The Google reCAPTCHA integration lets you verify that actions in your WeWeb app are coming from real users, not bots:
Add reCAPTCHA checks to forms, buttons, and workflows
Validate user interactions before allowing submissions or actions
Use reCAPTCHA responses as conditions in WeWeb workflows
Protect authentication, contact forms, and data creation flows
Control when verification is required based on context or user state
What WeWeb supports natively
Category
Feature
What it does
Plugin setup
Google plugin / reCAPTCHA element
Exposes a dedicated reCAPTCHA element once the Google components are enabled, so you can drag-and-drop it into any page.
Key configuration
Site key field in element
Lets you paste your Google reCAPTCHA site key directly into the element’s “Site Key” property so the widget can render.
Version support
reCAPTCHA v2 checkbox
The built-in component is designed for reCAPTCHA v2 (checkbox style). Other variants like v3 require custom script integration beyond the native element.
Form integration
“Send value at submit” toggle
Provides a “Send value at submit” option that automatically includes the reCAPTCHA token value when a related form is submitted.
Workflow data
Token available in form payload
When enabled, the token can be accessed in the form submission payload and sent to your backend endpoint for server-side verification.
Security model
Backend verification expected
Official guidance is to verify the token with your secret key on the backend (Xano, Supabase, etc.) using Google’s verify endpoint; WeWeb handles only the client-side widget.
UI placement
Use on login/registration/contact forms
The element can be placed inside any WeWeb form (login, signup, contact, custom flows) to reduce bot submissions and abuse.
Why use WeWeb with Google reCAPTCHA
With WeWeb, and Google reCAPTCHA, you decide exactly when verification in your app happens and what should occur if it fails.
Perfect for:
Protecting sign-up and login forms from automated abuse
Preventing spam submissions in contact or support forms
Securing data creation flows in internal tools and dashboards
Adding safeguards to public-facing portals or lead capture apps
Validating sensitive actions like password resets or invitations
And more…
Integrating Google reCAPTCHA with WeWeb
Integrating Google reCAPTCHA with WeWeb is straightforward:
In the WeWeb Dashboard, add your Google reCAPTCHA keys
In the WeWeb Editor, add the reCAPTCHA plugin to your project
Place the reCAPTCHA element or action where verification is required
Use the reCAPTCHA result inside a workflow to allow or block the next step
Add reCAPTCHA to actions that need protection and avoid overusing it
Pair reCAPTCHA checks with clear error states so users understand what happened
For multi-step flows, validate reCAPTCHA as close as possible to the sensitive action
FAQs
1. How do I add Google reCAPTCHA to a WeWeb form?
Drag the reCAPTCHA element onto the same page as your form and position it inside or near the form. Then paste your reCAPTCHA site key into the element’s settings so the widget can render.
2. Which reCAPTCHA version does the native element support?
The built-in element is designed for reCAPTCHA v2 (the “I’m not a robot” checkbox style). Using v3 or Enterprise requires custom script integration rather than the default element.
3. Where do I configure my reCAPTCHA site and secret keys?
The site key is entered in the WeWeb reCAPTCHA element settings. The secret key should stay on your backend (Xano, Supabase, custom API) and is used to verify tokens with Google’s verification endpoint.
4. How does the reCAPTCHA token get sent to my backend?
Enable the “Send value at submit” option in the element. When the form is submitted, WeWeb includes the token in the form payload, which you can forward to your backend endpoint for verification.
5. How should my backend verify the reCAPTCHA token?
Your backend should call Google’s verification endpoint with the secret key and the token received from WeWeb. Only if Google returns a successful verification should the backend accept the form submission or complete the action.
6. Can reCAPTCHA be used on login and signup flows in WeWeb?
Yes, you can place the element on login, signup, or password‑reset forms to reduce credential stuffing and bot registrations.
