Build reCAPTCHA Enterprise key configurations with web settings, WAF integration, and testing options.
Last verified: May 2026
Build reCAPTCHA Enterprise key configurations with web settings, WAF integration, and testing options.
Required Fields
namedisplayNamewebSettings.allowedDomainswebSettings.integrationTypeOutput will appear here...Build reCAPTCHA Enterprise key configurations with web settings, WAF integration, and testing options. This tool helps GCP engineers generate valid configurations quickly without consulting documentation, reducing errors and accelerating infrastructure deployment. All processing runs in your browser with no data sent to external servers.
No. This tool runs entirely in your browser and generates configuration JSON that you can copy and paste into your infrastructure-as-code templates, CLI commands, or cloud console. It never connects to any cloud account or sends data externally.
The tool produces syntactically valid configurations based on current GCP service specifications. Always review generated configs against your organization security policies and test in a non-production environment before deploying.
Your e-commerce site has been getting hammered by automated checkout bots scalping limited inventory. The builder generates a reCAPTCHA Enterprise SCORE-based site key for the checkout page, integrated with Cloud Armor — requests with score <0.3 are blocked at the edge, 0.3-0.7 get a checkbox challenge. Within hours of deploy, automated checkouts drop to near-zero; legitimate customers barely notice the protection because real humans get high scores invisibly. Cost: $0/month (under free tier limit) for the protection that was previously costing $30K+/year in scalped inventory.
The builder constructs reCAPTCHA Enterprise configurations: site key resource (display name, platform: WEB or ANDROID or iOS, integration type: SCORE or CHECKBOX, allowed domains, optional WAF integration setting), site key labels for analytics, and Cloud Armor integration policy referencing the site key. Output is generated as gcloud recaptcha commands and Terraform google_recaptcha_enterprise_key resources.
reCAPTCHA Enterprise scores requests on a 0.0-1.0 scale (1.0=human, 0.0=bot). Don't binary-block based on score alone — use score thresholds with progressive friction: score>0.7 allow, 0.3-0.7 challenge with CAPTCHA, <0.3 block. This minimizes false positive blocks while still stopping bots.
Integration with Cloud Armor lets you use reCAPTCHA scores in WAF rules — block requests with low scores at the edge BEFORE they hit your backend. This is dramatically more efficient than collecting the score in your app and rejecting after backend processing.
The free tier is generous (1M assessments/month free) — for most apps, reCAPTCHA Enterprise is essentially free. Above that, $1/1K assessments. Compared to alternatives (custom bot detection, Akamai Bot Manager) at $$$$/month, reCAPTCHA Enterprise is dramatically cheaper.
Was this tool helpful?
Disclaimer: This tool runs entirely in your browser. No data is sent to our servers. Always verify outputs before using them in production. AWS, Azure, and GCP are trademarks of their respective owners.