Maniphest T388891

Decide hCaptcha enterprise trial configuration
Closed, ResolvedPublic
Actions

Assigned To

Authored By

	• acooper
	Mar 14 2025, 3:00 PM

Tags

Referenced Files

None

Subscribers

Description

Summary

Decide between between single API site key or multiple keys grouped by domain/project.

Background

We need to plan how to configure hCaptcha Enterprise for the trial. Open questions:

Should we use a single API site key or multiple keys grouped by domain/project?
- For now, we are going to use a single sitekey for all of the projects.
Should the puzzle always be suppressed (focus on bot detection only)?
- We are using 99.9% passive and invisible modes.
Who needs access to the hCaptcha trial configuration (likely SRE)?
- We've enabled Okta sign-in (T388896) to handle access to configuration in dashboard.hcaptcha.com. SRE has access to private configuration related to the proxy.

A separate task will handle implementation (T397793).

User story

As staff, I want to decide the hCaptcha trial configuration so we can set it up correctly.

Specification

Decide API key structure (single key vs. grouped keys)
Decide puzzle suppression settings
Identify which team members (e.g. SREs) need access to configure the trial

Acceptance criteria

Decision made on API key structure
Decision made on puzzle suppression
Trial configuration access list confirmed

Related Objects
Search...

		Status	Subtype	Assigned	Task
		Resolved		sguebo_WMF	T388891 Decide hCaptcha enterprise trial configuration
		Resolved		kostajh	T382148 Enable hCaptcha on test2wiki
		Resolved	PRODUCTION ERROR	Reedy	T394814 Unable to have multiple captcha implementations in extension-list
		Resolved		• Dreamy_Jazz	T398026 Don't add hCaptcha score to debug logs unless configured
		Resolved		jijiki	T397841 Implement an hCaptcha IP blinding proxy prototype
					Restricted Task
		Resolved		ssingh	T404407 No Puppet resources found on instance deployment-urldownloader04 on project deployment-prep
		Resolved		ssingh	T404379 No Puppet resources found on instance deployment-urldownloader04 on project deployment-prep
		Resolved	BUG REPORT	bd808	T402919 No Puppet resources found on instance deployment-urldownloader04 on project deployment-prep
		Resolved		• Dreamy_Jazz	T399028 ConfirmEdit hCaptcha: Implement support for invisible mode
		Resolved		• Dreamy_Jazz	T398991 hCaptcha integration with secure enclave mode enabled causes all account creations to fail the captcha check

Event Timeline

• acooper created this task.Mar 14 2025, 3:00 PM

Restricted Application added a subscriber: Aklapper. · View Herald TranscriptMar 14 2025, 3:00 PM

• acooper updated the task description. (Show Details)Mar 14 2025, 3:01 PM

• acooper added a project: WE4.2 Bot detection (WE4.2 hCaptcha account creation trial).

• acooper updated the task description. (Show Details)

May need enterprise features enabling for secure enclave and proxy.

sguebo_WMF renamed this task from Configure hCaptcha enterprise for trial to Decide hCaptcha enterprise trial configuration.Jun 24 2025, 11:42 PM

sguebo_WMF added a project: Trust and Safety Product Sprint.

sguebo_WMF updated the task description. (Show Details)

sguebo_WMF removed a subscriber: • acooper.

sguebo_WMF mentioned this in T397793: Implement hCaptcha enterprise trial configuration.Jun 24 2025, 11:48 PM

sguebo_WMF updated the task description. (Show Details)

sguebo_WMF moved this task from Backlog to In progress on the WE4.2 Bot detection (WE4.2 hCaptcha account creation trial) board.Jun 25 2025, 2:28 AM

sguebo_WMF moved this task from In progress to Backlog on the WE4.2 Bot detection (WE4.2 hCaptcha account creation trial) board.Jun 25 2025, 2:30 AM

kostajh updated the task description. (Show Details)Jun 25 2025, 6:43 PM

sguebo_WMF changed the task status from Open to In Progress.Jun 25 2025, 7:02 PM

sguebo_WMF claimed this task.

sguebo_WMF triaged this task as Medium priority.

sguebo_WMF moved this task from Backlog to In progress on the WE4.2 Bot detection (WE4.2 hCaptcha account creation trial) board.

sguebo_WMF mentioned this in T382148: Enable hCaptcha on test2wiki.Jun 26 2025, 2:56 AM

sguebo_WMF added a subtask: T382148: Enable hCaptcha on test2wiki.

sguebo_WMF changed the status of subtask T382148: Enable hCaptcha on test2wiki from Stalled to In Progress.Jun 26 2025, 5:11 PM

• Dreamy_Jazz changed the status of subtask T382148: Enable hCaptcha on test2wiki from In Progress to Stalled.Jul 7 2025, 1:12 PM

• Dreamy_Jazz changed the status of subtask T382148: Enable hCaptcha on test2wiki from Stalled to Open.Jul 11 2025, 11:01 AM

kostajh closed subtask T382148: Enable hCaptcha on test2wiki as Resolved.Aug 20 2025, 6:07 AM

kostajh closed this task as Resolved.Aug 20 2025, 6:35 AM

kostajh updated the task description. (Show Details)