Cloudflare Challenge Token Solving
Bypass Cloudflare challenge pages and obtain clearance tokens for protected websites. Handles "I'm Under Attack Mode" and browser verification challenges with 99.4% success rate.
Cloudflare Challenge pages appear when websites enable "I'm Under Attack Mode" or similar protection features. These challenges require solving JavaScript puzzles or answering verification questions to prove you're human. Our API automatically handles these challenges and returns clearance tokens along with necessary cookies for subsequent requests.
Captcha Type
Use the following captcha type identifier in your API requests:
"type": "CLOUDFLARE_CHALLENGE_TOKEN"A valid proxy configuration is REQUIRED for Cloudflare Challenge solving. The challenge must be solved from the proxy's IP address to ensure proper verification.
Request Format
POST /createTask
Request Parameters
| Parameter | Type | Required | Description |
|---|---|---|---|
auth.token |
string | required | Your API key |
captcha.type |
string | required | Must be "CLOUDFLARE_CHALLENGE_TOKEN" |
captcha.metadata.siteUrl |
string | required | The URL of the Cloudflare-protected page |
captcha.payload.userAgent |
string | optional | User agent string to use for the request (recommended) |
captcha.payload.proxy |
object | required | Proxy configuration object (MANDATORY for Cloudflare challenges) |
captcha.payload.proxy.protocol |
string | required | Proxy protocol: "http", "https", "socks4", "socks5" |
captcha.payload.proxy.host |
string | required | Proxy IP address |
captcha.payload.proxy.port |
number | required | Proxy port number |
captcha.payload.proxy.username |
string | optional | Proxy authentication username |
captcha.payload.proxy.password |
string | optional | Proxy authentication password |
captcha.metadata.domain |
string | optional | Domain for the challenge (optional) |
Example Request
const response = await fetch('https://solver-api.mydisct.com/createTask', {
method: 'POST',
headers: {
'Content-Type': 'application/json',
'apikey': 'YOUR_API_KEY'
},
body: JSON.stringify({
auth: {
token: 'YOUR_API_KEY'
},
context: {
source: 'api',
version: '1.0.0'
},
captcha: {
type: 'CLOUDFLARE_CHALLENGE_TOKEN',
metadata: {
siteUrl: 'https://protected-site.com/page'
},
payload: {
userAgent: 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36',
proxy: {
protocol: 'http',
host: '1.2.3.4',
port: 8080,
username: 'proxyuser',
password: 'proxypass'
}
}
}
})
});
const data = await response.json();
console.log('Task ID:', data.task.id);Response Format
Create Task Response
{
"success": true,
"service": "MyDisct Solver",
"message": "Task created successfully",
"task": {
"id": "MyDisctSolver_cf_challenge_123def456",
"status": "processing",
"timestamp": "2025-11-05T12:00:00.000Z"
}
}Fetch Result Response (Processing)
{
"success": true,
"service": "MyDisct Solver",
"message": "Captcha is being processed",
"task": {
"id": "MyDisctSolver_cf_challenge_123def456",
"status": "processing"
}
}Fetch Result Response (Completed)
{
"success": true,
"service": "MyDisct Solver",
"message": "Cloudflare challenge solved successfully",
"task": {
"id": "MyDisctSolver_cf_challenge_123def456",
"status": "completed",
"result": {
"token": "__cf_bm=abc123...; __cfduid=def456...",
"cookies": {
"__cf_bm": "abc123...",
"__cfduid": "def456...",
"cf_clearance": "xyz789..."
},
"userAgent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36",
"timestamp": "2025-11-05T12:00:25.000Z"
}
}
}
The token field contains the clearance token as a cookie string that should be included
in subsequent requests. The cookies object provides individual cookie values for easier
integration. Always use the provided userAgent with the cookies for maximum compatibility.
Implementation Guide
Step 1: Detect Cloudflare Challenge
// Check if page shows Cloudflare challenge
function isCloudflareChallenge(html) {
return html.includes('Checking your browser') ||
html.includes('cf-browser-verification') ||
html.includes('cf-challenge-running') ||
html.includes('__cf_chl_jschl_tk__') ||
html.includes('cf-ray');
}
async function checkForChallenge(url) {
const response = await fetch(url);
const html = await response.text();
if (isCloudflareChallenge(html)) {
console.log('Cloudflare challenge detected, solving...');
return true;
}
return false;
}Step 2: Solve Cloudflare Challenge Token
async function solveCloudflareChallenge(siteUrl) {
const createResponse = await fetch('https://solver-api.mydisct.com/createTask', {
method: 'POST',
headers: {
'Content-Type': 'application/json',
'apikey': 'YOUR_API_KEY'
},
body: JSON.stringify({
auth: { token: 'YOUR_API_KEY' },
context: { source: 'api', version: '1.0.0' },
captcha: {
type: 'CLOUDFLARE_CHALLENGE_TOKEN',
metadata: { siteUrl },
payload: {
userAgent: navigator.userAgent
}
}
})
});
const createData = await createResponse.json();
if (!createData.success) throw new Error(createData.error.message);
const taskId = createData.task.id;
while (true) {
await new Promise(resolve => setTimeout(resolve, 5000)); // Wait 5 seconds
const resultResponse = await fetch('https://solver-api.mydisct.com/fetchResult', {
method: 'POST',
headers: {
'Content-Type': 'application/json',
'apikey': 'YOUR_API_KEY'
},
body: JSON.stringify({ taskId })
});
const resultData = await resultResponse.json();
if (resultData.task.status === 'completed') {
return resultData.task.result;
} else if (resultData.task.status === 'failed') {
throw new Error('Cloudflare challenge solving failed');
}
}
}
const result = await solveCloudflareChallenge('https://protected-site.com');
console.log('Clearance cookies:', result.cookies);
console.log('User agent:', result.userAgent);Step 3: Make Requests with Clearance
// Function to make requests with Cloudflare clearance
async function makeRequestWithClearance(url, clearanceData) {
const cookieString = Object.entries(clearanceData.cookies)
.map(([name, value]) => `${name}=${value}`)
.join('; ');
const response = await fetch(url, {
headers: {
'User-Agent': clearanceData.userAgent,
'Cookie': cookieString,
'Accept': 'text/html,application/xhtml+xml,application/xml;q=0.9,**;q=0.8',
'Accept-Language': 'en-US,en;q=0.5',
'Accept-Encoding': 'gzip, deflate',
'Connection': 'keep-alive',
})
response = session.get('https://protected-site.com/protected-page')
print(f'Protected page status: {response.status_code}')Best Practices
- Challenge Detection: Always check if a Cloudflare challenge is present before solving
- User Agent Consistency: Use the same user agent for initial challenge and subsequent requests
- Cookie Management: Include all returned cookies in subsequent requests
- Polling Intervals: Use 5-second intervals for Cloudflare challenges (they take 15-45 seconds)
- Session Persistence: Maintain cookies across multiple requests to the same domain
- Retry Logic: Implement retry logic for failed challenge solutions
- Rate Limiting: Avoid making too many requests to challenge-protected sites
Common Issues
Solution: Ensure you're using the exact user agent returned with the cookies. Cloudflare validates the user agent against the clearance cookies.
Solution: Cloudflare challenges can take 15-45 seconds depending on complexity. Increase your timeout settings and use appropriate polling intervals.
Solution: Some sites have very aggressive protection. Try using different user agents or proxies. Also ensure you're not making too many requests in a short time period.