bcgov · SoLetsDev · Sep 25, 2025
diff --git a/...gistryPortal/ECER.Clients.RegistryPortal.Server/Certifications/CertificationsEndpoints.cs b/...gistryPortal/ECER.Clients.RegistryPortal.Server/Certifications/CertificationsEndpoints.cs
@@ -72,15 +72,15 @@ public void Register(IEndpointRouteBuilder endpointRouteBuilder)
 
     endpointRouteBuilder.MapPost("/api/certifications/lookup", async Task<Results<Ok<IEnumerable<CertificationLookupResponse>>, BadRequest<ProblemDetails>, NotFound>> (CertificationLookupRequest request, HttpContext httpContext, CancellationToken ct, IMediator messageBus, IMapper mapper) =>
     {
-      var recaptchaResult = await messageBus.Send(new Managers.Registry.Contract.Recaptcha.VerifyRecaptchaCommand(request.RecaptchaToken), ct);
+      var captchaResult = await messageBus.Send(new Managers.Registry.Contract.Captcha.VerifyCaptchaCommand(request.captchaToken), ct);
 
-      if (!recaptchaResult.Success)
+      if (!captchaResult.Success)
       {
         var problemDetails = new ProblemDetails
         {
           Status = StatusCodes.Status400BadRequest,
-          Detail = "Invalid recaptcha token",
-          Extensions = { ["errors"] = recaptchaResult.ErrorCodes }
+          Detail = "Invalid captcha token",
+          Extensions = { ["errors"] = captchaResult.ErrorCodes }
         };
         return TypedResults.BadRequest(problemDetails);
       }
@@ -131,7 +131,7 @@ public record CertificationLookupResponse(string Id)
   public IEnumerable<CertificateCondition> CertificateConditions { get; set; } = Array.Empty<CertificateCondition>();
 }
 
-public record CertificationLookupRequest(string RecaptchaToken)
+public record CertificationLookupRequest(string captchaToken)
 {
   public string? FirstName { get; set; }
   public string? LastName { get; set; }

diff --git a/src/ECER.Clients.RegistryPortal/ECER.Clients.RegistryPortal.Server/ConfigurationEndpoints.cs b/src/ECER.Clients.RegistryPortal/ECER.Clients.RegistryPortal.Server/ConfigurationEndpoints.cs
@@ -1,5 +1,4 @@
 using AutoMapper;
-using ECER.Clients.RegistryPortal.Server.Applications;
 using ECER.Clients.RegistryPortal.Server.Shared;
 using ECER.Managers.Admin.Contract.Metadatas;
 using ECER.Utilities.Hosting;
@@ -28,7 +27,6 @@ public void Register(IEndpointRouteBuilder endpointRouteBuilder)
       .WithOpenApi("Handles province queries", string.Empty, "province_get")
       .CacheOutput(p => p.Expire(TimeSpan.FromMinutes(5)));
 
-
     endpointRouteBuilder.MapGet("/api/defaultContents", async (HttpContext ctx, IMediator messageBus, IMapper mapper, CancellationToken ct) =>
     {
       var results = await messageBus.Send(new DefaultContentsQuery(), ct);
@@ -78,12 +76,12 @@ public void Register(IEndpointRouteBuilder endpointRouteBuilder)
      .WithOpenApi("Handles identification types queries", string.Empty, "identificationTypes_get")
      .CacheOutput(p => p.Expire(TimeSpan.FromMinutes(5)));
 
-    endpointRouteBuilder.MapGet("/api/recaptchaSiteKey", async (IOptions<RecaptchaSettings> recaptchaSettings, CancellationToken ct) =>
+    endpointRouteBuilder.MapGet("/api/captchaSiteKey", async (IOptions<CaptchaSettings> captchaSettings, CancellationToken ct) =>
     {
       await Task.CompletedTask;
-      return TypedResults.Ok(recaptchaSettings.Value.SiteKey);
+      return TypedResults.Ok(captchaSettings.Value.SiteKey);
     })
-      .WithOpenApi("Obtains site key for recaptcha", string.Empty, "recaptcha_site_key_get")
+      .WithOpenApi("Obtains site key for captcha", string.Empty, "captcha_site_key_get")
       .CacheOutput(p => p.Expire(TimeSpan.FromMinutes(5)));
   }
 }
@@ -128,21 +126,21 @@ public record IdentificationTypesQuery
   public bool? ForPrimary { get; set; }
   public bool? ForSecondary { get; set; }
 }
-  public record OutOfProvinceCertificationType(string Id)
-  {
-    public string? CertificationType { get; set; }
-  }
+public record OutOfProvinceCertificationType(string Id)
+{
+  public string? CertificationType { get; set; }
+}
 
-  public record CertificationComparison(string Id)
-  {
-    public string? BcCertificate { get; set; }
-  }
+public record CertificationComparison(string Id)
+{
+  public string? BcCertificate { get; set; }
+}
 
-  public record ComparisonRecord()
-  {
-    public OutOfProvinceCertificationType? TransferringCertificate { get; set; }
-    public IEnumerable<CertificationComparison> Options { get; set; } = Array.Empty<CertificationComparison>();
-  }
+public record ComparisonRecord()
+{
+  public OutOfProvinceCertificationType? TransferringCertificate { get; set; }
+  public IEnumerable<CertificationComparison> Options { get; set; } = Array.Empty<CertificationComparison>();
+}
 public record DefaultContent
 {
   public string? Name { get; set; }

diff --git a/src/ECER.Clients.RegistryPortal/ECER.Clients.RegistryPortal.Server/Program.cs b/src/ECER.Clients.RegistryPortal/ECER.Clients.RegistryPortal.Server/Program.cs
@@ -63,7 +63,7 @@ private static async Task<int> Main(string[] args)
       builder.Services.Configure<Microsoft.AspNetCore.Mvc.JsonOptions>(opts => opts.JsonSerializerOptions.Converters.Add(new JsonStringEnumConverter()));
       builder.Services.Configure<PaginationSettings>(builder.Configuration.GetSection("Pagination"));
       builder.Services.Configure<UploaderSettings>(builder.Configuration.GetSection("Uploader"));
-      builder.Services.Configure<RecaptchaSettings>(builder.Configuration.GetSection("Recaptcha"));
+      builder.Services.Configure<CaptchaSettings>(builder.Configuration.GetSection("Captcha"));
       builder.Services.Configure<ClaimCacheSettings>(builder.Configuration.GetSection("Claims"));
 
       builder.Services

diff --git a/...ients.RegistryPortal/ECER.Clients.RegistryPortal.Server/References/ReferencesEndpoints.cs b/...ients.RegistryPortal/ECER.Clients.RegistryPortal.Server/References/ReferencesEndpoints.cs
@@ -1,10 +1,10 @@
-using System.ComponentModel.DataAnnotations;
-using AutoMapper;
+using AutoMapper;
 using ECER.Clients.RegistryPortal.Server.Applications;
 using ECER.Utilities.Hosting;
 using MediatR;
 using Microsoft.AspNetCore.Http.HttpResults;
 using Microsoft.AspNetCore.Mvc;
+using System.ComponentModel.DataAnnotations;
 
 namespace ECER.Clients.RegistryPortal.Server.References;
 
@@ -16,15 +16,15 @@ public void Register(IEndpointRouteBuilder endpointRouteBuilder)
     {
       if (request.Token == null) return TypedResults.BadRequest(new ProblemDetails() { Detail = "Token is required" });
 
-      var recaptchaResult = await messageBus.Send(new Managers.Registry.Contract.Recaptcha.VerifyRecaptchaCommand(request.RecaptchaToken), ct);
+      var captchaResult = await messageBus.Send(new Managers.Registry.Contract.Captcha.VerifyCaptchaCommand(request.CaptchaToken), ct);
 
-      if (!recaptchaResult.Success)
+      if (!captchaResult.Success)
       {
         var problemDetails = new ProblemDetails
         {
           Status = StatusCodes.Status400BadRequest,
-          Detail = "Invalid recaptcha token",
-          Extensions = { ["errors"] = recaptchaResult.ErrorCodes }
+          Detail = "Invalid captcha token",
+          Extensions = { ["errors"] = captchaResult.ErrorCodes }
         };
         return TypedResults.BadRequest(problemDetails);
       }
@@ -45,15 +45,15 @@ public void Register(IEndpointRouteBuilder endpointRouteBuilder)
     {
       if (request.Token == null) return TypedResults.BadRequest(new ProblemDetails { Detail = "Token is required" });
 
-      var recaptchaResult = await messageBus.Send(new Managers.Registry.Contract.Recaptcha.VerifyRecaptchaCommand(request.RecaptchaToken), ct);
+      var captchaResult = await messageBus.Send(new Managers.Registry.Contract.Captcha.VerifyCaptchaCommand(request.CaptchaToken), ct);
 
-      if (!recaptchaResult.Success)
+      if (!captchaResult.Success)
       {
         var problemDetails = new ProblemDetails
         {
           Status = StatusCodes.Status400BadRequest,
-          Detail = "Invalid recaptcha token",
-          Extensions = { ["errors"] = recaptchaResult.ErrorCodes }
+          Detail = "Invalid captcha token",
+          Extensions = { ["errors"] = captchaResult.ErrorCodes }
         };
         return TypedResults.BadRequest(problemDetails);
       }
@@ -73,15 +73,15 @@ public void Register(IEndpointRouteBuilder endpointRouteBuilder)
     {
       if (request.Token == null) return TypedResults.BadRequest(new ProblemDetails { Detail = "Token is required" });
 
-      var recaptchaResult = await messageBus.Send(new Managers.Registry.Contract.Recaptcha.VerifyRecaptchaCommand(request.RecaptchaToken), ct);
+      var captchaResult = await messageBus.Send(new Managers.Registry.Contract.Captcha.VerifyCaptchaCommand(request.CaptchaToken), ct);
 
-      if (!recaptchaResult.Success)
+      if (!captchaResult.Success)
       {
         var problemDetails = new ProblemDetails
         {
           Status = StatusCodes.Status400BadRequest,
-          Detail = "Invalid recaptcha token",
-          Extensions = { ["errors"] = recaptchaResult.ErrorCodes }
+          Detail = "Invalid captcha token",
+          Extensions = { ["errors"] = captchaResult.ErrorCodes }
         };
         return TypedResults.BadRequest(problemDetails);
       }
@@ -95,7 +95,7 @@ public void Register(IEndpointRouteBuilder endpointRouteBuilder)
   }
 }
 
-public record CharacterReferenceSubmissionRequest(string Token, bool WillProvideReference, ReferenceContactInformation ReferenceContactInformation, CharacterReferenceEvaluation ReferenceEvaluation, bool ConfirmProvidedInformationIsRight, [Required] string RecaptchaToken);
+public record CharacterReferenceSubmissionRequest(string Token, bool WillProvideReference, ReferenceContactInformation ReferenceContactInformation, CharacterReferenceEvaluation ReferenceEvaluation, bool ConfirmProvidedInformationIsRight, [Required] string CaptchaToken);
 public record ReferenceContactInformation([Required] string LastName, [Required] string Email, [Required] string PhoneNumber, string CertificateProvinceOther)
 {
   public string? FirstName { get; set; }
@@ -104,7 +104,7 @@ public record ReferenceContactInformation([Required] string LastName, [Required]
   public DateTime? DateOfBirth { get; set; }
 }
 public record CharacterReferenceEvaluation([Required] ReferenceRelationship ReferenceRelationship, string ReferenceRelationshipOther, [Required] ReferenceKnownTime LengthOfAcquaintance, [Required] bool WorkedWithChildren, string ChildInteractionObservations, string ApplicantTemperamentAssessment);
-public record OptOutReferenceRequest(string Token, [Required] UnabletoProvideReferenceReasons UnabletoProvideReferenceReasons, [Required] string RecaptchaToken);
+public record OptOutReferenceRequest(string Token, [Required] UnabletoProvideReferenceReasons UnabletoProvideReferenceReasons, [Required] string CaptchaToken);
 
 public enum UnabletoProvideReferenceReasons
 {
@@ -185,7 +185,7 @@ public record WorkExperienceReferenceCompetenciesAssessment()
   public LikertScale? FosteringPositiveRelationCoworker { get; set; }
   public string? FosteringPositiveRelationCoworkerReason { get; set; }
 }
-public record WorkExperienceReferenceSubmissionRequest([Required] string Token, bool WillProvideReference, ReferenceContactInformation ReferenceContactInformation, WorkExperienceReferenceDetails WorkExperienceReferenceDetails, [RequiredWhenWorkExperienceType(WorkExperienceTypes.Is500Hours)] WorkExperienceReferenceCompetenciesAssessment? WorkExperienceReferenceCompetenciesAssessment, bool ConfirmProvidedInformationIsRight, [Required] string RecaptchaToken)
+public record WorkExperienceReferenceSubmissionRequest([Required] string Token, bool WillProvideReference, ReferenceContactInformation ReferenceContactInformation, WorkExperienceReferenceDetails WorkExperienceReferenceDetails, [RequiredWhenWorkExperienceType(WorkExperienceTypes.Is500Hours)] WorkExperienceReferenceCompetenciesAssessment? WorkExperienceReferenceCompetenciesAssessment, bool ConfirmProvidedInformationIsRight, [Required] string CaptchaToken)
 {
   [Required]
   public WorkExperienceTypes? WorkExperienceType { get; set; }

diff --git a/src/ECER.Clients.RegistryPortal/ECER.Clients.RegistryPortal.Server/Shared/Contract.cs b/src/ECER.Clients.RegistryPortal/ECER.Clients.RegistryPortal.Server/Shared/Contract.cs
@@ -14,7 +14,7 @@ public record UploaderSettings
   public IEnumerable<string> AllowedFileTypes { get; set; } = Array.Empty<string>();
 }
 
-public record RecaptchaSettings
+public record CaptchaSettings
 {
   public string SiteKey { get; set; } = string.Empty;
 }

diff --git a/src/ECER.Clients.RegistryPortal/ECER.Clients.RegistryPortal.Server/appsettings.json b/src/ECER.Clients.RegistryPortal/ECER.Clients.RegistryPortal.Server/appsettings.json
@@ -65,16 +65,16 @@
     "Schemes": {
       "kc": {
         "Authority": "https://loginproxy.gov.bc.ca/auth/realms/childcare-applications",
-        "ValidAudiences": [ "childcare-ecer" ],
+        "ValidAudiences": ["childcare-ecer"],
         "ValidIssuers": [
           "https://loginproxy.gov.bc.ca/auth/realms/childcare-applications"
         ]
       }
     }
   },
-  "Recaptcha": {
-    "Url": "https://www.google.com/recaptcha/api/siteverify",
-    "Secret": "[recaptcha secret]",
+  "Captcha": {
+    "Url": "https://challenges.cloudflare.com/turnstile/v0/siteverify",
+    "Secret": "[captcha secret]",
     "SiteKey": "[site key]"
   },
   "fileScanner": {

diff --git a/src/ECER.Clients.RegistryPortal/ecer.clients.registryportal.client/src/api/configuration.ts b/src/ECER.Clients.RegistryPortal/ecer.clients.registryportal.client/src/api/configuration.ts
@@ -39,9 +39,9 @@ const getSystemMessages = async (): Promise<Components.Schemas.SystemMessage[] |
   return (await client.systemMessage_get()).data;
 };
 
-const getRecaptchaSiteKey = async (): Promise<string | null | undefined> => {
+const getCaptchaSiteKey = async (): Promise<string | null | undefined> => {
   const client = await getClient(false);
-  return (await client.recaptcha_site_key_get()).data;
+  return (await client.captcha_site_key_get()).data;
 };
 
 const getIdentificationTypes = async (): Promise<Components.Schemas.IdentificationType[] | null | undefined> => {
@@ -55,7 +55,7 @@ export {
   getCertificationComparisonList,
   getProvinceList,
   getCountryList,
-  getRecaptchaSiteKey,
+  getCaptchaSiteKey,
   getSystemMessages,
   getIdentificationTypes,
   getDefaultContent,

diff --git a/src/ECER.Clients.RegistryPortal/ecer.clients.registryportal.client/src/api/reference.ts b/src/ECER.Clients.RegistryPortal/ecer.clients.registryportal.client/src/api/reference.ts
@@ -20,13 +20,13 @@ const getReference = async (token: string): Promise<ApiResponse<Components.Schem
 const optOutReference = async (
   token: string,
   optOutReason: Components.Schemas.UnabletoProvideReferenceReasons,
-  recaptchaToken: string,
+  captchaToken: string,
 ): Promise<ApiResponse<any>> => {
   const client = await getClient();
   const body: Components.Schemas.OptOutReferenceRequest = {
     token: token,
     unabletoProvideReferenceReasons: optOutReason,
-    recaptchaToken: recaptchaToken,
+    captchaToken: captchaToken,
   };
   return apiResultHandler.execute({
     request: client.reference_optout(null, body),

diff --git a/....RegistryPortal/ecer.clients.registryportal.client/src/components/LookupCertification.vue b/....RegistryPortal/ecer.clients.registryportal.client/src/components/LookupCertification.vue
@@ -44,12 +44,13 @@
       </v-row>
       <v-row>
         <v-col>
-          <EceRecaptcha
-            :model-value="recaptchaToken"
+          <EceCaptchaTurnstile
+            ref="captchaTurnstile"
+            :model-value="captchaToken"
             :rules="[Rules.required('Check to confirm you are not a robot')]"
-            recaptchaElementId="recaptchaLookup"
-            @update:model-value="(value: string) => (recaptchaToken = value)"
-          ></EceRecaptcha>
+            captchaElementId="captchaTurnstile"
+            @update:model-value="(value: string) => (captchaToken = value)"
+          ></EceCaptchaTurnstile>
         </v-col>
       </v-row>
       <!-- this is to check if all fields are blank without making one input box red -->
@@ -121,20 +122,21 @@ import { isNumber } from "@/utils/formInput";
 import { postLookupCertificate } from "@/api/certification";
 import { useConfigStore } from "@/store/config";
 import * as Rules from "../utils/formRules";
-import EceRecaptcha from "./inputs/EceRecaptcha.vue";
+import EceCaptchaTurnstile from "./inputs/EceCaptchaTurnstile.vue";
+import type { CaptchaTurnstile } from "@/components/inputs/EceCaptchaTurnstile.vue";
 import type { Components } from "@/types/openapi";
 import Alert from "@/components/Alert.vue";
 
 interface LookupCertificationData {
-  recaptchaToken: string;
+  captchaToken: string;
   headers: ReadonlyHeaders;
 }
 
 type ReadonlyHeaders = VDataTable["$props"]["headers"];
 
 export default defineComponent({
   name: "LookupCertification",
-  components: { EceRecaptcha, EceTextField, Alert },
+  components: { EceCaptchaTurnstile, EceTextField, Alert },
   setup() {
     const alertStore = useAlertStore();
     const lookupCertificationStore = useLookupCertificationStore();
@@ -147,7 +149,7 @@ export default defineComponent({
   },
   data(): LookupCertificationData {
     return {
-      recaptchaToken: "",
+      captchaToken: "",
       headers: [
         { title: "Name", key: "name" },
         { title: "Registration number", key: "registrationNumber" },
@@ -177,14 +179,14 @@ export default defineComponent({
             firstName: this.lookupCertificationStore.firstName,
             lastName: this.lookupCertificationStore.lastName,
             registrationNumber: this.lookupCertificationStore.registrationNumber,
-            recaptchaToken: this.recaptchaToken,
+            captchaToken: this.captchaToken,
           });
 
           this.lookupCertificationStore.setCertificationSearchResults(data);
 
-          //reset grecaptcha after success, token cannot be reused
-          this.recaptchaToken = "";
-          window.grecaptcha.reset();
+          //reset captcha after success, token cannot be reused
+          this.captchaToken = "";
+          (this.$refs.captchaTurnstile as CaptchaTurnstile).reset();
           await this.$nextTick();
           (this.$refs.lookupForm as VForm).resetValidation();
         }