Skip to content


Switch branches/tags

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?

Latest commit


Git stats


Failed to load latest commit information.
Latest commit message
Commit time


Build Status Quality Gate Status Coverage Technical Debt Lightweight Java Bindings for reCAPTCHA V2. See Verifying the user's response | reCAPTCHA | Google Developers. Why lightweight? Provides a minimalist API and imposes no transitive dependencies on its user, except for SLF4J.


  • Get a public and a secret API key from Google.
  • Set up your client side to display the reCAPTCHA V2 widget, containing the public API key, as described here.
  • Send the response token to your server.


Add the latest stable version to the dependency management tool of your choice.


Maven Central

You can also get snapshot versions from our snapshot repository (for the most recent commit on develop branch). To do so, add the following repo to your pom.xml or settings.xml:


On your server:

  • Create a new instance of ReCaptcha,
  • passing the reCAPTCHA private API key (the one beloging to the public key used in your client code to generate the response).
  • Then validate the token sent by the client, you'll receive a boolean response.

It's as simple as that.

String response = "03AEHxwuyM-dll21GpJuJ65tGT6SVEvQEO3tvLfyxbbgBCaSdOLRQBT4Py-jMjGxplhE1wo7nn7Y6zRNgqUufFTnYDdqzYDTupfZkgx0LppSC3_eBKkODMopBaSBeeGMlt_wzkqWes5tAo34t2LmS0fGdwsE_feGJ_NsrB29NsUNAO78FGyL5DpL7f8K5dnh9Q_6QiN5Qg0MapUEu2w30r-GOI7MfVDMF7qk7wDwbM8uZmoIMn8AenNVKsZY0yEP6ghGVTBhtFvBVaD6jiHXeKztnAX1oLAvPa0jh9sJe20Dwk4jtmuemWKLI";
String secret = "sMSd8L8jlFrKGHdtbXePOphPfhJO_oA4A0sfvw0i";

new ReCaptcha(secret).isValid(response);

For trying out, see TestServer. Run it with these env vars

  • PORT

Error Handling

In case there are not technical problems Recaptcha.isValid() always returns a boolean. Otherwise a ReCaptchaException is thrown. If you need insight into the underlying HTTP traffic you best set the log level of all loggers de.triology.recaptchav2java to TRACE using your favorite SLF4J implementation.