How to Validate Google reCAPTCHA in Java in 2023

What is Google reCAPTCHA

Google reCAPTCHA is a popular security tool used to protect websites from spam and abuse. It works by presenting users with a challenge, such as a puzzle or image recognition task, to prove that they are human and not a computer program. In this blog post, we’ll show you how to validate Google reCAPTCHA using Java.


Before we get started, make sure you have a Google reCAPTCHA account and have created a site to use reCAPTCHA. You’ll need the site’s secret key in order to validate the reCAPTCHA response in your Java code.


Here’s the code you’ll need to validate reCAPTCHA in Java:



public class CaptchaValidator {
private static final String USER_AGENT = "Mozilla/5.0";

public static boolean validateCaptcha(String secretKey, String response) throws Exception {
String url = "";

URL obj = new URL(url);
HttpsURLConnection con = (HttpsURLConnection) obj.openConnection();

con.setRequestProperty("User-Agent", USER_AGENT);
con.setRequestProperty("Accept-Language", "en-US,en;q=0.5");

String postParams = "secret=" + secretKey + "&response=" + response;

DataOutputStream wr = new DataOutputStream(con.getOutputStream());

int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer responseBuffer = new StringBuffer();

while ((inputLine = in.readLine()) != null) {

String responseString = responseBuffer.toString();

return responseString.contains("\"success\": true");

Explanation of the above code

In this code, the validateCaptcha method takes two arguments: the secretKey, which is the secret key provided by Google when you register for reCAPTCHA, and the response, which is the response token generated by the reCAPTCHA client-side library after the user solves the CAPTCHA.

The method sends a POST request to the Google reCAPTCHA API, including the secret key and response token, and receives a JSON response indicating whether the CAPTCHA was solved correctly or not. If the response contains the string "success": true, the CAPTCHA was solved correctly and the method returns true. Otherwise, the method returns false.

And that’s it! With these few lines of code, you can easily integrate Google reCAPTCHA into your Java-based website and protect it from spam and abuse.


In conclusion, Google reCAPTCHA is an essential tool for ensuring the security and integrity of your website. By using Java to validate reCAPTCHA responses, you can quickly and easily verify that users are indeed human and not malicious bots. This can help prevent spam, abuse, and other malicious activities that can harm your website and its users.

To recap, the code provided in this blog post allows you to send a POST request to the Google reCAPTCHA API with your secret key and reCAPTCHA response, and receive a JSON response indicating whether the reCAPTCHA was solved correctly. With this code, you can easily validate reCAPTCHA in your Java-based website and protect it from spam and abuse.

We hope this blog post has been helpful in showing you how to validate Google reCAPTCHA in Java. If you have any questions or comments, feel free to reach out!

Leave a Reply

Your email address will not be published. Required fields are marked *

Doubts? WhatsApp me !