TrustCaptcha – Bot protection

Svelte CAPTCHA Integration

Add TrustCaptcha to your Svelte or SvelteKit forms in minutes to block bots and spam on sign-ups, logins and checkouts. Use a lightweight wrapper component with your site-key. Puzzle-free UX, EU-hosted and GDPR-ready, with risk score and security rules.

Quickstart

How the integration works

1. Create a CAPTCHA

Create a user account or log in with an existing one. Then create a new CAPTCHA or select an existing one. If you’re unsure whether TrustCaptcha is right for you, try our CAPTCHA service risk-free for 14 days at no cost.

On the CAPTCHA overview page, you will find all the important information, such as the site key, secret key and licence key. Allow your websites to access your CAPTCHA by simply adding them to the access authorised domain list in the CAPTCHA security rules.

CAPTCHA security rules of a demo CAPTCHA.

2. Integrate the CAPTCHA widget into your frontend

The following steps give you a rough idea of how to integrate the TrustCaptcha CAPTCHA widget into an Svelte frontend. For precise, detailed instructions, please read the CAPTCHA integration guide for Svelte in our documentation.

Read the documentation

First, install the Svelte wrapper package:

Install

bash

npm i trustcaptcha-svelte

Now insert the CAPTCHA widget, the so-called TrustCaptcha element HTML tag, into any HTML form:

App.svelte

svelte

<script lang="ts">
  import { TrustCaptcha } from "trustcaptcha-svelte";

  function solved(event: CustomEvent<string>) {
    const VerificationToken = event.detail;
    // send VerificationToken to your backend
  }

  function failed(event: CustomEvent) {
    const error = event.detail;
    // handle error
  }
</script>

<form>
  <!-- your input fields -->
  <TrustCaptcha
    sitekey="<your_SiteKey>"
    oncaptchaSolved={solved}
    oncaptchaFailed={failed}
  />
  <!-- further input fields / submit button -->
</form>

The CAPTCHA widget will now be displayed on your Svelte website:

Note: The Svelte wrapper is a community integration maintained on GitHub by Frederic Lehmann: FrediLehmann/trustcaptcha-svelte

Need detailed information about the Svelte CAPTCHA integration?
For detailed instructions on integrating TrustCaptcha, please refer to our Svelte CAPTCHA integration guide.

Other frontend technology instead of Svelte?
If you do not want to use Svelte or have several websites or applications, you can select a different framework or platform here. If there is no pre-built integration from us for your preferred frontend technology, your software developers can integrate the CAPTCHA themselves using our documentation or ask our support-team for a pre-built integration solution.

3. Validate the CAPTCHA result in your backend

Once the CAPTCHA is complete, take the verification token and send it to your backend. In your backend, retrieve the CAPTCHA verification result from our servers and validate the result. Depending on how high the bot risk is, you decide how to proceed. You can find detailed information on backend integration and result validation in our documentation.

Prebuild backend integrations
You can use one of our pre-built integrations to integrate the CAPTCHA validation process into your backend service. If there is no pre-built integration from us for your preferred backend technology, your software developers can integrate the CAPTCHA themselves using using our documentation or ask our support-team for a pre-built integration solution.

4. Congratulations 🎉

You are now protected by TrustCaptcha - congratulations!

FAQs

What do I need to get started with Svelte?

You need a site-key in your Svelte form and a backend endpoint that sends the verification token to TrustCaptcha using your SecretKey to fetch the verification result.

Does it work with SvelteKit and SSR?

Yes. Render the widget inside a form and validate the verification token on the server side. In SvelteKit, validate in your server code (form actions or endpoints).

How do I receive the verification token?

After solving, the widget writes the verification token into a hidden field (tokenFieldName) and also emits it via the oncaptchaSolved event, so you can send it to your backend.

How should I use the bot score?

The verification result includes verificationPassed and bot score. A common start is to accept below 0.5 and reject above 0.5, then adjust based on your traffic and risk tolerance.

Can I add multiple widgets or forms on one page?

Yes. You can use multiple widgets and forms. If you rely on hidden fields, set a unique tokenFieldName per form; with events, just handle each verification token separately.

How long is a verification token valid?

A verification token can typically be fetched once and should be checked quickly (often within 15 minutes). Place the widget near the submit button; longer validity can be configured on higher plans.

Can I customize the widget in Svelte?

Yes. Set theme, language and autostart on the component. Advanced options like invisible mode, custom design, and hiding branding require a license key.

Do I have to use the Svelte wrapper?

No. You can also integrate TrustCaptcha directly as a JavaScript web component in any Svelte app. The wrapper just makes installation and event handling more convenient.

Losing leads to CAPTCHAs?

TrustCaptcha blocks spam and bots, not customers. No puzzles, GDPR-ready, EU-hosted.

Puzzle-free UX

Runs in the background while visitors type — so more people finish your forms and fewer drop off.

GDPR-ready

EU-hosted and privacy-first: no cookies, encrypted transmission, automatic cleanup — with ready-to-use legal resources.

Multi-layer Security

Adaptive protection plus intelligent risk scoring stops abuse early — even when attack traffic spikes.

Full Control

Fine-tune sensitivity, set allow/block lists, and use geoblocking — you decide how strict verification should be.

Protect your Svelte application with TrustCaptcha in just a few steps!

EU-hosted & GDPR-ready
No puzzles
Try free for 14 days

Get started Contact sales