TrustCaptcha
current language
English
Englisch
English
Deutsch
Deutsch
Sign inGet started
Python
TrustCaptcha – Bot protection

Python CAPTCHA Integration

Add TrustCaptcha to your Python backend to verify CAPTCHA results server-side and stop bot signups, spam submissions, and abuse. Works with any frontend widget and keeps the user flow puzzle-free. EU-hosted and GDPR-ready.

Quickstart

How the integration works

1. Create a CAPTCHA

Create a user account or log in with an existing one. Then create a new CAPTCHA or select an existing one. If you’re unsure whether TrustCaptcha is right for you, try our CAPTCHA service risk-free for 14 days at no cost.

On the CAPTCHA overview page, you will find all the important information, such as the site key, secret key and licence key. Allow your websites to access your CAPTCHA by simply adding them to the access authorised domain list in the CAPTCHA security rules.

Start of the CAPTCHA creation form.
CAPTCHA security rules of a demo CAPTCHA.

2. Integrate the CAPTCHA widget into your frontend

Integrate the CAPTCHA widget into your website or app. For precise, detailed instructions, please read the CAPTCHA widget guide in our documentation.

Read the documentation

The CAPTCHA widget will then be displayed on your website or app:

CAPTCHA done

Prebuild frontend integrations
You can use one of our pre-built frontend integrations to integrate the CAPTCHA widget into your website or application. If there is no pre-built integration from us for your preferred frontend technology, your software developers can integrate the CAPTCHA themselves using using our documentation or ask our support-team for a pre-built integration solution.

Android
Angular
Craft CMS
Flutter
iOS
JavaScript
Joomla
Keycloak
Magento 2
React
React Native
TYPO3
Vue
Webflow
WordPress

3. Validate the CAPTCHA result in your backend

The following steps give you an idea of how to retrieve the CAPTCHA verification result from our server in a Python backend and determine how to proceed based on this result. For precise, detailed instructions, please read the CAPTCHA integration guide for Python in our documentation.

Read the documentation

First, install our TrustCaptcha Python dependency:

Install
bash
pip install trustcaptcha

Retrieve the verification result from our server using the verification token and the secret key of your CAPTCHA:

Fetch Result
Python
# Retrieving the verification result
try:
  verification_result = CaptchaManager.get_verification_result("<your_secret_key>", "<verification_token_from_your_client>")
except Exception as e:
  # Fetch verification result failed - handle error
  print(f"Failed to fetch verification result: {e}")
  return jsonify({'error': 'Captcha verification failed'}), 500

Based on the verification results and your individual needs, decide how you would like to proceed:

Handle Result
Python
# Act on the verification result
if verification_result.verificationPassed is not True or verification_result.score > 0.5:
  print("Verification failed or bot score > 0.5 – possible automated request.")

Need detailed information about the Python CAPTCHA integration?
For detailed instructions on integrating TrustCaptcha, please refer to our Python CAPTCHA integration guide. A complete integration example for the Python CAPTCHA can be found in our CAPTCHA Samples Repository on Github.

Other backend technology instead of Python?
If you do not want to use Python on your server or have several different backends, you can select a different integration here. If there is no pre-built integration from us for your preferred backend technology, your software developers can integrate the CAPTCHA verification process themselves using our documentation or ask our support-team for a pre-built integration.

.Net
Go
Groovy
Java
Kotlin
Nodejs
PHP
Python
Ruby
Rust
Scala
Spring

4. Congratulations 🎉

You are now protected by TrustCaptcha - congratulations!

CAPTCHA done

FAQs

Do I still need a frontend (website or app) when I validate in Python?
Yes. The CAPTCHA always needs a frontend widget that the user can solve. After solving, the widget creates a verification token. Your Python backend must receive that verification token to validate the result.
How does the Python backend validation work in simple steps?
1) Your frontend shows the CAPTCHA widget. 2) The user solves it and your frontend receives a verification token. 3) Your frontend sends that verification token to your Python backend. 4) Your Python backend calls the TrustComponent verification API to fetch the result. 5) Based on the result, you allow, block, or add an extra step.
Does it matter how I send the verification token to my Python backend?
No. You can send the verification token in a form submit, in a JSON body, as a header, or any other method that fits your system. The important part is that your Python backend receives the verification token and validates it on the server side.
What information do I get back from the validation result?
You always get two key values: verification passed and a bot score. Verification passed is the hard yes/no decision (for example, it is false when your security rules block a request). The bot score is a risk rating from 0 (very likely human) to 1 (very likely bot), so you can fine-tune how strict you want to be.
What bot score threshold should I start with?
A practical starting point is 0.5: allow requests below 0.5 and block requests above 0.5 (only if verification passed is true). You can adjust the threshold to match your risk level, use different thresholds for different actions (login vs. contact form), or use a step-up flow (for example: allow, then email verification, then block).
How long is a verification token valid, and can I reuse it?
A verification token is designed for short-lived, secure validation. By default, it can be fetched only once and only within about 15 minutes. Some higher plans can adjust this within limits, but keeping the default is recommended for security reasons.
Losing leads to CAPTCHAs?

TrustCaptcha blocks spam and bots, not customers. No puzzles, GDPR-ready, EU-hosted.

CAPTCHA start
CAPTCHA done
Puzzle-free UX
Runs in the background while visitors type — so more people finish your forms and fewer drop off.
GDPR-ready
EU-hosted and privacy-first: no cookies, encrypted transmission, automatic cleanup — with ready-to-use legal resources.
Multi-layer Security
Adaptive protection plus intelligent risk scoring stops abuse early — even when attack traffic spikes.
Full Control
Fine-tune sensitivity, set allow/block lists, and use geoblocking — you decide how strict verification should be.

Protect your Python application with TrustCaptcha in just a few steps!

  • EU-hosted & GDPR-ready
  • No puzzles
  • Try free for 14 days
Get started Contact sales