CaptchaLaCaptchaLa
Migration guide

Migrate from Arkose FunCAPTCHA to CaptchaLa

Shed the SDK weight, end the enterprise contract, keep adaptive bot defense. The migration is one script swap and one verify endpoint change.

Sign up — no contractRead the comparison
AArkose / FunCAPTCHACurrent setup~10 minCaptchaLaDrop-in target

What the code change looks like

Before — Arkose / FunCAPTCHA
<script src="https://YOUR_PUBLIC_KEY.arkoselabs.com/v2/YOUR_PUBLIC_KEY/api.js" data-callback="onSuccess" async defer></script>
<script>
  function onSuccess(token) {
    document.getElementById('arkose-token').value = token
  }
</script>
<input type="hidden" id="arkose-token" name="arkose-token" />
After — CaptchaLa
<div class="captchala" data-app-key="YOUR_APP_KEY"></div>
<script src="https://cdn.captcha.la/v1/captchala.js" async defer></script>
Before — Arkose server verify (Node)
const res = await fetch('https://verify-api.arkoselabs.com/api/v4/verify/', {
  method: 'POST',
  headers: { 'Content-Type': 'application/x-www-form-urlencoded' },
  body: new URLSearchParams({
    private_key: process.env.ARKOSE_PRIVATE_KEY,
    session_token: req.body['arkose-token'],
  }),
})
const data = await res.json()
if (data.session_details?.solved !== true) return res.status(400).json({ error: 'bot' })
After — CaptchaLa server verify (Node)
const res = await fetch('https://api.captcha.la/v1/verify', {
  method: 'POST',
  headers: { 'Content-Type': 'application/json' },
  body: JSON.stringify({
    appSecret: process.env.CAPTCHALA_SECRET,
    token: req.body['captchala-token'],
  }),
})
const data = await res.json()
if (!data.success) return res.status(400).json({ error: 'bot' })

Migration steps

  1. 1

    Sign up & grab your App Key + Secret

    Create a free CaptchaLa account. Unlike Arkose, there's no PoC and no procurement — pricing is published and self-serve. Free tier covers initial testing.

  2. 2

    Remove the Arkose SDK & callback wiring

    Delete the Arkose script tag, the callback function, and the hidden input you populate from the callback. CaptchaLa uses a simple div placeholder — no callback wiring.

  3. 3

    Add the CaptchaLa widget

    Drop in our div and script tag where the Arkose widget was. The hidden token field is auto-populated as captchala-token; you don't manage it manually.

  4. 4

    Update the server verify

    Replace Arkose's session_details.solved check with our success boolean. Endpoint changes to api.captcha.la/v1/verify. Body becomes JSON instead of form-urlencoded.

  5. 5

    Plan the contract wind-down

    Arkose contracts are usually annual with auto-renewal. Note the cancellation window in your contract and give legal/procurement notice. Most teams run both for 30 days in parallel during the wind-down.

Faster: use a plugin

WordPress + WooCommerce

Arkose has no official WP plugin (you wrote custom integration). CaptchaLa has an official plugin that covers login, registration, comments, WooCommerce, CF7, Gravity, WPForms — drop in, configure, done.

View integration →

Frequently asked questions

Will I lose bot detection accuracy by switching?

For most workloads, no measurable difference. Arkose's challenges are intentionally harder than ours by default, but the bot population they catch and the bot population we catch overlap heavily for typical product traffic. If you're at Roblox / Microsoft scale with named adversaries, the answer is more nuanced — talk to us first.

How do I handle the contract overlap?

Run both side-by-side during the wind-down. Form A keeps Arkose; Form B switches to CaptchaLa. Compare conversion + bot rate. Most teams find the bot rate stays flat and the user-friction rate drops. Then decommission Arkose at contract renewal.

What about Arkose's risk telemetry / analytics dashboards?

CaptchaLa has its own dashboard with comparable telemetry — challenge rate, success rate, risk score distribution, geo breakdown. The shape is familiar if you're coming from Arkose Insights.