The waiting room utilizes CAPTCHA challenges as a bot mitigation action. By default the Queue-it CAPTCHA challenge is presented to waiting room visitors. The Queue-it CAPTCHA comes at no additional cost.
You can choose to utilize a different type of CAPTCHA by bringing your own license. Current supported CAPTHAs are:
- Google reCAPTCHA Enterprise
- Google reCAPTCHA Invisible
Google reCAPTCHA
A Google Cloud account is required to utilize Google reCAPTCHA Enterprise and Invisible. Once the account is created two reCAPTCHA keys must be created. Once created Queue-it needs the following details:
- The Project ID of the Google Cloud project where the reCAPTCHA keys are created.
- The two IDs of the reCAPTCHA keys
- The two legacy secret keys of the reCAPTCHA keys
Please note that there is a fee associated with Google reCAPTCHA. Queue-it will invoke the siteverify endpoint to verify the CAPTCHA has been solved correctly. This endpoint has a free quota of 1.000.000 requests per month after which a fee will be charged. Only solved or rejected/failed challenges are charged. Please refer to https://cloud.google.com/recaptcha-enterprise/pricing for more information.
Google Cloud Account
If you do not already have a Google Cloud account, create one at https://console.cloud.google.com/freetrial/signup
- Activate your account by clicking the Activate button in the top right corner.
Add Queue-it Project
Create a new project named "Queue-it" using the project selector in the top left corner. After creating the project, select it in the project list.
NOTE: Please note the Project ID (in this example queue-it-397615). This needs to be used in below steps.
Browse to the console
Browse to "reCAPTHCA Enterprise" in the "Security" section of the menu. You may need to add this through the Marketplace (fund in the menu) if it is not already listed.
Cloud Shell
Activate the Cloud Shell by clicking the icon in the top right corner.
The Cloud Shell Terminal will appear in the bottom of the screen.
Create Service Account
Queue-it needs access to assert reCAPTCHA challenges using the Google Cloud API. In order to access this a IAM Service Account needs to be created and a service account key need to be create. The account will only have access to do assessments on reCAPTCHA Enterprise in the newly created project.
1. Type the following command to create an AIM Service Account with then name "queueit-recaptcha":
gcloud iam service-accounts create queueit-recaptcha \
--description="This service accounts grants access to Queue-it reCaptcha Keys" \
--display-name="Queue-it reCaptcha Service Account"
2. Type the following command to grant the newly created service account access to creating assessments (replace [PROJECTID] with the Project ID of the project created in the previous step):
gcloud projects add-iam-policy-binding [PROJECTID] \
--member="serviceAccount:queueit-recaptcha@[PROJECTID].iam.gserviceaccount.com" \
--role="roles/recaptchaenterprise.agent"
E.g. for the project created in the previous step this would be:
gcloud projects add-iam-policy-binding queue-it-397615 \
--member="serviceAccount:queueit-recaptcha@queue-it-397615.iam.gserviceaccount.com" \
--role="roles/recaptchaenterprise.agent"
3. Type the following command to create the service account key. The command will create a JSON file with the private key:
gcloud iam service-accounts keys create ~/queueit-private-key.json \
--iam-account=queueit-recaptcha@[PROJECTID].iam.gserviceaccount.com
E.g. for the project created in the previous step this would be:
gcloud iam service-accounts keys create ~/queueit-private-key.json \
--iam-account=queueit-recaptcha@queue-it-397615.iam.gserviceaccount.com
Download the newly created JSON file by clicking the "more" icon in the Cloud Shell terminal and select Download.
Type in the file name "queueit-private-key.json" and download the file.
Create Keys
Type the following command to create Enterprise key (replace the [CUSTOMERID] with your Queue-it Customer ID and add any additional waiting room domains in a comma separated list):
gcloud recaptcha keys create \
--web \
--display-name="Queue-it Enterprise Key" \
--integration-type=checkbox \
--domains=[CUSTOMERID].queue-it.net,[WAITING ROOM DOMAIN 1],[WAITING ROOM DOMAIN N]
E.g. for the customer "ninetronics" this would be:
gcloud recaptcha keys create \
--web \
--display-name="Queue-it Enterprise Key" \
--integration-type=checkbox \
--domains=ninetronics.queue-it.net,queue.ninetronics.com
Type the following command to create Invisible key (replace the customer id and add any additional waiting room domains in a comma separated list).
gcloud recaptcha keys create \
--web \
--display-name="Queue-it Invisible Key" \
--integration-type=invisible\
--domains=[CUSTOMERID].queue-it.net,[WAITING ROOM DOMAIN 1],[WAITING ROOM DOMAIN N]
E.g. for the customer "ninetronics" this would be
gcloud recaptcha keys create \
--web \
--display-name="Queue-it Invisible Key" \
--integration-type=invisible \
--domains=ninetronics.queue-it.net,queue.ninetronics.com
Close the Cloud Shell Terminal and refresh the reCAPTCHA Enterprise console page (F5)
Public and legacy secret keys
Copy the Key IDs of the two newly created reCAPTCHA keys by clicking the copy icon.
Copy the Legacy secret keys of the two newly created reCAPTCHA keys by navigating to "Overview" -> "Details". Then scroll down to the "Legacy reCAPTCHA secret key" section.
Submit a new ticket to support providing the 4 keys. E.g.:
- Enterprise Key
- ID: 6LdmxusnAAAAAOxQ...........................
- Legacy secret key: 6LdmxusnAAAAAgTy...........................
- Invisible Key
- ID: 6LdmxusnAAAAAlyo...........................
- Legacy secret key: 6LdmxusnAAAAAD5nk...........................
Attach the "queueit-private-key.json" file to the ticket.
Once submitted Queue-it will register the keys and automatically start using the keys.
Comments
0 comments
Please sign in to leave a comment.