Integrations and Connectors/Connectors/Setup Guides/Fraud

hCaptcha Connector

Use Descope's hCaptcha connector to secure your authentication flow. hCaptcha is a service that protects your site from spam and abuse that uses advanced risk analysis techniques to tell humans and bots apart.

This article will explain how to set up the connector and include it in your Descope authentication flow.

Configure hCaptcha connector

Start with the hCaptcha template on the Connectors page of the Descope Console.

Now, complete the required fields:

  • Connector name: Custom name for your connector. This will come in handy when creating multiple connectors from the same connector template.
  • Site Key: The unique site key generated in hCaptcha. For more information, see here.
  • Secret Key: The account secret key you get from hCaptcha. For more information, see here.
  • Bot Threshold (0-1): The bot threshold is used to determine whether the request is a bot or a human. The score ranges between 0 and 1, where 1 is a human interaction and 0 is a bot. If the score is below this threshold, the request is considered a bot.

And if you'd like, the optional fields:

  • Connector description: Describe what your connector is used for.
  • Override Assessment (For Testing): Allows for automated testing by overriding the assessment model with a custom score. Not intended for production environments, only for testing.
    • Assessment Score (0-1): When configured, the hCaptcha action will return the score without assessing the request. The score ranges between 0 and 1, where 1 indicates a human interaction and 0 indicates a bot.

You can test if your connector's configuration is working properly simply by hitting the Test button and viewing the Test Results panel.

hCaptcha connector initialization

Save your configuration by hitting Create.

Add your hCaptcha connector to a screen

Go to the Dashboard and open your flow. In the editor, select a screen (typically the first one), then find the hCaptcha widget under the Risk section. Drag it onto the screen and click Done.

hCaptcha connector placement in screen

Add your hCaptcha connector to the flow

Warning

Since the hCaptcha connector runs in the browser, the connector actions need to be added after at least one screen or action component in the flow.

Back in the flow editor, click the create(+) button, select Connector, and choose hCaptcha.

Click to set down the connector in your flow editor, and connect it at a point that comes after the screen with the hCaptcha widget that you added in the previous step. Now, hit Save.

hCaptcha connector placement

Whenever a user goes through your authentication flow, the hCaptcha connector will automatically run and the risk analysis will now be included in the flow riskInfo.riskScore key.

Was this helpful?

Elephant

Leverage Descope's Elephant connector to establish an identity trust score for new users

Sardine

Use Descope's connector to Sardine AI to evaluate login and onboarding risk using machine learning-based fraud detection.

On this page