Protect Widget Forms with Google reCAPTCHA

You can now enhance the security of your Trustmary widget forms by enabling Google reCAPTCHA protection. This feature helps prevent spam and automated form submissions, ensuring only genuine user interactions are recorded.


🧩 Overview

Google reCAPTCHA is a security service provided by Google that verifies user authenticity through advanced risk analysis techniques.

When integrated with your Trustmary widgets, reCAPTCHA helps block bots and malicious submissions without affecting the user experience.

Trustmary supports Google reCAPTCHA v3, which provides invisible, frictionless protection—no “I’m not a robot” checkboxes or image puzzles for your users.


⚙️ Step 1: Generate Google reCAPTCHA v3 Keys

To use reCAPTCHA, you need to create API keys (a site key and a secret key) from your Google Cloud Console.


  1. Go to the Google reCAPTCHA Admin Console.
  2. Sign in with your Google account (a Google Workspace or personal account works).
  3. Under “Register a new site”, fill in the following details:
  • Label: Enter a recognizable name (e.g., “Trustmary Widgets”).
  • reCAPTCHA type: Select reCAPTCHA v3.
  • Domains: Enter the domain(s) where your widget forms are embedded (e.g., yourcompany.com).
  1. Accept the reCAPTCHA Terms of Service.
  2. Click Submit.


Google will now generate two keys:

  • Site Key – used on the front end (your widget forms).
  • Secret Key – used by Trustmary’s servers to verify reCAPTCHA responses.


🔑 Step 2: Add reCAPTCHA Keys to Trustmary

Once you have your keys, you need to connect them to your Trustmary account.


  1. Log in to your Trustmary dashboard at app.trustmary.com.
  2. Navigate to: Settings → Developer
  3. Locate the section for CAPTCHA.
  4. Paste your:
  • Site Key in the Site Key field.
  • Secret Key in the Secret Key field.
  1. Click Save to apply the changes.


âś… Step 3: Enable CAPTCHA Protection on Widgets

After saving your reCAPTCHA keys, enable CAPTCHA protection individually for the widgets you want to secure.


  1. Go to the Widgets section in your Trustmary dashboard.
  2. Select the widget form you wish to protect.
  3. Open Widget Settings.
  4. Locate the “Enable reCAPTCHA” or “Form protection” toggle.
  5. Switch it ON.
  6. Save your widget settings.


Your widget form is now protected by Google reCAPTCHA v3.


🧠 Best Practices and Tips

  • Monitor your reCAPTCHA dashboard: In your Google reCAPTCHA Admin Console, you can review traffic analytics and potential abuse activity.
  • Avoid sharing your Secret Key: Treat it as sensitive data—never expose it in public repositories or client-side code.


🧩 Troubleshooting

Issue

Possible Cause

Solution

CAPTCHA not showing or triggering

Incorrect Site Key

Double-check that the Site Key matches the one in your Google Console

Form submissions still receive spam

reCAPTCHA not enabled for the widget

Verify that reCAPTCHA is toggled on for the widget

Error message during form submission

Secret Key mismatch or domain misconfiguration

Ensure both keys are valid and your domain is listed in Google reCAPTCHA settings


đź’¬ Need Help?

If you experience issues or need help obtaining reCAPTCHA keys, contact Trustmary Support at [email protected] or through the in-app chat.



Updated on: 30/10/2025

Was this article helpful?

Share your feedback

Cancel

Thank you!