> ## Documentation Index
> Fetch the complete documentation index at: https://docs-dev-docs-event-stream-action-templates.mintlify.site/llms.txt
> Use this file to discover all available pages before exploring further.

> Learn how to configure third-party CAPTCHA provider integrations with Auth0 Bot Detection.

# Configure Third-Party CAPTCHA Provider Integrations

Auth0 supports several third-party CAPTCHA provider integrations for [Bot Detection](/docs/secure/attack-protection/bot-detection).

## Google reCAPTCHA Enterprise on Google Cloud Platform (GCP)

You can use Google reCAPTCHA Enterprise as a <Tooltip tip="Bot Detection: Form of attack protection in which Auth0 blocks suspected bot traffic by enabling a CAPTCHA during the login process." cta="View Glossary" href="/docs/glossary?term=Bot+Detection">Bot Detection</Tooltip> service for traffic exceeding 1 million assessments per month.

To learn how to configure reCAPTCHA Enterprise on GCP, read [Set up reCAPTCHA Enterprise ... on Google Documentation](https://cloud.google.com/recaptcha-enterprise/docs/authenticate-apis).

### Locate your GCP project ID

1. Go to your [Google Cloud Dashboard](https://console.cloud.google.com/).
2. Select your project in the drop-down menu to see the corresponding **Project ID**.
3. Make a note of the **Project ID** as you will need it later.

### Enable reCAPTCHA Enterprise

1. In the [Google Cloud Dashboard](https://console.cloud.google.com/), enter reCAPTCHA Enterprise API in the search bar, and then select it from the Marketplace results.
2. Select **Enable** to enable the API.

### Create a site key

1. In the [Google Cloud Dashboard](https://console.cloud.google.com/), enter reCAPTCHA Enterprise in the search bar, and then select it from the Marketplace results.
2. Select **Create Key**.
3. Under **Domain List**, add your Auth0 tenant domain.
4. Enable the toggle for **Disable domain verification**.
5. Enable the toggle for **Use checkbox challenge** to enable Google's "I am not a robot" verification checkbox.
6. Under **Challenge Security**, select a difficulty level for the challenge.
7. Select **Create Key**.
8. Make a note of the **Site Key** as you will need it later.

### Create an API key

1. In the [Google Cloud Dashboard](https://console.cloud.google.com/), enter Credentials in the search bar, and then select it from the results.
2. Select **Create Credentials > API Key**. Make a note of the **API Key** as you will need it later.
3. In the pop-up, select **Edit Key**.
4. Under **Application Restrictions**, select **IP addresses (web servers, cron jobs, etc.)**, and then enter the [Auth0 IP Addresses for Allow Lists](/docs/secure/security-guidance/data-security/allowlist).
5. Under **API Restrictions**, select **Restrict Key**, select **reCAPTCHA Enterprise API** from the drop-down list, and click OK.
6. Select **Save**.

## hCaptcha

The hCaptcha widget can protect your applications from bots, spam, and other forms of automated abuse.

To learn more about hCaptcha and how to get configuration details, read [Switch from reCAPTCHA to hCaptcha on hCaptcha Docs](https://docs.hcaptcha.com/switch).

## Friendly Captcha

Friendly Captcha is a system for preventing spam on your website. You can add the Friendly Captcha widget to your web app to fight spam, with little impact to the user experience.

To learn more about Friendly Captcha and how to get configuration details, read [Installation on Friendly Captcha Docs](https://docs.friendlycaptcha.com/#/installation?id=installation).

## Arkose

Arkose Labs provides a bot detection solution for mitigating human-based and bot-driven attacks. For more information on seamlessly integrating with Arkose as your CAPTCHA provider, see [Arkose Bot Manager](https://www.arkoselabs.com/arkose-bot-manager/).

<Warning>
  You must upgrade to Auth0.js v9.23+ to use Arkose as a CAPTCHA provider.
</Warning>

### Configure callback action with Auth0.js

When using Arkose as the CAPTCHA provider, the Auth0.js WebAuth client’s `renderCaptcha` method allows you to pass a callback function. The second parameter of the callback will be a payload object containing the `triggerCaptcha` function. The `triggerCaptcha` function can be used to configure how your application handles and renders the CAPTCHA prompt.

To learn more about configuring the `renderCaptcha` method, read [renderCaptcha](https://auth0.github.io/auth0.js/WebAuth.html#renderCaptcha) in the Auth0.js documentation.