Captcha Action

For sites that need to use captcha on multiple pages or for different workflows, an  (optional) ‘action’ parameter can be set on MTCaptcha initialization. This has the advantage of better analytics via the Admin Portal - dashboard and improved security.

<script>
var mtcaptchaConfig = {
  "sitekey": "<YOUR SITE KEY>",
  "action": "login"              
  // other examples: "register"  or "write-feedback" etc
}
...
</script>

Captcha Action Format & Constraints

The ‘action’ parameter string can be up to a maximum of 30 characters long and may contain any of the following chars

  • Alphanumeric (a-zA-Z0-9)
  • Dash ‘ - ’
  • Underscore ‘ _ ’
  • Dot ‘ . ’
  • Comma ‘ , ’

or for those more Regex inclined, it should match the following regex:

  • (^[a-zA-Z0-9\-\_\.\,]{0,30}$)

Note: The Admin Portal Dashboard only makes available the top 10 most used actions,  It must not contain any user specific or privacy sensitive information.

Check Action on Token Validate

See Development Guide - Validate Token for complete documentation on how to validate the VerifiedToken.

The tokeninfo.action field from a successful CheckToken API response (JSON Object) will contain the action string the captcha was initialized with. For improved security this action string should be checked for expected value.

{
  "success": true,
  "tokeninfo": {
    ...
    "action": "login",
    // the action this captcha was initialized with 
    ...
  }
}