### Run Sentinel Installation Script
Source: https://altcha.org/docs/v2/sentinel/install/docker-compose
Download and execute the installation script on your Ubuntu 24.04 server. This script handles package updates, Docker setup, user creation, firewall configuration, and Fail2ban installation.
```bash
bash <(curl -s https://raw.githubusercontent.com/altcha-org/sentinel-install-scripts/main/install-ubuntu-24-04.sh)
```
--------------------------------
### Install Altcha Sentinel with Default Settings
Source: https://altcha.org/docs/v2/sentinel/install/kubernetes
Install the Altcha Sentinel chart using default configuration values.
```bash
helm install altcha-sentinel altcha-org/sentinel
```
--------------------------------
### Nuxt Setup for ALTCHA Widget
Source: https://altcha.org/docs/v2/migration/widget-v2
Configure ALTCHA in a Nuxt application using the Composition API with a script setup block. This example includes importing 'altcha' and declaring the 'altcha-widget' component globally.
```html
```
--------------------------------
### Switch to Altcha User and Start Sentinel
Source: https://altcha.org/docs/v2/sentinel/install/docker-compose
Switch to the dedicated 'altcha' user and navigate to the installation directory to start Sentinel. The default password is 'altcha123'.
```bash
su - altcha
```
```bash
cd ~/altcha
./start.sh
```
--------------------------------
### Install ALTCHA Package
Source: https://altcha.org/docs/v2/how-to/captcha-react-example
Commands to install the ALTCHA library using npm or yarn.
```bash
npm install altcha
```
```bash
yarn add altcha
```
--------------------------------
### Install Altcha Sentinel with Customized Settings
Source: https://altcha.org/docs/v2/sentinel/install/kubernetes
Install Altcha Sentinel with specific configurations for namespace, image tag, service type, ingress, and persistence.
```bash
helm install altcha-sentinel altcha-org/sentinel \
--namespace sentinel \
--create-namespace \
--set image.tag="1.0.0" \
--set service.type=LoadBalancer \
--set ingress.enabled=true \
--set ingress.hosts[0].host=sentinel.yourdomain.com \
--set persistence.enabled=true \
--set persistence.size="20Gi"
```
--------------------------------
### Readiness Probe Response
Source: https://altcha.org/docs/v2/sentinel/advanced/monitoring-logging
Example JSON response from the /.ready endpoint indicating server readiness.
```json
{
"status": "ready",
"timestamp": "2025-05-12T14:06:08.460Z",
"version": "1.0.0"
}
```
--------------------------------
### POST /v1/similarity - Match Against Examples
Source: https://altcha.org/docs/v2/sentinel/how-to/detect-spam-with-similarity
Compares a given input text against a list of provided examples to determine similarity scores.
```APIDOC
## POST /v1/similarity
### Description
Compares a given input `text` against a list of `examples` to determine semantic similarity scores.
### Method
POST
### Endpoint
`/v1/similarity`
### Parameters
#### Request Body
- **examples** (array of strings) - Required - A list of example strings to compare against.
- **text** (string) - Required - The input text to be analyzed.
### Request Example
```json
{
"examples": [
"Claim your exclusive reward now by clicking the link below!",
"Get your exclusive prize now by visiting this link!",
"Don't miss out—claim your unique prize by clicking below!",
"The weather today is sunny and perfect for a walk in the park."
],
"text": "Claim your exclusive prize now by clicking the link below!"
}
```
### Response
#### Success Response (200)
- **matches** (object) - Contains the similarity matching results.
- **examples** (object) - Results for example matching.
- **matches** (array of objects) - List of matched examples with their scores.
- **example** (string) - The example text that was matched.
- **score** (number) - The similarity score (0-1).
- **time** (number) - The time taken for the matching process in milliseconds.
#### Response Example
```json
{
"matches": {
"examples": {
"matches": [
{
"example": "Claim your exclusive reward now by clicking the link below!",
"score": 0.85
},
{
"example": "Get your exclusive prize now by visiting this link!",
"score": 0.9
},
{
"example": "Don't miss out—claim your unique prize by clicking below!",
"score": 0.74
},
{
"example": "The weather today is sunny and perfect for a walk in the park.",
"score": 0
}
],
"time": 24.833
}
}
}
```
```
--------------------------------
### Configure PostgreSQL with TLS/SSL
Source: https://altcha.org/docs/v2/sentinel/advanced/performance-tuning
Example connection string for connecting to a PostgreSQL instance with mandatory TLS/SSL encryption.
```text
postgresql://user:password@localhost:5432/altcha_sentinel?sslmode=require
```
--------------------------------
### Request Challenge with Parameters
Source: https://altcha.org/docs/v2/sentinel/advanced/custom-parameters
Example of a GET request to the challenge endpoint with multiple custom parameters.
```http
GET /v1/challenge?params.abc=123¶ms.def=456
```
--------------------------------
### Match Input Text Against Examples
Source: https://altcha.org/docs/v2/sentinel/how-to/detect-spam-with-similarity
Compare a specific input string against a provided list of spam-like examples using a POST request.
```bash
curl -X POST http://localhost:8080/v1/similarity \
-H "Content-Type: application/json" \
-H "Authorization: Bearer {API_KEY}" \
-d '{
"examples": [
"Claim your exclusive reward now by clicking the link below!",
"Get your exclusive prize now by visiting this link!",
"Don'\''t miss out—claim your unique prize by clicking below!",
"The weather today is sunny and perfect for a walk in the park."
],
"text": "Claim your exclusive prize now by clicking the link below!"
}'
```
```json
{
"matches": {
"examples": {
"matches": [
{
"example": "Claim your exclusive reward now by clicking the link below!",
"score": 0.85
},
{
"example": "Get your exclusive prize now by visiting this link!",
"score": 0.9
},
{
"example": "Don't miss out—claim your unique prize by clicking below!",
"score": 0.74
},
{
"example": "The weather today is sunny and perfect for a walk in the park.",
"score": 0
}
],
"time": 24.833
}
}
}
```
--------------------------------
### Install ALTCHA Sentinel Helm Chart
Source: https://altcha.org/docs/v2/sentinel/advanced/clustering
Install the ALTCHA Sentinel Helm chart using your customized `values.yaml` file. This command deploys the Sentinel application to your Kubernetes cluster.
```bash
helm install altcha-sentinel altcha-org/sentinel -f values.yaml
```
--------------------------------
### Install ALTCHA using npm
Source: https://altcha.org/docs/v2/how-to/captcha-angular-example
Install the ALTCHA package in your Angular project using npm. This command fetches and installs the necessary libraries.
```bash
npm install altcha
```
--------------------------------
### SvelteKit Integration with ALTCHA
Source: https://altcha.org/docs/v2/migration/widget-v2
Integrate ALTCHA into a SvelteKit application by importing the 'altcha' package and its Svelte types. This example shows the basic setup within a Svelte component.
```html
```
--------------------------------
### Liveness Probe Response
Source: https://altcha.org/docs/v2/sentinel/advanced/monitoring-logging
Example JSON response from the /.live endpoint confirming the server is running.
```json
{
"status": "alive",
"timestamp": "2025-05-12T14:06:57.007Z",
"version": "1.0.0"
}
```
--------------------------------
### ClickHouse Connection URL Example
Source: https://altcha.org/docs/v2/sentinel/advanced/clickhouse
Example format for the ClickHouse connection URL. Set the CLICKHOUSE_URL environment variable to this value to enable logging.
```plaintext
http://user:password@localhost:8123/altcha_sentinel
```
--------------------------------
### Install ALTCHA Package via NPM
Source: https://altcha.org/docs/v2/widget-integration
Install the latest version of the altcha package using NPM. This is the recommended method for Node.js projects.
```bash
npm install altcha
```
--------------------------------
### Configure Custom Base URL
Source: https://altcha.org/docs/v2/sentinel/advanced/ai-providers
Example of providing a custom API endpoint via the AI_PROVIDER_OPTIONS variable.
```bash
AI_PROVIDER_OPTIONS={"apiKey":"abc123...","baseURL":"https://api.openai.com/v1"}
```
--------------------------------
### Install ALTCHA using yarn
Source: https://altcha.org/docs/v2/how-to/captcha-angular-example
Install the ALTCHA package in your Angular project using yarn. This command fetches and installs the necessary libraries.
```bash
yarn add altcha
```
--------------------------------
### Example URL for Context Override
Source: https://altcha.org/docs/v2/sentinel/advanced/context-override
Pass the encrypted context data as a URL query parameter to override context.
```plaintext
/v1/verify?context={ENCRYPTED_CONTEXT_DATA}
```
--------------------------------
### Import ALTCHA Widget and Basic Usage
Source: https://altcha.org/docs/v2/migration/widget-v2
Import the 'altcha' npm package to register the Web Component for basic usage. This example shows how to include the script and use the altcha-widget with a challenge URL.
```html
```
--------------------------------
### Minimal ENV Configuration for ALTCHA Sentinel
Source: https://altcha.org/docs/v2/sentinel/advanced/clustering
This is a minimal environment configuration example for ALTCHA Sentinel, including license, database URLs, and secret seed.
```env
# License
LICENSE_KEY=XXXXXXXXXXXXXXXXXXXXXXXXX
# Databases
POSTGRES_URL=postgresql://user:password@localhost:5432/altcha_sentinel
REDIS_URL=redis://default@localhost:6379
# Auto-generate secrets from the seed (CHANGE THE SEED VALUE)
SECRET_SEED=3Wtd47Um6JxIYUO9Wz27g448
```
--------------------------------
### Start ALTCHA Container
Source: https://altcha.org/docs/v2/sentinel/install/docker
Runs the container in detached mode, mapping port 8080 and mounting the persistent volume.
```bash
docker run -d -p 8080:8080 -v altcha_sentinel_data:/data ghcr.io/altcha-org/sentinel:latest
```
--------------------------------
### Download Attachment Request
Source: https://altcha.org/docs/v2/sentinel/how-to/email-spam-filter
Example of the GET request used to download an attachment using the key extracted from the contentUri.
```http
GET /v1/blobs/eml/attachments/2025-09-01/2c39908c3aa32a6484fd405a7c2f782e.png?size=11998&type=image%2Fpng&filename=image.png
```
--------------------------------
### Configure ALTCHA Sentinel values.yaml for Kubernetes
Source: https://altcha.org/docs/v2/sentinel/advanced/clustering
This is an example `values.yaml` file for deploying ALTCHA Sentinel on Kubernetes. It configures the number of replicas, persistence settings, and loads environment variables from a Kubernetes secret.
```yaml
# Set the number of pods to run
replicaCount: 3
# (Optional) Disable persistent volumes.
# Keep persistence enabled for efficient caching of external data sources such as threat intelligence data.
persistence:
enabled: false
# Load ENV variables from the secret
envFrom:
- secretRef:
name: altcha-sentinel-secrets
```
--------------------------------
### Configure Environment Variables via CLI
Source: https://altcha.org/docs/v2/sentinel/install/kubernetes
Set environment variables for Altcha Sentinel during installation using CLI parameters.
```bash
helm install altcha-sentinel altcha-org/sentinel \
--set env[0].name=LOG_LEVEL \
--set env[0].value=debug
```
--------------------------------
### Loading Translations via CDN
Source: https://altcha.org/docs/v2/internationalization-i18n
Example URL for loading a specific language translation file from the CDN.
```text
https://cdn.jsdelivr.net/gh/altcha-org/altcha/dist/i18n/fr-fr.min.js
```
--------------------------------
### Configure Environment Variables via values.yaml
Source: https://altcha.org/docs/v2/sentinel/install/kubernetes
Define environment variables for Altcha Sentinel in a values.yaml file and apply it during installation.
```yaml
env:
- name: LOG_LEVEL
value: "debug"
```
--------------------------------
### POST /v1/similarity - Using Predefined Training Data Groups
Source: https://altcha.org/docs/v2/sentinel/how-to/detect-spam-with-similarity
Matches input text against predefined training data groups instead of direct examples.
```APIDOC
## POST /v1/similarity (Using Training Groups)
### Description
Matches the input `text` against predefined training `groups` instead of passing `examples` directly. This is useful for leveraging existing spam datasets.
### Method
POST
### Endpoint
`/v1/similarity`
### Parameters
#### Request Body
- **groups** (array of strings) - Required - Names of the predefined training data sets to use.
- **text** (string) - Required - The input text to analyze.
- **partial** (boolean) - Optional - Set to `true` to enable partial matching.
### Request Example
```json
{
"groups": ["chat_spam"],
"text": "Don't waste your money on expensive sneakers! Text me on WhatsApp +123123123 for better deals.",
"partial": true
}
```
### Response
#### Success Response (200)
- **matches** (object) - Contains the similarity matching results.
- **examples** (object) - Results for matching against the specified group.
- **matches** (array of objects) - List of matched items from the group with their scores.
- **example** (string) - The example text from the group that was matched.
- **score** (number) - The similarity score (0-1).
- **time** (number) - The time taken for the matching process in milliseconds.
#### Response Example
```json
{
"matches": {
"examples": {
"matches": [
{
"example": "message me on WhatsApp",
"score": 0.73
},
{
"example": "text me on Telegram",
"score": 0.47
},
{
"example": "contact me on Facebook",
"score": 0.33
}
],
"time": 44.407
}
}
}
```
```
--------------------------------
### Set Context via JSON
Source: https://altcha.org/docs/v2/sentinel/how-to/ai-security-rules
Configure the context for AI evaluation using a JSON structure. This example sets 'attribute1' and 'attribute2' as context attributes.
```json
[
{
"action": "set",
"set": [
{
"field": "context",
"value": "attribute1=value&attribute2=123"
}
]
}
]
```
--------------------------------
### Security Question Example with AI Rule
Source: https://altcha.org/docs/v2/sentinel/how-to/ai-security-rules
Implement a security question challenge using AI rules. This configures a context attribute for the security question and an AI rule to evaluate the answer.
```json
[
{
"action": "set",
"set": [
{
"field": "context",
"value": "security_question=Name an animal that lives in the ocean."
},
{
"field": "ai",
"value": "Allow only if the field 'security_answer' contains a correct answer to the 'security_question'."
}
]
}
]
```
--------------------------------
### URL Variable Example
Source: https://altcha.org/docs/v2/sentinel/features/redirects
Demonstrates how to use URL variables to insert field values into the destination URL. The `{field_name}` format is used, where `{email}` is replaced by the value from the 'email' field.
```html
https://example.com/form?email={email}
```
--------------------------------
### Registering External Algorithms with Vite
Source: https://altcha.org/docs/v2/migration/widget-v2
When using 'altcha/external', you must import worker modules separately and register them using the $altcha.algorithms.set method. This example demonstrates setting up Argon2id, PBKDF2, and Scrypt workers.
```javascript
import 'altcha/external';
import Argon2idWorker from 'altcha/workers/argon2id?worker';
import Pbkdf2Worker from 'altcha/workers/pbkdf2?worker';
import ScryptWorker from 'altcha/workers/scrypt?worker';
import ShaWorker from 'altcha/workers/sha?worker';
$altcha.algorithms.set('PBKDF2/SHA-256', () => new Pbkdf2Worker());
$altcha.algorithms.set('PBKDF2/SHA-384', () => new Pbkdf2Worker());
$altcha.algorithms.set('PBKDF2/SHA-512', () => new Pbkdf2Worker());
$altcha.algorithms.set('SHA-256', () => new ShaWorker());
$altcha.algorithms.set('SHA-384', () => new ShaWorker());
$altcha.algorithms.set('SHA-512', () => new ShaWorker());
$altcha.algorithms.set('ARGON2ID', () => new Argon2idWorker());
$altcha.algorithms.set('SCRYPT', () => new ScryptWorker());
```
--------------------------------
### Define Rate Limiter with Advanced Parameters
Source: https://altcha.org/docs/v2/sentinel/features/rate-limiters
Example of a rate limiter with custom key, alert message, and error code. This allows for fine-grained control over rate limiting behavior.
```string
100/1h(key=ip&alert=Too many requests from IP&code=429_TOO_MANY)
```
--------------------------------
### Monitor Deployment Rollout Status
Source: https://altcha.org/docs/v2/sentinel/install/kubernetes
Check the status of a Kubernetes deployment rollout to ensure the upgrade or installation is successful.
```bash
kubectl rollout status deployment/altcha-sentinel -n sentinel
```
--------------------------------
### Health Check Endpoint Response
Source: https://altcha.org/docs/v2/sentinel/advanced/monitoring-logging
Example JSON response from the /.health endpoint indicating system status.
```json
{
"status": "healthy",
"checks": {
"database": {
"ok": true
},
"redis": {
"ok": true
},
"clickhouse": {
"ok": true
}
},
"timestamp": "2025-05-12T14:05:54.464Z",
"version": "1.0.0"
}
```
--------------------------------
### External Widget Integration with PBKDF2 Worker
Source: https://altcha.org/docs/v2/widget-v3
Integrates the ALTCHA widget using the external bundle and configures PBKDF2/SHA-256 algorithm with a Web Worker. This setup is useful for optimizing performance by offloading cryptographic operations.
```html
```
--------------------------------
### Match Against Predefined Training Groups
Source: https://altcha.org/docs/v2/sentinel/how-to/detect-spam-with-similarity
Reference existing training data groups instead of providing raw examples in the request body.
```bash
curl -X POST http://localhost:8080/v1/similarity \
-H "Content-Type: application/json" \
-H "Authorization: Bearer {API_KEY}" \
-d '{
"groups": ["chat_spam"],
"text": "Don'\''t waste your money on expensive sneakers! Text me on WhatsApp +123123123 for better deals.",
"partial": true
}'
```
```json
{
"matches": {
"examples": {
"matches": [
{
"example": "message me on WhatsApp",
"score": 0.73
},
{
"example": "text me on Telegram",
"score": 0.47
},
{
"example": "contact me on Facebook",
"score": 0.33
}
],
"time": 44.407
}
}
}
```
--------------------------------
### Get Service IP Address
Source: https://altcha.org/docs/v2/sentinel/install/kubernetes
Retrieve the service IP address for the deployed Altcha Sentinel instance.
```bash
kubectl get svc altcha-sentinel
```
--------------------------------
### Provide License Key
Source: https://altcha.org/docs/v2/sentinel/advanced/env
Enter your license key for the application.
```bash
LICENSE_KEY="YOUR_LICENSE_KEY"
```
--------------------------------
### Importing ALTCHA TypeScript Types
Source: https://altcha.org/docs/v2/migration/widget-v2
Explicitly import framework-specific type definitions for ALTCHA when using TypeScript. This example shows how to import types for React, or alternatively for Svelte or JSX.
```typescript
import type {} from 'altcha/types/react'; // or /svelte, /jsx
import type { WidgetAttributes, Challenge } from 'altcha/types';
```
--------------------------------
### Configure AI Rule via JSON
Source: https://altcha.org/docs/v2/sentinel/how-to/ai-security-rules
Define an AI rule using JSON to set a field based on AI evaluation. This example sets the 'ai' field with a prompt to check for meaningful text in the 'message' field.
```json
[
{
"action": "set",
"set": [
{
"field": "ai",
"value": "Allow if the field 'message' contains meaningful text."
}
]
}
]
```
--------------------------------
### Programmatically Trigger Verification
Source: https://altcha.org/docs/v2/overlay-ui
Use JavaScript to get the altcha-widget element and call its 'verify()' method to trigger verification programmatically. This is useful for advanced use cases outside of form submissions.
```javascript
// Get the element by tag or ID
const altcha = document.querySelector('altcha-widget');
// Trigger verification
altcha.verify();
```
--------------------------------
### Optional SMTP Parameters for Email Notifications
Source: https://altcha.org/docs/v2/sentinel/configuration/forms
Append optional parameters as query strings to the SMTP connection URL to customize sender information and TLS settings. For example, to enable TLS and set the 'from' address.
```plaintext
smtp://smtp.example.email?secure=true&from=test@example.com
```
--------------------------------
### Deploy with Custom Parameters
Source: https://altcha.org/docs/v2/sentinel/install/aws-ecs
Command to deploy the stack while overriding default configuration parameters like domain name, certificate ARN, and resource allocation.
```bash
aws cloudformation deploy \
--template-file altcha-sentinel-aws-ecs.yml \
--stack-name altcha-sentinel-stack \
--capabilities CAPABILITY_IAM \
--parameter-overrides \
DomainName=sentinel.example.com \
CertificateArn=arn:aws:acm:us-east-1:123456789012:certificate/xxxx-xxxx-xxxx \
TaskCPU=4096 \
TaskMemory=8192
```
--------------------------------
### SSH into the Server
Source: https://altcha.org/docs/v2/sentinel/install/docker-compose
Connect to your server using SSH. If using a non-default SSH key, specify its path with the -i flag.
```bash
ssh root@{SERVER_IP}
```
```bash
ssh -i ~/.ssh/my_key root@{SERVER_IP}
```
--------------------------------
### Configure AI Provider Environment Variables
Source: https://altcha.org/docs/v2/sentinel/advanced/ai-providers
Basic configuration for an AI provider including model selection and API key.
```bash
AI_PROVIDER=mistral
AI_PROVIDER_MODEL=mistral-large-latest
AI_PROVIDER_OPTIONS={"apiKey":"abc123..."}
```
--------------------------------
### Provide License JSON
Source: https://altcha.org/docs/v2/sentinel/advanced/env
Provide the license file contents directly as a JSON string to disable the call-home mechanism.
```bash
LICENSE_JSON="{\"license_key\": \"YOUR_LICENSE_KEY\", \"expiry\": \"2025-12-31\"}"
```
--------------------------------
### Import Modular ALTCHA Assets
Source: https://altcha.org/docs/v2/content-security-policy-csp
For strict CSP compliance, import ALTCHA's modular assets separately. This approach avoids the need for 'blob:' in your CSP.
```javascript
import "altcha/external";
import "altcha/altcha.css";
```
--------------------------------
### Add Helm Repository
Source: https://altcha.org/docs/v2/sentinel/install/kubernetes
Add the official Altcha Helm charts repository to your local Helm configuration.
```bash
helm repo add altcha-org https://altcha-org.github.io/helm-charts
```
--------------------------------
### Run Sentinel Update Script
Source: https://altcha.org/docs/v2/sentinel/install/docker-compose
Navigate to the Altcha directory and execute the update script to pull the new Docker image and restart Sentinel.
```bash
cd /home/altcha/altcha
./update.sh
```
--------------------------------
### Vue.js Widget Integration
Source: https://altcha.org/docs/v2/widget-v3
Integrates the ALTCHA widget in Vue.js applications. This setup declares the `altcha-widget` component globally to ensure it's recognized within the Vue template.
```html
```
--------------------------------
### Adjust Log Retention Policy
Source: https://altcha.org/docs/v2/sentinel/advanced/clickhouse
Modify the TTL clause in your ClickHouse table definition to change the data retention period. This example sets logs to be deleted after 1 year.
```sql
TTL time + INTERVAL 1 YEAR DELETE
```
--------------------------------
### Create ClickHouse Database
Source: https://altcha.org/docs/v2/sentinel/advanced/clickhouse
Use this SQL command to create the 'altcha_sentinel' database if it does not already exist. The 'Atomic' engine is recommended for ClickHouse.
```sql
CREATE DATABASE IF NOT EXISTS altcha_sentinel
ENGINE = Atomic;
```
--------------------------------
### Downloading Attachments
Source: https://altcha.org/docs/v2/sentinel/how-to/email-spam-filter
Instructions on how to download attachments when `X-Attachments-Upload` is enabled.
```APIDOC
## Downloading Attachments
When using `X-Attachments-Upload: true`, attachments will be uploaded to configured upload storage and the parameter `contentUri` will be returned with each attachment in the following format:
```
blob://uploads/eml/attachments/2025-09-01/2c39908c3aa32a6484fd405a7c2f782e.png?size=11998&type=image%2Fpng&filename=image.png
```
To download an attachment using `contentUri`, use the `GET /v1/blobs/{key}` endpoint and pass the path returned in `contentUri` as the `key` parameter:
For example, from the blob URI above, the download URL will be:
```
GET /v1/blobs/eml/attachments/2025-09-01/2c39908c3aa32a6484fd405a7c2f782e.png?size=11998&type=image%2Fpng&filename=image.png
```
```
--------------------------------
### Configure OpenTelemetry Environment Variables
Source: https://altcha.org/docs/v2/sentinel/advanced/monitoring-logging
Set these environment variables to enable OTLP HTTP exporter for traces and logs.
```bash
OTEL_SERVICE_NAME="altcha-sentinel"
OTEL_EXPORTER_OTLP_ENDPOINT="https://localhost:4318"
OTEL_EXPORTER_OTLP_HEADERS="x-api-key=your-api-key"
```
--------------------------------
### Login to Azure CLI
Source: https://altcha.org/docs/v2/sentinel/install/azure-app-services
Authenticate with your Azure account using the Azure CLI. This is the first step for any manual deployment or management via the command line.
```bash
az login
```
--------------------------------
### Configure Okta OIDC SSO
Source: https://altcha.org/docs/v2/sentinel/advanced/sso
Environment variable configuration for Okta OIDC integration.
```text
SSO_OKTA=https://{your-account}.okta.com/?clientId={clientId}&clientSecret={clientSecret}
```
--------------------------------
### Programmatic Widget Configuration
Source: https://altcha.org/docs/v2/widget-integration
Manage default widget settings or update specific instances dynamically using the global `$altcha` object. This method is preferred for complex configurations.
```javascript
// Set defaults for all future widget instances:
$altcha.defaults.set({
challenge: 'https://api.example.com/challenge',
debug: true
});
// Update a specific instance dynamically:
const widget = document.querySelector('altcha-widget');
widget.configure({
workers: 2,
language: 'fr'
});
```
--------------------------------
### Verify Solution with PBKDF2
Source: https://altcha.org/docs/v2/widget-v3
Verifies the solution provided for a challenge using the 'PBKDF2/SHA-256' algorithm. This function is used on the server-side to confirm the validity of the user's input.
```javascript
import { verifySolution, pbkdf2 } from 'altcha/lib';
const result = await verifySolution({
challenge,
deriveKey: pbkdf2.deriveKey,
solution
});
```
--------------------------------
### Configure Automated Azure Blob Storage Backups
Source: https://altcha.org/docs/v2/sentinel/advanced/backups
Environment variables required to enable scheduled database snapshots using Azure Blob Storage.
```bash
SNAPHOSTS_CRON_SCHEDULE="0 0 * * *"
SNAPHOSTS_STORAGE_PROVIDER=azure
SNAPHOSTS_STORAGE_AZURE_CONTAINER=backups
SNAPHOSTS_STORAGE_AZURE_CONNECTION_STRING=DefaultEndpointsProtocol=https;AccountName=test;AccountKey=XXXX;EndpointSuffix=core.windows.net
```
--------------------------------
### Define Custom Parameters
Source: https://altcha.org/docs/v2/sentinel/advanced/custom-parameters
Use the params. prefix in URL query parameters to include metadata in the challenge.
```http
?params.param_name=param_value
```
--------------------------------
### Basic Widget Integration
Source: https://altcha.org/docs/v2/widget-v3
Integrates the ALTCHA widget using the default all-in-one bundle. Ensure this script is included in your project to display the widget.
```html
```
--------------------------------
### Configure Google Workspace OIDC SSO
Source: https://altcha.org/docs/v2/sentinel/advanced/sso
Environment variable configuration for Google Workspace OIDC integration.
```text
SSO_GOOGLE=?clientId={clientId}&clientSecret={clientSecret}
```
--------------------------------
### Allow All Paths for a Plugin
Source: https://altcha.org/docs/v2/wordpress/how-to
Use a wildcard to include all requests from a specific plugin's REST API paths.
```text
/wp-json/some-plugin/*
```
--------------------------------
### Enabling Redis in ALTCHA Sentinel
Source: https://altcha.org/docs/v2/sentinel/advanced/clustering
Configure the REDIS_URL environment variable to enable Redis, used for shared state like rate-limiting and pub-sub. Redis version 7 or later is recommended.
```env
REDIS_URL=redis://default@localhost:6379
```
--------------------------------
### Enabling PostgreSQL in ALTCHA Sentinel
Source: https://altcha.org/docs/v2/sentinel/advanced/clustering
Configure the POSTGRES_URL environment variable to enable PostgreSQL, which serves as the primary database for Sentinel. Ensure PostgreSQL version 15 or later is used.
```env
POSTGRES_URL=postgresql://user:password@localhost:5432/altcha_sentinel
```
--------------------------------
### Configure LDAP Authentication
Source: https://altcha.org/docs/v2/sentinel/advanced/sso
Environment variable configuration for LDAP/Active Directory integration.
```text
SSO_LDAP=ldap://your-ldap-server:389?userDn=dc=your-domain,dc=com
```
```text
SSO_LDAP=ldap://ldap.forumsys.com:389?userDn=dc=example,dc=com&name=SSO
```
--------------------------------
### Configure JWT Time-to-Live
Source: https://altcha.org/docs/v2/sentinel/advanced/env
Set the time-to-live for JWT tokens using a human-readable duration format.
```bash
JWT_TTL="48h"
```
--------------------------------
### Deploy ALTCHA Sentinel with AWS CLI
Source: https://altcha.org/docs/v2/sentinel/install/aws-ecs
Standard command to deploy the CloudFormation stack using the provided template file.
```bash
aws cloudformation deploy \
--template-file altcha-sentinel-aws-ecs.yml \
--stack-name altcha-sentinel-stack \
--capabilities CAPABILITY_IAM
```
--------------------------------
### Create Challenge with PBKDF2
Source: https://altcha.org/docs/v2/widget-v3
Generates a new challenge using the 'PBKDF2/SHA-256' algorithm with a specified cost. This function is used on the server or client to initiate a verification process.
```javascript
import { createChallenge, pbkdf2 } from 'altcha/lib';
const challenge = await createChallenge({
algorithm: 'PBKDF2/SHA-256',
cost: 5_000,
deriveKey: pbkdf2.deriveKey
});
```
--------------------------------
### Configure IP Whitelist
Source: https://altcha.org/docs/v2/sentinel/advanced/env
Restrict access to application and admin endpoints by providing a comma-separated list of IP addresses or network masks.
```bash
APP_IP_WHITELIST="127.0.0.1/32,::1/128,fd00::/8"
```
--------------------------------
### Register Argon2id and Scrypt Workers (No Bundler Support)
Source: https://altcha.org/docs/v2/widget-integration
Register Argon2id and Scrypt workers by loading prebuilt worker files directly when your environment does not support '?worker' imports. Ensure the path to the worker files is correct.
```javascript
import 'altcha';
$altcha.algorithms.set('ARGON2ID', () => new Worker('/path/to/node_modules/altcha/dist/workers/argon2id.js'));
$altcha.algorithms.set('SCRYPT', () => new Worker('/path/to/node_modules/altcha/dist/workers/scrypt.js'));
```
--------------------------------
### Widget Methods
Source: https://altcha.org/docs/v2/widget-integration
Available methods for controlling and interacting with the ALTCHA widget programmatically.
```APIDOC
## Widget Methods
### Description
These methods allow you to control and interact with the ALTCHA widget programmatically after it has loaded.
### Methods
- **`configure(options)`**: Configures the widget with the given options.
- **`getConfiguration()`**: Returns the current configuration of the widget.
- **`getState()`**: Returns the current state of the widget.
- **`show()`**: Displays the widget.
- **`hide()`**: Hides the widget.
- **`reset(state?, err?)`**: Resets the internal state of the widget, optionally with an error.
- **`setState(state, err?)`**: Manually sets the widget's state, optionally with an error.
- **`updateUI()`**: Forces a UI update or reposition.
- **`verify()`**: Initiates the verification process.
```
--------------------------------
### Enable Password Login
Source: https://altcha.org/docs/v2/sentinel/advanced/env
Enable or disable password-based login. Set to '1' to enable, '0' to disable.
```bash
PASSWORD_LOGIN_ENABLED="0"
```
--------------------------------
### Configure Keycloak OIDC SSO
Source: https://altcha.org/docs/v2/sentinel/advanced/sso
Environment variable configuration for Keycloak OIDC integration.
```text
SSO_KEYCLOAK=https://your-keycloak-domain:8080/?realm={realm}&clientId={clientId}&clientSecret={clientSecret}
```
--------------------------------
### Enabling ClickHouse in ALTCHA Sentinel (Enterprise Plan)
Source: https://altcha.org/docs/v2/sentinel/advanced/clustering
Configure the CLICKHOUSE_URL environment variable to integrate with ClickHouse for analytics and logs on the Enterprise plan. Ensure the database and tables are created as per ClickHouse documentation.
```env
CLICKHOUSE_URL=http://user:password@localhost:8123/altcha_sentinel
```
--------------------------------
### Attribute-Based Widget Configuration
Source: https://altcha.org/docs/v2/widget-integration
Configure the ALTCHA widget using HTML attributes for simple implementations. The `configuration` attribute accepts a JSON-encoded string for complex settings.
```html
```
--------------------------------
### Import ALTCHA
Source: https://altcha.org/docs/v2/how-to/captcha-react-example
Import the ALTCHA library into your React component.
```javascript
import 'altcha';
```
--------------------------------
### OpenTelemetry Configuration
Source: https://altcha.org/docs/v2/sentinel/advanced/monitoring-logging
Configuration details for enabling OpenTelemetry support using the OTLP HTTP exporter.
```APIDOC
## OpenTelemetry Configuration
### Description
Sentinel supports the OTLP HTTP exporter for OpenTelemetry collectors, enabling both traces and logs. To enable OpenTelemetry, set the `OTEL_EXPORTER_OTLP_ENDPOINT` environment variable.
### Supported Environment Variables
- **OTEL_EXPORTER_OTLP_ENDPOINT** (string) - The URL of the OpenTelemetry collector (e.g., `https://localhost:4318`). Required.
- **OTEL_EXPORTER_OTLP_HEADERS** (string) - Custom headers to include in OTLP requests (e.g., API keys or authentication tokens).
- **OTEL_EXPORTER_OTLP_TIMEOUT** (string) - The timeout value for all outgoing data in milliseconds.
- **OTEL_SERVICE_NAME** (string) - The logical name of the service that will appear in traces and logs (defaults to `altcha-sentinel`).
### Example Configuration
```bash
OTEL_SERVICE_NAME="altcha-sentinel"
OTEL_EXPORTER_OTLP_ENDPOINT="https://localhost:4318"
OTEL_EXPORTER_OTLP_HEADERS="x-api-key=your-api-key"
```
```
--------------------------------
### Enable Overlay UI
Source: https://altcha.org/docs/v2/overlay-ui
Add the 'overlay' attribute to the altcha-widget configuration within a form element to enable the Overlay UI. This automatically sets 'auto=onsubmit'.
```html
```
--------------------------------
### CSP Directive for Default ALTCHA Bundle
Source: https://altcha.org/docs/v2/content-security-policy-csp
When using the default Web Component bundle, which executes the worker from a Blob, ensure your CSP allows the 'blob:' source for workers.
```http
Content-Security-Policy: script-src 'self'; worker-src 'self' blob:
```
--------------------------------
### Show Container Configuration via Azure CLI
Source: https://altcha.org/docs/v2/sentinel/install/azure-app-services
Retrieve the current Docker image configuration for your Azure Web App. This command helps verify the deployed image tag.
```bash
az webapp config container show --name \
--resource-group \
--query "docker_image_name"
```
--------------------------------
### Apply Cyberpunk Theme
Source: https://altcha.org/docs/v2/widget-v3
Import and apply the cyberpunk theme to the ALTCHA widget using the `theme` attribute.
```javascript
import "altcha/themes/cyberpunk.css";
;
```
--------------------------------
### Add to Threat List Immediately
Source: https://altcha.org/docs/v2/sentinel/how-to/threat-intelligence
Immediately add an IP address to the threat list, bypassing the limit-based blocking.
```APIDOC
## POST /v1/threat-list
### Description
Immediately add an IP address to the threat list. This endpoint is used to block an IP directly, rather than waiting for it to exceed a defined limit.
### Method
POST
### Endpoint
/v1/threat-list
### Parameters
(Specific parameters for this endpoint are not detailed in the source text, but it is implied to accept IP address information for immediate blocking.)
### Request Example
(Example not provided in source text.)
### Response
(No specific response details provided in the source text.)
```
--------------------------------
### Import ALTCHA Package
Source: https://altcha.org/docs/v2/migration/hcaptcha
Import the ALTCHA package to use its functionalities in your frontend application. This is a prerequisite for integrating the ALTCHA widget.
```javascript
import "altcha";
```
--------------------------------
### Configure Inject Paths for ALTCHA Scripts
Source: https://altcha.org/docs/v2/wordpress/how-to
Specify paths in ALTCHA settings to limit script injection to only required pages. The default `*` wildcard is removed.
```text
/contact
/shop/*
```
--------------------------------
### ALTCHA Widget with Sentinel
Source: https://altcha.org/docs/v2/widget-integration
Configure the ALTCHA widget to use ALTCHA Sentinel for challenge generation. Provide your Sentinel endpoint URL and API key.
```html
```
--------------------------------
### Register All Supported Workers with altcha/external
Source: https://altcha.org/docs/v2/widget-integration
Use 'altcha/external' to exclude bundled workers and explicitly register all desired algorithms. This provides full control over loaded workers, including PBKDF2, SHA, Argon2id, and Scrypt.
```javascript
import 'altcha/external';
import Argon2idWorker from 'altcha/workers/argon2id?worker';
import Pbkdf2Worker from 'altcha/workers/pbkdf2?worker';
import ScryptWorker from 'altcha/workers/scrypt?worker';
import ShaWorker from 'altcha/workers/sha?worker';
$altcha.algorithms.set('PBKDF2/SHA-256', () => new Pbkdf2Worker());
$altcha.algorithms.set('PBKDF2/SHA-384', () => new Pbkdf2Worker());
$altcha.algorithms.set('PBKDF2/SHA-512', () => new Pbkdf2Worker());
$altcha.algorithms.set('SHA-256', () => new ShaWorker());
$altcha.algorithms.set('SHA-384', () => new ShaWorker());
$altcha.algorithms.set('SHA-512', () => new ShaWorker());
$altcha.algorithms.set('ARGON2ID', () => new Argon2idWorker());
$altcha.algorithms.set('SCRYPT', () => new ScryptWorker());
```
--------------------------------
### Create Kubernetes Secret for ALTCHA Sentinel
Source: https://altcha.org/docs/v2/sentinel/advanced/clustering
Use this command to create a Kubernetes secret containing essential connection strings and a secret seed for ALTCHA Sentinel. Ensure all placeholder values are replaced with your actual credentials.
```bash
kubectl create secret generic altcha-sentinel-secrets \
--from-literal=LICENSE_KEY=XXXXXXXXXXXXXXXXXXXXXXXXX \
--from-literal=POSTGRES_URL=postgresql://... \
--from-literal=REDIS_URL=redis://... \
--from-literal=SECRET_SEED=...
```
--------------------------------
### Adjust AI Request Parameters
Source: https://altcha.org/docs/v2/sentinel/advanced/ai-providers
Configure specific request parameters like max_tokens and temperature using AI_PROVIDER_REQUEST_OPTIONS.
```bash
AI_PROVIDER_REQUEST_OPTIONS={"max_tokens":300,"temperature":1,"stop":["\n\n"]}
```
--------------------------------
### Solve Challenge with PBKDF2
Source: https://altcha.org/docs/v2/widget-v3
Solves a given challenge using the 'PBKDF2/SHA-256' algorithm. This function is typically used on the client-side to provide the solution to the challenge.
```javascript
import { solveChallenge, pbkdf2 } from 'altcha/lib';
const solution = await solveChallenge({
challenge,
deriveKey: pbkdf2.deriveKey
});
```
--------------------------------
### Upgrade Altcha Sentinel to a New Version
Source: https://altcha.org/docs/v2/sentinel/install/kubernetes
Upgrade an existing Altcha Sentinel deployment to a new image tag.
```bash
helm upgrade altcha-sentinel altcha-org/sentinel \
--set image.tag="1.2.3"
```
--------------------------------
### Configure Overlay Content
Source: https://altcha.org/docs/v2/overlay-ui
Specify a CSS selector for 'overlaycontent' to display additional HTML content before the overlay widget appears. Ensure the selected element is properly defined.
```html
Verifying you are human...
```
--------------------------------
### Use Switch Toggle Input
Source: https://altcha.org/docs/v2/widget-v3
Configure the ALTCHA widget to use an animated switch (toggle) style for user interaction.
```html
```
--------------------------------
### View Helm Release History
Source: https://altcha.org/docs/v2/sentinel/install/kubernetes
List the revision history of a Helm release to identify available versions for rollback.
```bash
helm history altcha-sentinel --namespace sentinel
```
--------------------------------
### Restart Azure Web App via CLI
Source: https://altcha.org/docs/v2/sentinel/install/azure-app-services
Restart your Azure Web App service using the Azure CLI. This is often necessary after configuration changes, such as updating the container image.
```bash
az webapp restart --name --resource-group
```
--------------------------------
### Create Persistent Docker Volume
Source: https://altcha.org/docs/v2/sentinel/install/docker
Creates a named volume to persist data for the ALTCHA sentinel container.
```bash
docker volume create altcha_sentinel_data
```
--------------------------------
### Configure Authorization for Threat Sources
Source: https://altcha.org/docs/v2/sentinel/how-to/threat-intelligence
Methods for providing credentials when accessing protected threat intelligence sources.
```http
Authorization: Basic ZXhhbXBsZTpleGFtcGxl
```
```url
https://{username}:{password}@example.com
```
--------------------------------
### Live Log Streaming
Source: https://altcha.org/docs/v2/sentinel/advanced/monitoring-logging
Provides real-time access to server logs via HTTP, with an option for JSON formatting.
```APIDOC
## GET /.logs
### Description
Streams server logs in real-time. Supports optional JSON formatting.
### Method
GET
### Endpoint
`/.logs`
### Query Parameters
- **format** (string) - Optional. If set to `json`, outputs logs in JSON format.
### Examples
- Default stream: `GET /.logs`
- JSON stream: `GET /.logs?format=json`
### Response
#### Success Response (200)
- **Log Stream** (string) - A continuous stream of log entries. Each entry can be a plain text line or a JSON object depending on the `format` query parameter.
```
--------------------------------
### Integrate ALTCHA Script Tag
Source: https://altcha.org/docs/v2/widget-integration
Add the script tag to your website to integrate the ALTCHA widget. Placing it in the `` section is recommended for optimal performance.
```html
```
--------------------------------
### Client-side Key Derivation Loop
Source: https://altcha.org/docs/v2/proof-of-work-captcha
The client repeatedly derives a key by incrementing a counter and appending it to the nonce until the output matches the server's requirements. This process is central to solving the PoW challenge.
```javascript
DerivedKey=KDF(Algorithm, Salt, Cost, Password)
Where Password is the nonce appended with the counter.
```
--------------------------------
### Use Invisible Display Mode
Source: https://altcha.org/docs/v2/widget-v3
Integrate the ALTCHA widget invisibly into your UI, suitable for minimal footprint requirements.
```html
```
--------------------------------
### Configure Azure OIDC SSO
Source: https://altcha.org/docs/v2/sentinel/advanced/sso
Environment variable configuration for Microsoft Azure OIDC integration.
```text
SSO_AZURE=?clientId={clientId}&clientSecret={clientSecret}&tenantId={tenantId}
```
--------------------------------
### Mount Persistent Storage Volume
Source: https://altcha.org/docs/v2/sentinel/install
Configure a persistent storage volume for ALTCHA Sentinel by mounting it to the /data directory. This is required for database data unless PostgreSQL is used as the backend.
```yaml
volumes:
- altcha_sentinel_data_volume:/data
```
--------------------------------
### Upgrade Altcha Sentinel with Custom Namespace and Reused Values
Source: https://altcha.org/docs/v2/sentinel/install/kubernetes
Upgrade Altcha Sentinel, specifying a custom namespace and ensuring previous configurations are reused.
```bash
helm upgrade altcha-sentinel altcha-org/sentinel \
--namespace sentinel \
--set image.tag="1.2.3" \
--reuse-values
```
--------------------------------
### Sentinel Management Scripts
Source: https://altcha.org/docs/v2/sentinel/install/docker-compose
These scripts are located in /home/altcha/altcha/ and provide essential management functions for Sentinel.
```bash
./start.sh
```
```bash
./stop.sh
```
```bash
./status.sh
```
```bash
./update.sh
```
```bash
./logs.sh
```
--------------------------------
### Listen for Widget State Changes
Source: https://altcha.org/docs/v2/widget-integration
Attach an event listener to the widget to react to state changes. The new state is available in the event's detail property.
```javascript
const widget = document.querySelector('altcha-widget');
widget.addEventListener('statechange', (ev) => {
// See enum State above
console.log('state:', ev.detail.state);
});
```
--------------------------------
### Import Modular ALTCHA Worker
Source: https://altcha.org/docs/v2/content-security-policy-csp
Separately import the ALTCHA Web Worker when using the modular asset approach for strict CSP compliance.
```javascript
import "altcha/worker";
```
--------------------------------
### Include ALTCHA via CDN
Source: https://altcha.org/docs/v2/widget-integration
Alternatively, include the ALTCHA script in your HTML using a CDN link. This method is suitable for static websites.
```html
```
--------------------------------
### Integrate ALTCHA Widget in HTML Form
Source: https://altcha.org/docs/v2/migration/hcaptcha
Add the `` component to your HTML form to enable ALTCHA's challenge mechanism. Ensure the `challenge` attribute points to your challenge URL.
```html
```
--------------------------------
### Rollback ALTCHA Sentinel Container Version
Source: https://altcha.org/docs/v2/sentinel/install/azure-app-services
Use this command to revert the web app container to a specific previous version. Replace placeholders with your actual Azure resource names and the desired version tag.
```bash
az webapp config container set --name \
--resource-group \
--docker-custom-image-name ghcr.io/altcha-org/sentinel:
```
--------------------------------
### Allow Specific Origins with Wildcard Support
Source: https://altcha.org/docs/v2/sentinel/configuration/security-groups
Use an 'allow' rule with the 'origin' condition and 'conditionsOperator': 'or' to permit requests from specific domains or subdomains. Wildcards (*) can be used to match multiple subdomains.
```json
{
"action": "allow",
"conditionsOperator": "or",
"conditions": [
{
"field": "origin",
"operator": "=",
"value": [
"https://example.com"
]
},
{
"field": "origin",
"operator": "=",
"value": [
"https://*.example.com"
]
}
],
"name": "Allow origins"
}
```
--------------------------------
### Configure Global Rate Limiter
Source: https://altcha.org/docs/v2/sentinel/features/rate-limiters
Sets a rate limit of 100 requests per hour globally for all users. This configuration is part of a Security Group Rule.
```json
{
"action": "set",
"conditions": [],
"name": "Rate Limiter",
"set": [
{
"field": "rateLimit",
"value": "100/1h"
}
]
}
```
=== COMPLETE CONTENT === This response contains all available snippets from this library. No additional content exists. Do not make further requests.