You are using an older browser that might negatively affect how this site is displayed. Please update to a modern browser to have a better experience. Sorry for the inconvenience!

Web-to-Case with reCAPTCHA


By: Radha

Introduction: 

As we already know, we can generate Cases from Email and Web using Email-to-Case and Web-to-Case respectively. Now in Spring 17, Salesforce introduces a feature to include reCAPTCHA in the web-to-case from. So that we can avoid spam cases. This change applies to both Lightning Experience and Salesforce Classic.

Steps to get Recaptcha key 

Prerequisite: We need to have Google Account

  1. Sign in to your Google Account
  1. Go to the link, Recaptcha Link
  1. Click Get Recaptcha Button.
  1. Enter the Label
  1. Choose the type of Recaptcha, you want

  1. Enter the domain where exactly your web to case form is hosted.

  1. Check the “Accept the reCaptcha Terms of Service” checkbox.
  1. Click Register Button.
  1. Once the reCaptcha registration is done, a Site key and Secret key will be generated.

To generate the Web to Case form with “reCAPTCHA”, 

  1. Go to Setup [Symbol] Build [Symbol] Customize [Symbol]Self-Service [Symbol] Web-to-Case[Symbol] Check “Enable Web-to-Case” check box.
  1. Go to Setup [Symbol] Build [Symbol] Customize [Symbol]Self-Service [Symbol] Web-to-Case HTML Generator
  1. Include the necessary fields which are need to be in the form.
  1. Check the Enable spam filtering (recommended) check box.
  1. Click on the lookup icon in reCAPTCHA API Key Pair.

  1. Click the New Button.
  1. Provide the API Key Pair Nickname, Secret Key and Site Key which generated earlier.

  1. Click the Save button.
  1. Click the Generate Button.

HTML Code for web-to-case form is generated with the script to generate reCAPTCHA. Now, we can move our web-to-case form to a Visualforce page by including the reCAPTCHA script.

Client Side Integration 

We can validate if the user submits form without checking the reCaptcha check box by using script,

Server Side Integration 

For Server side Integration, we need to send a POST request to the URL, https://www.google.com/recaptcha/api/siteverify with the following parameters

Secret Key Which is generated for your domain
response A part of payload with string name ‘g-recaptcha-response’
remoteIP The end user’s IP Address

 

Conclusion 

Using reCaptcha, we can avoid spam Cases in Salesforce, so that customer service agents can focus on actual cases and not on the spam cases.

Reference Links: 

  1. https://releasenotes.docs.salesforce.com/en-us/spring17/release-notes/rn_web2case_recaptcha.htm
  1. https://help.salesforce.com/articleView?id=customizesupport_web_to_case_enable_recaptcha.htm&language=en_US&type=0
  1. https://developers.google.com/recaptcha/docs/verify