Migrating from SaaS

This guide helps you migrate from the ALTCHA SaaS services to ALTCHA Sentinel, a powerful, self-hosted anti-spam protection system.

Tip

Using ALTCHA SaaS? You’re eligible for a discount!

If you’re an ALTCHA SaaS customer, you can get a one-time discount on a Sentinel license equal to the total amount you’ve already paid for the SaaS service.

To claim your discount code, visit eu.altcha.org/license and click Get Discount.

For more information, see SaaS vs Sentinel.

Key Differences

ALTCHA Sentinel is the self-hosted successor to our SaaS platform. Migrating to Sentinel is recommended for improved compliance, full control over your data, and access to advanced features.

Sentinel offers:

• Unlimited domains, verifications, and requests
• An enhanced Classifier (replacing the legacy SpamFilter)
• Improved data privacy and security through self-hosting

Implementation Differences

ALTCHA Sentinel is mostly compatible with the SaaS version. Migration typically involves updating the URL and HMAC secret.

Frontend:

Both versions use the same ALTCHA Widget. The only required change is the challengeurl, which must point to your Sentinel deployment and include your API key:

<altcha-widget
  challengeurl="https://sentinel.example.com/v1/challenge?apiKey={YOUR_API_KEY}"
></altcha-widget>

Backend (Node.js example):

Both versions use the same verifyServerSignature function. However, you must update the HMAC secret to match the API key used by your Sentinel instance:

import { verifyServerSignature } from "altcha-lib";

const payload = req.body["altcha"];
const apiKeySecret = "sec_...";

const { verified } = await verifyServerSignature(payload, apiKeySecret);

if (!verified) {
  throw new Error("ALTCHA verification failed");
}

Spam Filter Migration

If you’re using the SpamFilter in your backend, migrate to the improved Classifier provided by Sentinel. The request and response formats are largely compatible. See the API documentation for integration details.

Web Analytics

ALTCHA Sentinel does not support web analytics. If you rely on this feature in SaaS, we recommend migrating to an external analytics service.

Migration Steps

1. Deploy ALTCHA Sentinel

   • Set up your Sentinel instance

2. Update Widget Integration

   • Change the challengeurl in <altcha-widget> to your Sentinel endpoint with the correct API key

3. Update Server-Side Verification

   • Replace your SaaS HMAC secret with the one for your Sentinel API key

Why Migrate?

• Unlimited usage
• Access to advanced features
• Stronger protection via Adaptive CAPTCHA
• Use the Classifier API and Similarity API

Troubleshooting

For help with integration issues, see the Troubleshooting guide.

Further Reading

• SaaS vs Sentinel
• ALTCHA Sentinel
• Widget Integration
• Server Integration
• Libraries and Plugins