Shibboleth Quick Start
We have developed a Java client to simplify some of these operations. If you'd like to access this client please contact us.
To get started, create a CAPTCHA:
curl "https://api.nettoolkit.com/v1/shibboleth/captchas" \
-H "X-NTK-KEY: $YOUR_KEY_HERE" \
-d options={type: 'BASIC'}
The server may return JSON output like the following:
{
"code":1000,
"results":[{
"id":"aDb5RwxQbdYkgovtL7vFtRPwuHxEhwsQ97jmvG6Lnux85gyI2fD98z2p_pcP6xMCE",
"type":"BASIC",
"displayInformation":{
"caption":"Type all of the characters"
}
}]
}
With JavaScript
For the advanced CAPTCHAs that require JavaScript, displayInformation is a JSON object that instructs the client JavaScript on how to initialize the CAPTCHA and should simply be passed from the server output to the CAPTCHA initialization. The JavaScript-based CAPTCHAs require the id of an HTML element to specify where the CAPTCHA should appear (specified through the JSON key elementId).
<!DOCTYPE >
<html>
<head>
<link rel="stylesheet" href="https://api.nettoolkit.com/shibboleth/all-captcha-0.0.1.css" />
</head>
<body>
<div id="demo"></div>
<form action="your_url_here" onsubmit=handleClick()>
<button type="submit">Verify</button>
</form>
<script type="text/javascript" src="https://api.nettoolkit.com/shibboleth/all-captcha-0.0.1.js?key=your_ntk_api_key_here"></script>
<script type="text/javascript">
const basicCaptcha = new Captcha.Captcha({
elementId: "demo",
captchaId: "aDb5RwxQbdYkgovtL7vFtRPwuHxEhwsQ97jmvG6Lnux85gyI2fD98z2p_pcP6xMCE",
type: "BASIC",
displayInformation: {
caption: "Type all of the characters",
}
});
function handleClick() {
const key = basicCaptcha.getUserAttempt();
// Send key to your server
}
</script>
</body>
</html>
No JavaScript
For CAPTCHAs that do not require JavaScript, the CAPTCHA id is used to retrieve the static image (https://api.nettoolkit.com/shibboleth/images/[id]).
<!DOCTYPE >
<html>
<body>
<img src="https://api.nettoolkit.com/shibboleth/images/aDb5RwxQbdYkgovtL7vFtRPwuHxEhwsQ97jmvG6Lnux85gyI2fD98z2p_pcP6xMCE">
<form action="your_url_here">
<input type="text" name="key" value="key">
<button type="submit">Verify</button>
</form>
</body>
</html>
After the client submits an attempt, your server can submit the client's attempt for verification.
curl "https://api.nettoolkit.com/v1/shibboleth/captchas/aDb5RwxQbdYkgovtL7vFtRPwuHxEhwsQ97jmvG6Lnux85gyI2fD98z2p_pcP6xMCE/verification" \
-H "X-NTK-KEY: $YOUR_KEY_HERE" \
-d submitted_key=nhyY3r6
The server may return something like the following, indicating that the client's attempt was successful:
{
"code":1000,
"query":{
"submitted_key":"nhyY3r6"
},
"results":[{
"pass":true
}]
}