Skip to main content
Version: 1.0.0


Description : Verify that user solved the challenge correctly.

Method : POST

Endpoint :

Request parameters :

challenge_idRequired. The field name arcaptcha-token token you received from your form
site_keyRequired. The sitekey you expect to see.
secret_keyRequired. Your account secret key.

Response body :

successStatus of challenge. Can be true or false
error-codes(optional)A brief description about possible errors

Example(NodeJS) :

const arcaptcha_api = "";

const result = await, {
challenge_id: req.body["arcaptcha-token"],
site_key: "SITE_KEY",
secret_key: "SECRET_KEY",
if ( {
// its OK
} else {
// throw Error

Error code reference

Error codeDescription
missing-input-sitekeyThe site_key parameter is missing.
missing-input-secretThe secret_key parameter is missing.
missing-input-responseThe challenge_id is missing.
bad-requestThe request is invalid or malformed.
invalid-input-sitekeyThe site_key parameter is invalid or malformed.
invalid-input-secretThe secret_key parameter is invalid or malformed.
invalid-input-responseThe challenge_id parameter is invalid or malformed.
timeout-or-duplicateThe challenge_id is no longer valid: either is too old or has been used previously.