Need help with recaptcha?
Click the “chat” button below for chat support from the developer who created it, or find similar developers for support.

About the developer

3.0K Stars 739 Forks BSD 3-Clause "New" or "Revised" License 217 Commits 111 Opened issues


PHP client library for reCAPTCHA, a free service to protect your website from spam and abuse.

Services available


Need anything else?

Contributors list

reCAPTCHA PHP client library

Build Status Coverage Status Latest Stable Version Total Downloads

reCAPTCHA is a free CAPTCHA service that protects websites from spam and abuse. This is a PHP library that wraps up the server-side verification step required to process responses from the reCAPTCHA service. This client supports both v2 and v3.

  • reCAPTCHA:
  • This repo:
  • Hosted demo:
  • Version: 1.2.4
  • License: BSD, see LICENSE


Composer (recommended)

Use Composer to install this library from Packagist:


Run the following command from your project directory to add the dependency:

composer require google/recaptcha "^1.2"

Alternatively, add the dependency directly to your

"require": {
    "google/recaptcha": "^1.2"

Direct download

Download the ZIP file and extract into your project. An autoloader script is provided in

which you can require into your script. For example:
require_once '/path/to/recaptcha/src/autoload.php';
$recaptcha = new \ReCaptcha\ReCaptcha($secret);

The classes in the project are structured according to the PSR-4 standard, so you can also use your own autoloader or require the needed files directly in your code.


First obtain the appropriate keys for the type of reCAPTCHA you wish to integrate for v2 at or v3 at

Then follow the integration guide on the developer site to add the reCAPTCHA functionality into your frontend.

This library comes in when you need to verify the user's response. On the PHP side you need the response from the reCAPTCHA service and secret key from your credentials. Instantiate the

class with your secret key, specify any additional validation rules, and then call
with the reCAPTCHA response and user's IP address. For example:
                  ->verify($gRecaptchaResponse, $remoteIp);
if ($resp->isSuccess()) {
    // Verified!
} else {
    $errors = $resp->getErrorCodes();

The following methods are available:

  • setExpectedHostname($hostname)
    : ensures the hostname matches. You must do this if you have disabled "Domain/Package Name Validation" for your credentials.
  • setExpectedApkPackageName($apkPackageName)
    : if you're verifying a response from an Android app. Again, you must do this if you have disabled "Domain/Package Name Validation" for your credentials.
  • setExpectedAction($action)
    : ensures the action matches for the v3 API.
  • setScoreThreshold($threshold)
    : set a score threshold for responses from the v3 API
  • setChallengeTimeout($timeoutSeconds)
    : set a timeout between the user passing the reCAPTCHA and your server processing it.

Each of the

methods return the
instance so you can chain them together. For example:
                  ->verify($gRecaptchaResponse, $remoteIp);

if ($resp->isSuccess()) { // Verified! } else { $errors = $resp->getErrorCodes(); }

You can find the constants for the libraries error codes in the

class constants, e.g.

For more details on usage and structure, see ARCHITECTURE.


You can see examples of each reCAPTCHA type in examples/. You can run the examples locally by using the Composer script:

composer run-script serve-examples

This makes use of the in-built PHP dev server to host the examples at http://localhost:8080/

These are also hosted on Google AppEngine Flexible environment at This is configured by

which you can also use to deploy to your own AppEngine project.


No one ever has enough engineers, so we're very happy to accept contributions via Pull Requests. For details, see CONTRIBUTING

We use cookies. If you continue to browse the site, you agree to the use of cookies. For more information on our use of cookies please see our Privacy Policy.