Captcha enablement guide

Follow

Introduction

Captcha functionality is now available to enhance the security of external entry points into Connexys, for example, Application Forms.

Google offers reCAPTCHA (v3 and v2) to help you protect your sites from fraudulent activities, spam, and abuse. 

 

For Connexys, we have implemented support for Captcha V2 where users must tick a check box on external entry points.   Captcha can currently be enabled in the following places

  • cxsApplyFormExample
  • cxsSearchApply
  • cxsJobAlertRegister

 

 This guide should be used as a reference for the steps required to add Captcha functionality to your Connexys Application:

  • Google Account Configuration
  • Connexys Configuration

 

Prerequisites

  • A Google/Gmail account. This can be created specifically for this purpose, and need not be your normal email address used with your Connexys account. 
  • You will need to provide your Connexys domain for the setup process. If you are unsure of this, your System Administrator or Bullhorn Technical support can verify it for you.

1. Google Account Configuration

The Google reCAPTCHA V2 toolset requires a Google account to function. If you do not already have a Google account, you can create one specifically for this task.

The Google reCAPTCHA V2 account is provided by Google at no charge for up to one million requests per month. Please note this consideration when deciding whether to add this functionality.

General information on this tool, including details on advanced pricing can be found at: https://www.google.com/recaptcha/about/.

To proceed, navigate to https://www.google.com/recaptcha/admin/create. You will need to fill out the form as follows:

  1. Label – Informal naming of your Site. The recommendation is to use the format: “Your Company Name” Captcha.
    captcha1.png
  2. reCAPTCHA type – Choose reCAPTCHA V2 and select the option ‘I’m not a robot’ Checkbox.
    captcha2.png
  3. Domains – Enter the url of the page to add Captcha to here,, and press ENTER or click the + symbol as seen below to confirm it.
    captcha3.pngPlease note:
  • Your domain may look something like this (held in Site URL from Setup ->Sites) testsfcs1-resourcemanagertest-555f60.cs160.force.com 
  • Do not include https:// or the trailing / as it will not let you save it with those components.
  • Multiple domains/pages can be entered if you ever need to add this functionality to other sites.

4. Owners – Your email will default to this field, but you can add any others that may need to have access.
captcha4.png

5. Accept the reCAPTCHA Terms of Service – Google’s Privacy Policy, Terms of Use, and Terms of Service are linked for you to review and accept.
captcha5.png

6. Send Alerts to owners – This will send alerts for problems such as misconfiguration or increases in suspicious activities to the owners listed above.captcha6.png

7. Submit – Press to continue, or Cancel to not save the above choices. Once you have submitted the form with no error, you will be taken to the confirmation screen acknowledging your site has been registered. 

8. You will see a message with the label name of your company stating it has been registered.

captcha7.png

9. The SITE KEY and SECRET KEY are listed in two separate fields.

captcha8.png

10. Copy both Keys to for later use or to provide to Bullhorn Technical Support 

11. The GO TO SETTINGS button will take you back to edit any of the above fields/choices.

12. The GO TO ANALYTICS button will take you to the home page for your Captcha account. It will report on requests made using your new Captcha functionality.

captcha9.png

Note: You can remove your site/page from this feature by editing it in the Settings, but we would recommend disabling it in the Settings first to prevent poor experiences and login failures for anyone trying to log in while the Site and/or Secret Keys are no longer linked to your site. 

2. Connexys Configuration

1. Once you have completed the Google account configuration, you will get a Captcha Site key and Captcha Secret key. These need to be copied them  to Custom Settings -> Global settings -> reCAPTCHA Secret Key and reCAPTCHA Site Key. These settings are not visible for clients, so if changes are needed here you can contact our support via help@connexys.com where we can help you to get these settings added.

captcha10.png

2. To enable Captcha for JS form, additional parameters should be added to cxsForm creation:

 

useCaptcha:'{!captcha.useCaptcha}', captchaSiteKey:'{!JSENCODE(captcha.siteKey)}', captchaRemoteHost:'{!JSENCODE(remoteHost)}'

So cxsForm initializations should look like:

 

cxsForm.init({ prefix:"{!JSENCODE(packagePrefix)}", target:"#cxsFormHolder", server:myServer, jobId:"{!JSENCODE(positionId)}", eventId:"{!JSENCODE(eventId)}", candidateId:"{!JSENCODE(candidateId)}", jobAppId:"{!JSENCODE(applicationId)}", accessKey:"{!JSENCODE(accessKey)}", lang:'{!JSENCODE(lang)}', googleMapsApiKey:'{!JSENCODE(googleMapsApiKey)}', useCaptcha:'{!captcha.useCaptcha}', captchaSiteKey:'{!JSENCODE(captcha.siteKey)}', captchaRemoteHost:'{!JSENCODE(remoteHost)}' });

NOTE: If Captcha keys are not added to Global Settings Captcha, the checkbox will not be shown on sites/ pages

3. Lastly, add the end point - https://www.google.com/recaptcha/api/siteverify in SetUp->Security->Remote site settings.  Without this end point, users may see the error message -

captcha11.png

Was this article helpful?
0 out of 0 found this helpful

Comments

Powered by Zendesk