The action parameter is a string label that tells Google what the user is doing — login, checkout, homepage, submit_form. It is required for reCAPTCHA v3 solving and affects the score returned.
If you pass the wrong action, the resulting token may be valid but the site's backend will reject it because the action in the token does not match the action it expects. Getting this parameter right is critical for successful reCAPTCHA v3 solving.
What the action parameter does
When a site calls grecaptcha.execute(), it passes an action string:
grecaptcha.execute('SITEKEY', { action: 'submit_form' });
This action is embedded in the token. When the site verifies the token with Google, the response includes:
{
"success": true,
"score": 0.9,
"action": "submit_form",
"challenge_ts": "2024-01-15T12:00:00Z",
"hostname": "example.com"
}
The backend checks that response.action === 'submit_form'. If you solved the captcha with action: 'homepage' instead, the token is valid but the action mismatch causes rejection.
How to find the correct action value
Method 1: Browser DevTools — Network tab
- Open DevTools → Network tab
- Filter by
recaptchaoranchor - Trigger the form submission or page interaction
- Look for
grecaptcha.executecalls in the Initiator column - The action value appears in the call parameters
Method 2: Search the page source
// In the browser console:
document.querySelectorAll('script').forEach(s => {
if (s.textContent.includes('action')) {
const match = s.textContent.match(/action['":\s]+['"](\w+)['"]/);
if (match) console.log('Found action:', match[1]);
}
});
Method 3: Search JavaScript files
- Open DevTools → Sources tab
- Press
Ctrl + Shift + Fto search all files - Search for
grecaptcha.executeoraction: - The action value is the string passed in the options object
Common action values
| Action | Typical usage |
|---|---|
homepage |
Landing page visit |
login |
Login form |
submit |
Generic form submission |
register |
Account registration |
checkout |
Payment page |
contact |
Contact form |
search |
Search queries |
Using the action parameter with CaptchaAI
Python
import requests
import time
response = requests.get("https://ocr.captchaai.com/in.php", params={
"key": "YOUR_API_KEY",
"method": "userrecaptcha",
"version": "v3",
"googlekey": "6LfZil0UAAAAADM1Dpz...",
"action": "login", # Must match the site's action
"pageurl": "https://example.com/login",
"json": 1
})
task_id = response.json()["request"]
for _ in range(30):
time.sleep(5)
result = requests.get("https://ocr.captchaai.com/res.php", params={
"key": "YOUR_API_KEY", "action": "get", "id": task_id, "json": 1
}).json()
if result.get("status") == 1:
token = result["request"]
break
Node.js
const axios = require('axios');
async function solveRecaptchaV3(sitekey, pageurl, action) {
const submit = await axios.get('https://ocr.captchaai.com/in.php', {
params: {
key: 'YOUR_API_KEY',
method: 'userrecaptcha',
version: 'v3',
googlekey: sitekey,
action: action,
pageurl: pageurl,
json: 1
}
});
const taskId = submit.data.request;
for (let i = 0; i < 30; i++) {
await new Promise(r => setTimeout(r, 5000));
const result = await axios.get('https://ocr.captchaai.com/res.php', {
params: { key: 'YOUR_API_KEY', action: 'get', id: taskId, json: 1 }
});
if (result.data.status === 1) return result.data.request;
}
throw new Error('Timeout waiting for solution');
}
solveRecaptchaV3('6LfZil0UAAAAADM1Dpz...', 'https://example.com/login', 'login')
.then(token => console.log('Token:', token));
What happens if you use the wrong action
| Scenario | Result |
|---|---|
| Correct action | Token accepted, request succeeds |
| Wrong action | Token valid but backend rejects due to action mismatch |
| Empty action | Some sites accept it; others reject |
| Action not found | Use homepage as a default — some sites do not validate the action |
FAQ
Is the action parameter required for reCAPTCHA v3?
Yes. Every grecaptcha.execute() call includes an action. If you omit it in your CaptchaAI request, the solver uses a default value that may not match the site's expectation.
Can I use any action value?
Technically, but the site's backend compares the action in the token to the expected value. Using the wrong action will likely cause rejection even with a high score.
Does the action affect the score?
Indirectly. Google may assign different risk models per action. A login action might have stricter scoring than a homepage action, but the score is primarily based on behavioral signals.
How do I find the action for single-page apps?
SPAs often call grecaptcha.execute dynamically. Set a breakpoint on grecaptcha.execute in DevTools or monitor XHR requests to identify when and with what action the call is made.
Discussions (0)
Join the conversation
Sign in to share your opinion.
Sign InNo comments yet.