHA, you can select Pass Verification or Fail Verification. If you set the Verification Type parameter to Puzzle Verification, you can select Pass Verification or Fail Verification. If you set the Verification Type parameter to Visual Reasoning CAPTCHA, the Test Mode state is not supported. If you set the Verification Type parameter to Image Restoration, you can select Pass Verification or Fail Verification. Important You are charged for each call to CAPTCHA 2.0 in a verification scenario regardless of whether the Rule Status parameter of the verification scenario is set to Official Release or Test Mode.

   After you create the verification scenario, view the scenario ID on the Scenario ID page. You can use the scenario ID to integrate CAPTCHA 2.0 into your business client. For more information, see the Step 3: Integrate CAPTCHA 2.0 section of this topic.

Step 3: Integrate CAPTCHA 2.0

Step 4: Verify the integration

1. Check whether CAPTCHA 2.0 is integrated into the business client

After you initiate a CAPTCHA request on the business client, open the browser console of the business page on which CAPTCHA 2.0 is integrated and view the information on the Network tab.

If all of the following information is displayed, CAPTCHA 2.0 is integrated into the business client:

• Initialization request, as marked by ① in the following figure

• CAPTCHA-related parameters of the initialization request that are displayed on the Preview tab, as marked by ② in the following figure, with the value of Success being true

• CAPTCHA resources, as marked by ③ in the following figure

2. Check whether CAPTCHA 2.0 is integrated into the business server

After you complete the CAPTCHA and business interaction on the business client, the business client sends the captchaVerifyParam parameter to the business server by calling an API operation. The business server calls the VerifyIntelligentCaptcha operation to initiate a verification request. Then, the CAPTCHA 2.0 server returns the verification result.

You can view the verification result, as marked by ② in the following figure, on the Preview tab of the server request, as marked by ① in the following figure. If the value of Success is true, CAPTCHA 2.0 is integrated into the business server. If the value of Success is false, CAPTCHA 2.0 fails to be integrated into the business server.

3. Check whether CAPTCHA 2.0 works as expected

After the business server returns the verification result and business processing result to the business client, the business client performs business processing based on the returned results. You can trigger a CAPTCHA challenge on the business client to check whether CAPTCHA 2.0 works as expected.

• Slider CAPTCHA, Puzzle Verification, or Visual Reasoning CAPTCHA: If a message appears to indicate that the verification is passed after you complete the CAPTCHA as prompted, CAPTCHA 2.0 works as expected.

• Invisible CAPTCHA: If your business interaction is implemented, CAPTCHA 2.0 works as expected. In a logon scenario, if a message appears to indicate that you have logged on after you log on by using the username and password, CAPTCHA 2.0 works as expected.

Step 5: Release CAPTCHA 2.0

After you perform the preceding steps, you can release CAPTCHA 2.0.

Related operations

View verification statistics

After CAPTCHA 2.0 is integrated, you can view verification statistics on the Overview page of the CAPTCHA 2.0 console. For more information, see View verification statistics.

Delete a verification scenario

1. On the Scenarios page, find the scenario that you want to delete and click Delete in the Actions column.

2. In the Confirm Delete dialog box, enter the scenario ID, select the check boxes for the risk information, and then click OK.