Protect your forms from spam and bot submissions by integrating Google reCAPTCHA, a widely-used captcha solution that verifies your form is being submitted by a real person.
Bots and automated spam can quickly fill your inbox with junk submissions. This guide walks you through integrating reCAPTCHA into your form, so only real users get through.
reCAPTCHA integration is available on the Paid plan.
Follow these steps to add reCAPTCHA protection to your form.
Get Your reCAPTCHA Keys
Sign up at Google reCAPTCHA, register a new site using reCAPTCHA v3, then get your Site Key and Secret Key. Enable reCAPTCHA in Your Form Settings
Go to your form’s Settings page, add reCAPTCHA Protection, and paste in your Secret Key. PipedForm will use this to verify submissions on the server side.
Add the reCAPTCHA Widget to Your Form
Add the reCAPTCHA script to the <head> section of your page:<script src="https://www.google.com/recaptcha/api.js"></script>
Add the widget inside your form using your Site Key (replace your-site-key):<form id="demo-form" action="https://pipedform.com/f/{form_id}" method="POST">
<!-- ... -->
<button
class="g-recaptcha"
data-sitekey="your-site-key"
data-callback="onSubmit"
data-action="submit"
>
Submit
</button>
</form>
<script>
function onSubmit(token) {
document.getElementById("demo-form").submit();
}
</script>
Test Your Form
Submit a test entry through your form. If the reCAPTCHA challenge isn’t completed, PipedForm will reject the submission and it won’t be forwarded to any of your connected destinations.
For more advanced configuration options refer to the official reCAPTCHA documentation.
Notes:
- Both the Site Key (used in your form) and Secret Key (used in your form settings) are required for reCAPTCHA to work.
- If reCAPTCHA is enabled but the widget is missing from your form, all submissions will be rejected.