reCAPTCHA:"ERROR for site owner: Invalid site key"

Question

I tried to set up reCAPTCHA, on my page by following the instructions here. I signed up for an API key pair and was issued a public key and a private key. It was not clear, to me, how the private key should be used and I could not find more information about it. It does not appear to be used on the page where reCAPTCHA is called.

I edited my page and put

<script src='https://www.google.com/recaptcha/api.js'></script>

before the closing </head> tag on my HTML template.

I also put

<div class="g-recaptcha" data-sitekey="my-public-key"></div>

where I want my reCAPTCHA widget to appear.

When I load my page, I get the message

Cannot contact reCAPTCHA. Check your connection and try again.

I also see the reCAPTCHA widget with the text

ERROR for site owner: Invalid site key

I have checked similar questions such as this, where the answer says the key is probably invalid but I have just generated it. I also saw this but I did not disable

Verify the origin of reCAPTCHA solutions

Answer 1

It wasn't obvious to me initially, but you have to supply your site key in 2 places:

1. In the render querystring parameter in the script source tag
2. As the first parameter of the javascript execute() method

Answer 2

Ensure you are using the correct recaptcha version. As of writing this post there is

Google reCAPTCHA V2

Google reCAPTCHA V3

Google reCAPTCHA Enterprise

Answer 3

I had simply forgotten to add the recapcha credentials to my production ENV file, thus only supplying "none" in the script tag.

Answer 4

In my case, I'm using Contact Form 7 plugin inside my WordPress CMS-based website, the problem was because I'm filtering/removing the query string from the enqueueing scripts e.g. script.js?**v=1.2**:

function mb_remove_script_version($src)
{
  $parts = explode('?', $src);
  return $parts[0];
}

add_filter('script_loader_src', __NAMESPACE__ . '\\mb_remove_script_version', 15, 1);

Answer 5

I also had to change from the reCaptcha type: v3 to v2. It's worked in my case. I think the reCaptcha docs are underdeveloped

Answer 6

I had same issue in my React app,recaptcha v3 give me error,reCapcha v2 works fine.Just change the version from v3 to v2,copy and paste site key and works like a charm.

Answer 7

I removed  following <div class="g-recaptcha" data-sitekey="***site-recaptcha-key****"></div> from the page and V3 still sending the reply as intended and the error is gone now. Tested and it does work as needed. 

Answer 8

Double check that you are using the "Site Key" and not the "Secret Key" inside the Google ReCaptcha settings. They look quite similar, so it's easy enough to make this mistake.

Answer 9

I had the same issue with reCAPTCHA v3 on my blog on Wordpres 4.5. When I replaced reCAPTCHA v3 with reCAPTCHA v2 the issue has gone.

Answer 10

I had this problem with Wordpress Contact Form plugin. Be sure that you have put correct domain at reCAPTCHA configure page. It should be without http:// or https://. For example, google.com. Regenerate api keys and update it in Admin/Contact/Integration. Then you will see recaptcha icon in the page bottom corner

Answer 11

I also face same problem from google reCAPTCHA console your project uncheck

1. Verify the origin of reCAPTCHA solutions
2. Send alerts to owners

both,then see from your contact form, its working from me just try it

Hope this helps!

Answer 12

I'm using Entrepreneur Wordpress theme which came with Formidable. I went to the reCAPTCHA Admin Console and created the Site and Secret Keys for "V2 Checkbox."

At first it wasn't working and I was getting the "ERROR for site owner: Invalid site key" message but figured out that the reason why was because I had put the "http://" before my domain.

After trial and error, I discovered that deleting the old reCAPTCHA for that domain, then creating a new one without the "http://" worked perfectly! Not sure if having or not having the "www." would matter for any other users.

Hope this helps!

Answer 13

Google stopped supporting TLS 1.0, make sure you making request with TLS1.1 or TLS 1.2

Use ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12; for .NET 4.5 and lower version

Answer 14

In my case it was using a wordpress site,

And I had chosen version 3 of captcha and it turns out the wordpress only supported version 2.

Answer 15

You need to ensure your site is added in the domains section of the google reCAPTCHA page where you generated the API key and save. Then test again. That worked for me.