# reCAPTCHA v2 reCAPTCHA v2 — commonly known as the “I’m not a robot” checkbox — is one of Google’s most widely used CAPTCHA types. It may appear as a simple interactive checkbox or trigger an image/audio challenge grid. Some sites also implement it **without a visible widget** see [reCAPTCHA Invisible Solving Guide](/guides/tasks/recaptcha-v2-invisible), relying instead on **callback functions** to handle verification. You can identify reCAPTCHA v2 by: - A visible checkbox with the label “I’m not a robot”. - The presence of `data-sitekey` in a `
`. - A script URL containing `www.google.com/recaptcha/api2/anchor` with a `k=` parameter. - Or, in callback-based implementations, a `data-callback="functionName"` attribute or a `callback` property in a `grecaptcha.render()` call. recaptcha-v2-widget.gif > **Demo**: Try the official [Google’s reCAPTCHA v2 demo](https://www.google.com/recaptcha/api2/demo). ## Integration Workflow 1. **Locate the Site Key and Page URL** - Extract the `data-sitekey` value from the HTML element, **or** - Parse the `k` parameter from a reCAPTCHA-related script URL (e.g., in network requests). - Record the full page URL where the CAPTCHA appears. 2. **Submit the task**: - **For API V1**: Send a request to `in.php` with: - `method=userrecaptcha` - `googlekey` = your extracted site key - `pageurl` = full page URL → See [API V1 – reCAPTCHA v2](/api/recaptcha-v2) - **API V2 COMING SOON** 1. **Receive a task ID** and wait **15–20 seconds**. 2. **Poll for the result**: - **API V1**: Use `res.php` with your task ID → See [API V1 – Get Result](/api/recaptcha-v2) - **API V2 COMING SOON** 1. **Apply the token** based on the site’s implementation: - **Standard (form-based) implementation** (most common): Inject the token into the hidden reCAPTCHA response field: ```javascript document.getElementById("g-recaptcha-response").innerHTML = "TOKEN_FROM_CAPTCHA_AI"; ``` Then submit the form (if not auto-submitted). - **Callback-based implementation**: Identify the callback function name by checking: - `data-callback="myFunction"` in the reCAPTCHA `
`, **or** - The `callback` property in `grecaptcha.render()`, **or** - The global config: `___grecaptcha_cfg.clients[0].aa.l.callback` (path may vary) Then invoke it directly with the token: ```javascript // Replace `myFunction` with the actual callback name myFunction("TOKEN_FROM_CAPTCHA_AI"); ``` This function can help you identify the callback function name, just copy-paste it in the developers console on the target web page: ```js function findRecaptchaClients() { if (typeof (___grecaptcha_cfg) !== 'undefined') { return Object.entries(___grecaptcha_cfg.clients).map(([cid, client]) => { const data = { id: cid, version: cid >= 10000 ? 'V3' : 'V2' }; const objects = Object.entries(client).filter(([_, value]) => value && typeof value === 'object'); objects.forEach(([toplevelKey, toplevel]) => { const found = Object.entries(toplevel).find(([_, value]) => ( value && typeof value === 'object' && 'sitekey' in value && 'size' in value )); if (typeof toplevel === 'object' && toplevel instanceof HTMLElement && toplevel['tagName'] === 'DIV'){ data.pageurl = toplevel.baseURI; } if (found) { const [sublevelKey, sublevel] = found; data.sitekey = sublevel.sitekey; const callbackKey = data.version === 'V2' ? 'callback' : 'promise-callback'; const callback = sublevel[callbackKey]; if (!callback) { data.callback = null; data.function = null; } else { data.function = callback; const keys = [cid, toplevelKey, sublevelKey, callbackKey].map((key) => `['${key}']`).join(''); data.callback = `___grecaptcha_cfg.clients${keys}`; } } }); console.log(data) return data; }); } console.log("Can't find any reCAPTCHA client!") return []; } ``` - The `g-recaptcha-response` field is often hidden or inserted dynamically—use DevTools to locate it. - Parameter names and payload formats differ between API V1 and V2—always refer to the correct specification. > **Note**: Never reuse reCAPTCHA tokens. Each token is single-use and tied to a specific session and action. -->