CAPTCHA Widget Overview

Here we explain how the TrustCaptcha CAPTCHA widget can be integrated and customized into any website frontend.

Supported Technologies

You can use TrustCaptcha with all common technologies and frameworks based on JavaScript. Supported is server-side Rendering (SSR), static site generation (SSG), and single-page applications (SPA). There is a pure JavaScript library. Separate NPM packages exist for Angular, React, and Vue.js.

CAPTCHA for JavaScript

CAPTCHA for Angular

CAPTCHA for React

CAPTCHA for Vue.js

This is how (or similarly) the implementation of the TrustCaptcha component on your website can look. Please refer to the respective tutorial that matches your programming language or framework.

<form>

  <!-- your input fields -->

  <trustcaptcha-component
    sitekey="<your_site_key>"
    (captchaSolved)="handleSuccess($event.detail)"
    (captchaFailed)="handleError($event.detail)"
  ></trustcaptcha-component>

  <!-- further input fields / submit button -->

</form>

The TrustCaptcha component contains a range of properties, methods, and events. Below you’ll find a listing of all existing ones.

Here is an overview of all available properties, methods, and events of the CAPTCHA widget.

Properties

Name	Since	Description	Allowed values / Notes
`sitekey`	-	Sitekey of the CAPTCHA. You can find this on the administration page of your CAPTCHA.	-
`width`	v1.4+	Width of the TrustCaptcha component.	`fixed` (default, fixed width) `full` (max possible width)
`language`	-	Display language of the TrustCaptcha component.	`auto` (default, auto detection, fallback English), `ar`, `be`, `bg`, `bs`, `ca`, `cs`, `da`, `de`, `el`, `en`, `es`, `et`, `fi`, `fr`, `hi`, `hr`, `hu`, `it`, `ko`, `lb`, `lt`, `lv`, `mk`, `nl`, `no`, `pl`, `pt`, `ro`, `ru`, `sk`, `sl`, `sq`, `sr`, `sv`, `tr`, `uk`, `zh`
`theme`	-	Display mode of the TrustCaptcha component.	`light` (default), `dark`, `media` (device setting)
`autostart`	-	Setting whether the CAPTCHA should start automatically.	`true` (default), `false`. See autostart guide
`license`	v1.6+	License key for special features such as `privacyUrl`, `hideBranding`, `customDesign` or `invisible`.	You can find the license key on your CAPTCHA settings
`hide-branding`	v1.6+	Setting to hide the TrustCaptcha logo. License key required	`true`, `false` (default)
`invisible`	v1.6+	Setting to make the CAPTCHA invisible. License key required	`true`, `false` (default)
`invisible-hint`	v1.8+	Shows a small message when the CAPTCHA runs invisibly (inline, right edge, or bottom-right). License key required	`inline`, `right-border` (default), `right-bottom`, `hidden`
`bypass-token`	v1.3+	For automated tests, bypass keys can be created in the settings to always pass the CAPTCHA.	-
`mode`	v1.3+	Set the data mode of the captcha. Must match the settings of the captcha.	`standard` (default), `minimal`
`token-field-name`	v1.1+	Name of the hidden field within the form in which the verification token is provided after a successful verification.	`tc-verification-token` (default)
`custom-translations`	v1.8+	Overwrite existing translations and/or add additional languages.	JSON array as a string. See custom translation guide
`custom-design`	v1.8+	Custom design adjustments for the TrustCaptcha component. License key required	JSON as a string. See custom design guide
`privacy-url`	v1.8+	Link to your privacy policy. License key required	A valid URL (e.g., `https://www.example.com/my-privacy-policy`)

Methods

Name	Since	Description
`startVerification()`	v1.6.1+	Manual start of the TrustCaptcha component.
`reset()`	-	Resets the TrustCaptcha component.

Events

Name	Since	Description
`captchaStarted`	v1.6+	Triggered when the CAPTCHA is started.
`captchaSolved`	-	Triggered when the CAPTCHA has been successfully solved.
`captchaFailed`	-	Triggered when solving the CAPTCHA has failed.
`captchaReset`	v1.7+	Triggered when the CAPTCHA is reset to the start setting.

Complete example

This is a pseudocode example with most of the available properties and events.

<form>

  <!-- your input fields -->

  <trustcaptcha-component
    sitekey="<your_site_key>"
    width="fixed"
    language="en"
    theme="light"
    autostart
    license="<license-key>"
    hide-branding
    custom-translations='[{"language":"en","boxCompleted":"I am a happy human"}]'
    custom-design='{"theme":{"light":{"boxDefaultBackground":"#eab308"}}}'
    privacy-url="https://www.example.com/my-privacy-policy"
    invisible
    invisible-hint="inline"
    token-field-name="tc-verification-token"
    bypass-token="&lt;bypass-token&gt;"
    mode="standard"
    (captchaStarted)="handleStart()"
    (captchaSolved)="handleSuccess($event.detail)"
    (captchaFailed)="handleError($event.detail)"
  ></trustcaptcha-component>

  <!-- further input fields / submit button -->

</form>

Advanced property information

Here you will find helpful tips and tricks about integrating the TrustCaptcha component into your frontend.

Autostart

By default, the verification process starts automatically as soon as a user interacts with the input fields that are in the same form as the CAPTCHA widget. To disable autostart, simply set the property autostart="false" directly on the TrustCaptcha component.

<form>

  <!-- your input fields -->

  <input id="input1" name="input1">

  <input id="input2" name="input2">

  <trustcaptcha-component
    sitekey="<your_site_key>"
    autostart="false"
  ></trustcaptcha-component>

  <!-- further input fields / submit button -->

</form>

It is also possible to disable the autostart trigger only for certain input fields.

<form>

  <!-- your input fields -->

  <input id="input1" name="input1">

  <input id="input2" name="input2" data-autostart="false">

  <trustcaptcha-component
    sitekey="<your_site_key>"
  ></trustcaptcha-component>

  <!-- further input fields / submit button -->

</form>

Custom Translations

The custom-translations attribute allows you to specifically override existing translations or add entirely new languages. It is a list of objects where each language is defined by the mandatory language field. Additionally, visible texts can be customized individually.

The translation object looks like this:

{
  "language": "en",
  "boxStart": "Start verification",
  "boxInProgress": "Verification in progress",
  "boxCompleted": "I am a human!",
  "endPrivacyPolicy": "Privacy",
  "ariaLabelStart": "CAPTCHA not started, click here to start the CAPTCHA",
  "ariaLabelRunning": "CAPTCHA in process",
  "ariaLabelDone": "CAPTCHA completed",
  "srRunning": "CAPTCHA verification started",
  "srDone": "CAPTCHA verification successfully completed",
  "srFailed": "CAPTCHA has failed due to a technical error. Please contact the support.",
  "srTrustcaptcha": "Go to the TrustCaptcha website",
  "srPrivacy": "Go to the privacy policy"
}

If an existing language is overridden, unspecified texts remain unchanged. For new languages, English serves as the default, and only the specified texts are added. The new translation texts can be passed to the TrustCaptcha component as follows.

Custom translations usage (plain HTML)

<trustcaptcha-component
  sitekey="<your_site_key>"
  language="en"
  custom-translations='[{ "language": "en", "boxCompleted": "I am a happy human" }]'
></trustcaptcha-component>

Custom translations usage (Angular property binding)

public customTranslations = JSON.stringify([
  {
    language: "en",
    boxCompleted: "I am a happy human"
  }
]);

<trustcaptcha-component
  sitekey="<your_site_key>"
  language="en"
  [customTranslations]="customTranslations"
></trustcaptcha-component>

Custom Design

The custom-design attribute allows you to customize the existing design of the TrustCaptcha component.

The design object looks like this:

{
  "rounding": {
    "box": "6px",
    "checkbox": "6px",
    "invisibleHint": "6px"
  },
  "theme": {
    "light": {
      "boxDefaultBackground": "#f9fafb",
      "boxDefaultText": "#374151",
      "boxDefaultBorder": "#d1d5db",
      "boxCheckboxBackground": "#ffffff",
      "boxCheckboxBorder": "#d1d5db",
      "boxSuccessBackground": "#f9fafb",
      "boxSuccessBorder": "#86efac",
      "invisibleHintBackground": "#ffffff"
    },
    "dark": {
      "boxDefaultBackground": "#1f2937",
      "boxDefaultText": "#e5e7eb",
      "boxDefaultBorder": "#374151",
      "boxCheckboxBackground": "#030712",
      "boxCheckboxBorder": "#374151",
      "boxSuccessBackground": "#1f2937",
      "boxSuccessBorder": "#15803d",
      "invisibleHintBackground": "#1f2937"
    }
  }
}

Only properties explicitly specified will be changed; all others retain default values. The design customizations can be passed to the TrustCaptcha component as follows.

Custom design usage (plain HTML)

<trustcaptcha-component
  sitekey="<your_site_key>"
  license="<license-key>"
  custom-design='{ "theme": { "light": { "boxDefaultBackground": "#eab308" } } }'
></trustcaptcha-component>

Custom design usage (Angular property binding)

public customDesign = JSON.stringify({
  theme: {
    light: {
      boxDefaultBackground: "#eab308"
    }
  }
});

<trustcaptcha-component
  sitekey="<your_site_key>"
  license="<license-key>"
  [customDesign]="customDesign"
></trustcaptcha-component>

The Verification Token

When the CAPTCHA widget is completely solved, the CAPTCHA returns a so-called verification token. This is a simple text/string. It is available in a hidden input field called tc-verification-token and is also propagated by the trustcaptcha component with the captchaSolved JavaScript event.

Send this token to your backend. For example, when the form containing the CAPTCHA is submitted, or independently via an API interface. With the help of the verification token, you can now retrieve the CAPTCHA verification result from our servers on the server side. Either via an API interface or with the help of one of our ready-made integrations. You can find out more about this in the result validation overview.

Error Message

If the CAPTCHA widget is not installed and configured correctly, or if an error occurs during the verification process, the TrustCaptcha component returns an error message via the captchaFailed event. You can use this to determine further steps or to correct the error directly. You can access the error message via $event.detail.

The error model looks like this:

{
  errorCode: 'UNKNOWN_ERROR',
  message: 'Unknown error.'
}

The error message includes an error code named errorCode. This provides information about the actual error and can be used to directly correct the error or to implement error handling.

Error Codes

Error Code	Description
`UNKNOWN_ERROR`	Unknown error.
`NO_FORM_FOUND`	No form found. Please note that the TrustCaptcha component must be within a form element.
`COMMUNICATION_FAILURE`	Communication failed. There may be problems with the internet connection or errors with the TrustCaptcha provider.
`NO_SITE_KEY_SPECIFIED`	No site key has been specified. Please take the site key from your CAPTCHA settings and provide it on your website.
`UNAUTHORIZED`	The request is not authorized. Please check your site key.
`SITE_KEY_NOT_VALID`	The site key is not valid. Please check the stored site key.
`MODES_NOT_MATCHING`	The set CAPTCHA mode of the TrustCaptcha component does not match the set mode in the CAPTCHA settings.
`CAPTCHA_NOT_ACCESSIBLE`	The CAPTCHA is not accessible. Please check if the domain or IP address of your website is listed in authorized websites the CAPTCHA settings.
`POW_FAILURE`	The cryptographic tasks were not correctly solved by the client.
`PAYMENT_REQUIRED`	The CAPTCHA is locked due to missing payment and a limited pricing plan. Please check your pricing plan and payment status or contact support.
`LOCKED`	The CAPTCHA is locked. Please contact support.
`LICENSE_INVALID`	The provided license key is invalid or does not match your CAPTCHA / the specified `sitekey`. Please verify the license key.
`OPTION_NOT_AVAILABLE`	The selected feature, such as `hideBranding` or `invisible`, is currently not available. Please check your current pricing plan and the provided license key.