MuseMVP
MuseMVP Docs

Turnstile Verification

Integrate Cloudflare Turnstile on auth UI and backend verification pipeline.

MuseMVP uses Cloudflare Turnstile to protect sensitive auth endpoints from bots and abuse. Turnstile is a privacy-friendly CAPTCHA alternative that verifies human users without requiring cumbersome challenges.

Setup Steps

Create a Site

Go to Cloudflare Turnstile and create a site. Cloudflare Turnstile Cloudflare Turnstile

Copy the Site Key and Secret Key. Cloudflare Turnstile

Add NEXT_PUBLIC_TURNSTILE_SITE_KEY and CAPTCHA_SECRET_KEY to .env.

NEXT_PUBLIC_TURNSTILE_SITE_KEY="..."
CAPTCHA_SECRET_KEY="..."

Common Issues

Debug Tip

Verify environment variables, callback URLs, and keys first, then inspect business logic.

IssueSolution
Widget not renderingCheck NEXT_PUBLIC_TURNSTILE_SITE_KEY is set
Verification failsEnsure CAPTCHA_SECRET_KEY matches the secret from Cloudflare
Mixed keysTest and production keys cannot be mixed across environments

Optional: Disable Captcha

To disable Turnstile, simply do not set CAPTCHA_SECRET_KEY. The captcha plugin will not load, and the Forgot Password form will hide the captcha UI when captchaConfigured is false.

Google OAuth

Configure Google OAuth login for MuseMVP.

API Visualization

An admin-oriented API discovery solution based on OpenAPI aggregation and Scalar UI.

On this page

Setup Steps
Create a Site
Common Issues
Optional: Disable Captcha

Get $30 off with code
XHS30OFF

Get MuseMVP