gcloud recaptcha keys create - create a Key

gcloud recaptcha keys create--display-name=DISPLAY_NAME(--express    | [--android (--allow-all-package-names |--package-names=[PACKAGE_NAMES,…]) :--support-non-google-app-store-distribution]    | [--ios (--allow-all-bundle-ids |--bundle-ids=[BUNDLE_IDS,…]) :--key-id=KEY_ID--private-key-file=PATH_TO_FILE--team-id=TEAM_ID]    | [--web (--allow-all-domains |--domains=[DOMAINS,…]) :--allow-amp-traffic--integration-type=INTEGRATION_TYPE--security-preference=SECURITY_PREFERENCE--testing-challenge=TESTING_CHALLENGE [--default-score-threshold=DEFAULT_SCORE_THRESHOLD :--action-score-thresholds=[ACTION_SCORE_THRESHOLDS,…]]])[--labels=[KEY=VALUE,…]][--testing-score=TESTING_SCORE][--waf-service=WAF_SERVICE :--waf-feature=WAF_FEATURE][GCLOUD_WIDE_FLAG …]

--display-name=DISPLAY_NAME

A human-readable name for the key. Typically a site or app name.

Exactly one of these must be specified:

Options for the creation of a site key for Express.

--express

Creates a Key configured for Express assessments.

Options for the creation of a site key for Android.

--android

Creates a Key configured for Android devices.

This flag argument must be specified if any of the other arguments in this groupare specified.

--support-non-google-app-store-distribution

If set, this key can be used in an Android application that is available fordownload in app stores other than the Google Play Store.

This setting allows your key to accept traffic from devices without GoogleMobile Services (GMS) installed.

Exactly one of these must be specified:

--allow-all-package-names

If set, package name enforcement will NOT be enabled on this key.

--package-names=[PACKAGE_NAMES,…]

Android package names of apps allowed to use the key.

Example of a valid package name: 'com.companyname.appname'

Options for the creation of a site key for iOS.

--ios

Creates a Key configured for iOS devices.

This flag argument must be specified if any of the other arguments in this groupare specified.

Exactly one of these must be specified:

--allow-all-bundle-ids

If set, bundle id enforcement will NOT be enabled on this key.

--bundle-ids=[BUNDLE_IDS,…]

iOS bundle ids of apps allowed to use the key.

Example of a valid bundle id: 'com.companyname.productname.appname'

Fields that are required to perform Apple-specific integrity checks (recommendedfor iOS keys).

--key-id=KEY_ID

The Apple developer key ID (10-character string).

This flag argument must be specified if any of the other arguments in this groupare specified.

--private-key-file=PATH_TO_FILE

File path to a private key (downloaded as a text file with a .p8 file extension)generated for your Apple Developer account. Ensure that DeviceCheck is enabledfor the private key. Use a full or relative path to a local file containing thevalue of private_key_file.

This flag argument must be specified if any of the other arguments in this groupare specified.

--team-id=TEAM_ID

The Apple team ID (10-character string) owning the provisioning profile used tobuild your application.

This flag argument must be specified if any of the other arguments in this groupare specified.

Options for the creation of a site key for web.

--web

Creates a Key configured for websites.

This flag argument must be specified if any of the other arguments in this groupare specified.

--allow-amp-traffic

Whether this key can be used on AMP (Accelerated Mobile Pages) websites.

--integration-type=INTEGRATION_TYPE

Configures how reCAPTCHA will operate on your site. This only applies to 'web'platform.INTEGRATION_TYPE must be one of:

checkbox

Renders the classic "I'm not a robot" checkbox, and a captcha challenge for lowscoring events

invisible

Does not display the "I'm not a robot" checkbox, but may show CAPTCHA challengesafter risk analysis

policy-based-challenge

Conditionally displays a challenge based on the score

score

Shows no CAPTCHA challenge on the page

--security-preference=SECURITY_PREFERENCE

Represents the possible challenge frequency and difficulty configurations for aweb key. usability: show fewer and easier challenges. balance: show balanced (inamount and difficulty) challenges. security: show more and harder challenges.

SECURITY_PREFERENCE must be one of:balance,challenge-security-preference-unspecified,security,usability.

--testing-challenge=TESTING_CHALLENGE

For CHECKBOX and INVISIBLE Keys only, this option configures whether challengeswill be issued for execute requests.TESTING_CHALLENGEmust be one of:

challenge

Execute requests for this key will always return an unsolvable challengeconsisting of a message about this testing key.

nocaptcha

Execute requests for this key will always return nocaptcha.

Exactly one of these must be specified:

--allow-all-domains

If set, domain name enforcement will NOT be enabled on this key.

--domains=[DOMAINS,…]

Domains or subdomains of websites allowed to use the key. All subdomains of anallowed domain are automatically allowed. A valid domain requires a host andmust not include any path, port, query or fragment.

Examples of valid domains: 'example.com' 'subdomain.example.com'

Configure if you want to use the POLICY_BASED_CHALLENGE option.

--default-score-threshold=DEFAULT_SCORE_THRESHOLD

The global threshold to be used for POLICY_BASED_CHALLENGE if no action specificone exists.

This flag argument must be specified if any of the other arguments in this groupare specified.

--action-score-thresholds=[ACTION_SCORE_THRESHOLDS,…]

The action to score threshold used for POLICY_BASED_CHALLENGE. For example:--action-score-thresholds=login='{"scoreThreshold":"0.3"}',signup='{"scoreThreshold": "0.1"}' or--action-score-thresholds=file_path.(json|yaml).

KEY

SetsKEY value.

VALUE

SetsVALUE value.

scoreThreshold

SetsscoreThreshold value.

Shorthand Example:

--action-score-thresholds=string={scoreThreshold=float}

JSON Example:

--action-score-thresholds='{"string": {"scoreThreshold": float}}'

File Example:

--action-score-thresholds=path_to_file.(yaml|json)

--labels=[KEY=VALUE,…]

List of label KEY=VALUE pairs to add.

Keys must start with a lowercase character and contain only hyphens(-), underscores (_), lowercase characters, andnumbers. Values must contain only hyphens (-), underscores(_), lowercase characters, and numbers.

--testing-score=TESTING_SCORE

If set, all assessments for this key will return this score. Must be between 0(likely not legitimate) and 1 (likely legitimate) inclusive.

Options for the creation of a WAF-enabled key. For more information, pleaserefer tohttps://cloud.google.com/recaptcha-enterprise/docs/integration-overview.

--waf-service=WAF_SERVICE

The WAF service provider to use.WAF_SERVICE must be oneof:

akamai

Akamai

ca

Cloud Armor

cloudflare

Cloudflare

fastly

Fastly

This flag argument must be specified if any of the other arguments in this groupare specified.

--waf-feature=WAF_FEATURE

The WAF feature to use. For more information, seehttps://cloud.google.com/recaptcha-enterprise/docs/usecase#comparison_of_features.WAF_FEATURE must be one of:

action-token

Use reCAPTCHA action-tokens to protect user actions.

challenge-page

Redirects suspicious traffic to reCAPTCHA challenge page.

express

Assesses requests without tokens or frontend integration. This option isdeprecated, use --express instead.

session-token

Use reCAPTCHA session-tokens to protect the whole user session on the site'sdomain.

Run$gcloud help for details.