Let me know if this helps you guys,
Below is an example of the basic use case that google seems to want V3 users to follow.
For me their basic use case seems like it has one extra step that shouldn't be needed but nevertheless here it is.
Add this div to your form:
<div class="g-recaptcha" data-theme="dark" data-sitekey="<<[GOOGLE-RECAPTCHA-PUBLIC-SITE-KEY]>>"></div>
Once the script is added and you have an on script load callback assigned.
function scriptLoadCallback(){
grecaptcha.execute(reCaptchaKey, {action: 'your_page_context'}).then(
function(token){
//make ajax call and send the token .. pseudo code below
//I didn't want to take the space to write out the entire Ajax call
myAjaxFn('folder/serverSideScript.php',{token: token},
function(){
//final user experience tweak as a result of googles confidence in the submittion
}
);
}
);
}
//THE SERVER SIDE SCRIPT - PSEUDO CODE BELOW
//Sends a cors request to the verify url and sends the token
//the cors/curl/getUrl/get_file* response contains the JSON data
//that you can use to evaluate the likelihood that the user is a bot
//finally send a response back and have the UI respond accordingly via javascript
token = get_post_var('token')
final_result = json_decode(response);
if(final_result['success'] == true && final_result['action'] == 'your_page_context'){
if(final_result['score'] > .6){
//IT'S PROBABLY A HUMAN
return true;
}
}
//PROBABLY A BOT
return false
Note that the "action" is simply a contextual key that you use to see if the final JSON response returns the same action name so that you can use V3 throughout your site and track with confidence that the respose matches the correct page or form where the action occured.