CyberSiara Token Solving
Solve CyberSiara CAPTCHA challenges and obtain valid tokens for protected web forms and API endpoints. Our solver handles the CyberSiara master token generation flow and returns a verified response token ready for immediate submission.
CyberSiara is a CAPTCHA and bot protection solution developed for online forms and authentication flows. It presents interactive challenges to users that require solving image-based or behavioral tasks. The CyberSiara widget communicates with a master URL endpoint to retrieve the challenge parameters, and upon successful completion, generates a signed token. This token is submitted alongside the form data to prove human interaction. Our solver completes the full CyberSiara challenge workflow — including loading the widget, solving the presented task, and retrieving the master token — then returns the final verified token for your use.
Captcha Type
Use the following captcha type identifier in your API requests:
"type": "CYBERSIARA_TOKEN"Request Format
Request Parameters
| Parameter | Type | Required | Description |
|---|---|---|---|
auth.token |
string | required | Your API key |
captcha.type |
string | required | Must be "CYBERSIARA_TOKEN" |
captcha.metadata.siteUrl |
string | required | The full URL of the page where the CyberSiara CAPTCHA widget is displayed |
captcha.metadata.siteKey |
string | optional | The CyberSiara API key or site identifier used in the widget initialization on the target page |
captcha.payload.masterUrlUrl |
string | optional | The CyberSiara master URL endpoint that the widget uses to retrieve challenge parameters. Found in the network traffic as the first request made by the CyberSiara widget script. |
captcha.payload.userAgent |
string | optional | Your browser user agent string |
captcha.payload.proxy |
object | optional | Proxy configuration object |
captcha.payload.proxy.protocol |
string | required* | Proxy protocol: "http", "https", "socks4", or "socks5" |
captcha.payload.proxy.host |
string | required* | Proxy IP address or hostname |
captcha.payload.proxy.port |
number | required* | Proxy port number |
captcha.payload.proxy.username |
string | optional | Proxy authentication username |
captcha.payload.proxy.password |
string | optional | Proxy authentication password |
* Required only if the parent object (proxy) is provided
To find the CyberSiara master URL, open your browser developer tools, visit the page with
the CyberSiara widget, and filter the Network tab for requests made when the widget loads.
The first API request made by the CyberSiara script (typically a GET request to a
/GetCaptchaApi/ or similar endpoint) is the master URL. Providing this value
as masterUrlUrl improves solving accuracy and speed.
Example Request
{
"auth": {
"token": "YOUR_API_KEY"
},
"context": {
"source": "api",
"version": "1.0.0"
},
"captcha": {
"type": "CYBERSIARA_TOKEN",
"metadata": {
"siteUrl": "https://example.com/contact",
"siteKey": "9x0Yx5eHxxxxxxxxxxxxxxxxxxx"
},
"payload": {
"masterUrlUrl": "https://api.cybersiara.com/GetCaptchaApi/v1",
"userAgent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36",
"proxy": {
"protocol": "http",
"host": "1.2.3.4",
"port": 8080,
"username": "proxyuser",
"password": "proxypass"
}
}
}
}const response = await fetch('https://solver-api.mydisct.com/createTask', {
method: 'POST',
headers: {
'Content-Type': 'application/json',
'apikey': 'YOUR_API_KEY'
},
body: JSON.stringify({
auth: {
token: 'YOUR_API_KEY'
},
context: {
source: 'api',
version: '1.0.0'
},
captcha: {
type: 'CYBERSIARA_TOKEN',
metadata: {
siteUrl: 'https://example.com/contact',
siteKey: '9x0Yx5eHxxxxxxxxxxxxxxxxxxx'
},
payload: {
masterUrlUrl: 'https://api.cybersiara.com/GetCaptchaApi/v1',
userAgent: 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36',
proxy: {
protocol: 'http',
host: '1.2.3.4',
port: 8080,
username: 'proxyuser',
password: 'proxypass'
}
}
}
})
});
const data = await response.json();
console.log('Task ID:', data.task.id);import requests
response = requests.post(
'https://solver-api.mydisct.com/createTask',
headers={
'Content-Type': 'application/json',
'apikey': 'YOUR_API_KEY'
},
json={
'auth': {'token': 'YOUR_API_KEY'},
'context': {'source': 'api', 'version': '1.0.0'},
'captcha': {
'type': 'CYBERSIARA_TOKEN',
'metadata': {
'siteUrl': 'https://example.com/contact',
'siteKey': '9x0Yx5eHxxxxxxxxxxxxxxxxxxx'
},
'payload': {
'masterUrlUrl': 'https://api.cybersiara.com/GetCaptchaApi/v1',
'userAgent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36',
'proxy': {
'protocol': 'http',
'host': '1.2.3.4',
'port': 8080,
'username': 'proxyuser',
'password': 'proxypass'
}
}
}
}
)
data = response.json()
print('Task ID:', data['task']['id'])curl -X POST https://solver-api.mydisct.com/createTask \
-H "Content-Type: application/json" \
-H "apikey: YOUR_API_KEY" \
-d '{
"auth": {"token": "YOUR_API_KEY"},
"context": {"source": "api", "version": "1.0.0"},
"captcha": {
"type": "CYBERSIARA_TOKEN",
"metadata": {
"siteUrl": "https://example.com/contact",
"siteKey": "9x0Yx5eHxxxxxxxxxxxxxxxxxxx"
},
"payload": {
"masterUrlUrl": "https://api.cybersiara.com/GetCaptchaApi/v1",
"userAgent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36"
}
}
}'Response Format
Create Task Response (Processing)
{
"success": true,
"service": "MyDisct Solver",
"message": "Captcha task created successfully",
"task": {
"id": "MyDisctSolver_abc123",
"status": "processing"
}
}Fetch Result Response (Completed)
{
"success": true,
"service": "MyDisct Solver",
"message": "CyberSiara captcha solved successfully",
"task": {
"id": "MyDisctSolver_abc123",
"status": "completed",
"result": {
"token": "CAACAgIAAxkBAAIBx2R1Z3F...",
"timestamp": "2025-10-10T12:00:00.000Z"
}
}
}
The CyberSiara token is submitted as a hidden form field alongside the rest of the form data.
The field name varies by site — common names include cybersiara-response,
captcha_token, or csrfToken. Inspect the form submission of the
target page to find the exact field name the site uses for the CyberSiara token.
Implementation Guide
Complete JavaScript Implementation
async function solveCyberSiaraToken(siteUrl, siteKey, options = {}) {
const payload = {
userAgent: options.userAgent || 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36'
};
if (options.masterUrlUrl) payload.masterUrlUrl = options.masterUrlUrl;
if (options.proxy) payload.proxy = options.proxy;
const createResponse = await fetch('https://solver-api.mydisct.com/createTask', {
method: 'POST',
headers: {
'Content-Type': 'application/json',
'apikey': 'YOUR_API_KEY'
},
body: JSON.stringify({
auth: { token: 'YOUR_API_KEY' },
context: { source: 'api', version: '1.0.0' },
captcha: {
type: 'CYBERSIARA_TOKEN',
metadata: { siteUrl, siteKey },
payload
}
})
});
const createData = await createResponse.json();
if (!createData.success) throw new Error(createData.error.message);
const taskId = createData.task.id;
while (true) {
await new Promise(resolve => setTimeout(resolve, 5000));
const resultResponse = await fetch('https://solver-api.mydisct.com/fetchResult', {
method: 'POST',
headers: {
'Content-Type': 'application/json',
'apikey': 'YOUR_API_KEY'
},
body: JSON.stringify({ taskId })
});
const resultData = await resultResponse.json();
if (resultData.task.status === 'completed') {
return resultData.task.result.token;
} else if (resultData.task.status === 'failed') {
throw new Error('CyberSiara captcha solving failed');
}
}
}
const token = await solveCyberSiaraToken(
'https://example.com/contact',
'9x0Yx5eHxxxxxxxxxxxxxxxxxxx',
{
masterUrlUrl: 'https://api.cybersiara.com/GetCaptchaApi/v1'
}
);
const submitResponse = await fetch('https://example.com/api/contact', {
method: 'POST',
headers: {
'Content-Type': 'application/json'
},
body: JSON.stringify({
name: 'John Doe',
email: '[email protected]',
message: 'Hello from the form',
'cybersiara-response': token
})
});
const result = await submitResponse.json();
console.log('Form submission result:', result);Python Implementation
import requests
import time
def solve_cybersiara_token(site_url, site_key, api_key, master_url=None,
user_agent=None, proxy_config=None):
payload_data = {
'userAgent': user_agent or 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36'
}
if master_url:
payload_data['masterUrlUrl'] = master_url
if proxy_config:
payload_data['proxy'] = proxy_config
create_response = requests.post(
'https://solver-api.mydisct.com/createTask',
headers={
'Content-Type': 'application/json',
'apikey': api_key
},
json={
'auth': {'token': api_key},
'context': {'source': 'api', 'version': '1.0.0'},
'captcha': {
'type': 'CYBERSIARA_TOKEN',
'metadata': {
'siteUrl': site_url,
'siteKey': site_key
},
'payload': payload_data
}
}
)
create_data = create_response.json()
if not create_data['success']:
raise Exception(create_data['error']['message'])
task_id = create_data['task']['id']
print(f'Task created: {task_id}')
while True:
time.sleep(5)
result_response = requests.post(
'https://solver-api.mydisct.com/fetchResult',
headers={
'Content-Type': 'application/json',
'apikey': api_key
},
json={'taskId': task_id}
)
result_data = result_response.json()
if result_data['task']['status'] == 'completed':
return result_data['task']['result']['token']
elif result_data['task']['status'] == 'failed':
raise Exception('CyberSiara captcha solving failed')
print('Waiting for solution...')
token = solve_cybersiara_token(
site_url='https://example.com/contact',
site_key='9x0Yx5eHxxxxxxxxxxxxxxxxxxx',
api_key='YOUR_API_KEY',
master_url='https://api.cybersiara.com/GetCaptchaApi/v1'
)
print(f'Token: {token[:50]}...')
submit_response = requests.post(
'https://example.com/api/contact',
headers={'Content-Type': 'application/json'},
json={
'name': 'John Doe',
'email': '[email protected]',
'message': 'Hello from the form',
'cybersiara-response': token
}
)
print(f'Form submission status: {submit_response.status_code}')Best Practices
- Provide the Master URL: Extract and supply the
masterUrlUrlfrom the page's network requests — this ensures the solver uses the exact same challenge endpoint as the site - Inspect Form Submission: Before implementing, inspect the form submission of the target page to find the exact field name the site uses for the CyberSiara token response
- Token Expiry: CyberSiara tokens are time-limited — submit the form immediately after receiving the token, typically within 2 to 5 minutes
- Single Use: CyberSiara tokens are single-use — generate a fresh token for each form submission
- Polling Interval: Use 5-second polling intervals — CyberSiara challenges typically complete in 10 to 25 seconds
Common Issues
Solution: Confirm that you are using the correct field name for the token in your form submission. Inspect a legitimate form submission to find the exact parameter name. Also verify that the site key you provided matches the one used by the page.
Solution: Provide the masterUrlUrl parameter by extracting it
from the network requests made by the CyberSiara widget on the target page. Without it,
the solver must discover the endpoint independently, which can reduce reliability.
Solution: Some CyberSiara integrations also validate the referrer header or require the token to be submitted within a specific time window. Ensure your form submission includes appropriate headers and that the token is being used promptly.