Hello Google reCAPTCHA Team,
We are currently using the free version of Google reCAPTCHA, which has a limit of 50 allowed domains per key. We have already reached this limit with our existing customers.
We are considering upgrading to reCAPTCHA Enterprise, which supports up to 250 allowed domains per key. However, we expect to eventually exceed the 250-domain limit as we onboard more customers.
Could you please advise on the recommended long-term approach for this scenario? Specifically:
-
Is it possible to manage domain validation within our application code (server-side) rather than relying solely on the domain allowlist configured in reCAPTCHA?
-
If we exceed 250 domains, what are the supported options (for example, using multiple keys, alternative configurations, or other recommended best practices)?
Thank you,
Kotreshi Sakragoudra