Documentation

Everything you need to integrate caputchin, author games, and manage your account. The docs follow the Diátaxis system. Every page is fetchable as raw markdown at /docs/raw/<slug> for AI agents, and the llms.txt index lists every canonical path.

Tutorials

Step-by-step lessons that teach by doing.

Author a Caputchin gameBuild a game that runs inside the [widget](../widget.md). Reference for the contract is [game-sdk](../game-sdk.md).
Quickstart — add Caputchin to your site in 5 minutesEnd-to-end walkthrough from sign-up to a verified form, with the bare minimum HTML and one backend call.

How-to guides

Recipes for solving a specific problem.

Use Caputchin with React (and Next.js)Mount the widget custom element in a React tree, handle events with refs, and verify on the server.
Integrate the Caputchin widgetFive-minute integration for a customer who already has a site key. For deeper reference see [widget](../widget.md) and the [api](../api.md).
Migrate from reCAPTCHASwap reCAPTCHA v2 / v3 / Enterprise for Caputchin with minimal backend changes.
Embed Caputchin in a mobile app via WebViewReference for the pattern is [mobile](../mobile.md). The widget is the same as the web version; only the host shell differs.
Publish a game to the marketplaceMake your game discoverable in the Caputchin [marketplace](../marketplace.md). Assumes you've already built and registered a game — see [author-a-game](autho...
Sign up and sign inCreate a caputchin account and start managing site keys. Three sign-in paths (magic link, GitHub, Google), how to mint a site key, how to mint a Personal Access Token, and how to sign out. Conceptual reference in account-login.
Set up hosted verificationFor customers without a backend. Caputchin verifies the form submission and forwards it to a webhook, an email address, or both. Paid tier only — see [hosted...
TroubleshootingCommon error codes from /siteverify and the widget, with concrete fixes.
Verify a Caputchin token on your backendWhen a user submits the form, your backend receives a `caputchin-token` field. Pass it to `/siteverify` along with your secret. Reference for the endpoint sh...

Reference

Technical descriptions of the surface area.

API endpointsThree HTTP endpoints. All follow the [inverted envelope](#inverted-envelope) — Cap's wire format is the top level, Caputchin data rides under `platform`. The...
DashboardThe customer's account UI — one of four [management modalities](management-api.md), alongside OpenAPI, MCP, and Terraform. All four read and write the same c...
FeaturesHeadline list of what Caputchin does, split across the three plans. Each row links to the topic doc for detail. This page is the "what does this product do?"...
Game SDKThe contract a game author writes against. Distributed as `@caputchin/game-sdk` — a tiny package containing the `register()` helper and TypeScript types for ...
MarketplaceThe discoverable default for [game distribution](game-distribution.md). Authors publish a GitHub repo; the platform indexes it; customers browse and pick games.
Code snippetsCopy-paste examples for calling [`/siteverify`](api.md#post-siteverify-customer-backend--platform) from common backends. The canonical request and response s...
WidgetThe customer-facing browser surface — a single web component plus two events. Distributed two ways, identical behavior:

Explanation

Why the system is shaped this way.

Account loginHow customers sign in to the dashboard — magic-link primary, plus Continue with GitHub or Google. All three paths resolve to the same account row keyed by email. The platform stores your email and nothing else.
Game distributionTwo ways a game reaches the [widget](widget.md). Both load the script into the same sandboxed iframe; the only difference is who hosts the file and how the w...
Hosted verificationA paid feature for customers without a backend. The customer points their form at a Caputchin URL instead of their own server; the platform verifies the wrap...
Management APIHow customers manage Caputchin (create site keys, rotate secrets, configure [hosted-verification](hosted-verification.md) destinations, manage domain allowli...
Mobile**Free across all tiers.** Mobile uses the same [widget](widget.md) inside a WebView. There is no native PoW reimplementation; Cap stays in the WebView. See ...
PrivacyPrivacy is **structural**, not policy. The platform does not collect user-level data because the architecture has no place to put it. We can't leak data we d...