hCaptcha Enterprise Token Solving
Solve hCaptcha Enterprise token challenges programmatically with premium accuracy. hCaptcha Enterprise uses advanced security features with 99.8% success rate.
What is hCaptcha Enterprise Token?
hCaptcha Enterprise is the premium version designed for high-security applications. It includes enhanced bot detection, enterprise-grade analytics, and advanced challenge types. Token-based solving bypasses visual challenges entirely, returning a verification token for form submission.
Captcha Type
Use the following captcha type identifier in your API requests:
"type": "HCAPTCHA_ENTERPRISE_TOKEN"Request Format
POST
/createTask
Request Parameters
| Parameter | Type | Required | Description |
|---|---|---|---|
auth.token |
string | required | Your API key |
captcha.type |
string | required | Must be "HCAPTCHA_ENTERPRISE_TOKEN" |
captcha.metadata.siteUrl |
string | required | The URL where the captcha appears |
captcha.metadata.siteKey |
string | required | hCaptcha Enterprise site key (data-sitekey attribute) |
captcha.payload.rqdata |
string | optional | Custom rqdata parameter (for Discord, etc.) |
captcha.payload.cookies |
array | optional | Array of cookie objects (see Cookie Object Structure below) |
captcha.payload.cookies[].name |
string | required* | Cookie name |
captcha.payload.cookies[].value |
string | required* | Cookie value |
captcha.payload.cookies[].domain |
string | required* | Cookie domain (e.g., ".discord.com") |
captcha.payload.cookies[].path |
string | optional | Cookie path (defaults to "/") |
captcha.payload.userAgent |
string | optional | User agent string (recommended with rqdata) |
captcha.payload.proxy |
object | optional | Proxy configuration (optional but recommended) |
captcha.payload.proxy.protocol |
string | required* | Proxy protocol: "http", "https", "socks4", or "socks5" |
captcha.payload.proxy.host |
string | required* | Proxy IP address or hostname |
captcha.payload.proxy.port |
number | required* | Proxy port number |
captcha.payload.proxy.username |
string | optional | Proxy authentication username |
captcha.payload.proxy.password |
string | optional | Proxy authentication password |
* Required only if parent object (proxy/cookies) is provided
Cookie Object Structure
About Cookies
Cookies are used to maintain session state and pass important authentication data. For platforms like Discord,
cookies such as __dcfduid, __sdcfduid, and __cf_bm are essential for
successful Enterprise hCaptcha solving. Extract cookies from your browser's DevTools (Application → Cookies).
Example Request
JavaScript
const response = await fetch('https://solver-api.mydisct.com/createTask', {
method: 'POST',
headers: {
'Content-Type': 'application/json',
'apikey': 'YOUR_API_KEY'
},
body: JSON.stringify({
auth: {
token: 'YOUR_API_KEY'
},
context: {
source: 'api',
version: '1.0.0'
},
captcha: {
type: 'HCAPTCHA_ENTERPRISE_TOKEN',
metadata: {
siteUrl: 'https://discord.com/register',
siteKey: 'f5561ba9-8f1e-40ca-9b5b-a0b3f719ef34'
},
payload: {
rqdata: 'custom_rqdata_value',
userAgent: 'Mozilla/5.0...',
cookies: [
{
name: '__cf_bm',
value: '8x...s',
domain: '.discord.com'
},
{
name: '__dcfduid',
value: '7a...f',
domain: '.discord.com',
path: '/'
},
{
name: '__sdcfduid',
value: '9b...e',
domain: '.discord.com',
path: '/'
}
],
proxy: {
protocol: 'http',
host: '1.2.3.4',
port: 8080,
username: 'proxyuser',
password: 'proxypass'
}
}
}
})
});
const data = await response.json();
console.log('Task ID:', data.task.id);Response Format
Create Task Response (Processing)
{
"success": true,
"service": "MyDisct Solver",
"message": "Task created successfully",
"task": {
"id": "MyDisctSolver_abc123",
"status": "processing",
"timestamp": "2025-11-05T12:00:00.000Z"
}
}Fetch Result Response (Processing)
{
"success": true,
"service": "MyDisct Solver",
"task": {
"id": "MyDisctSolver_abc123",
"status": "processing",
"timestamp": "2025-11-05T12:00:00.000Z"
}
}Fetch Result Response (Completed)
{
"success": true,
"service": "MyDisct Solver",
"message": "Captcha solved successfully",
"task": {
"id": "MyDisctSolver_abc123",
"status": "completed",
"result": {
"token": "P1_eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9...",
"timestamp": "2025-11-05T12:00:15.000Z"
}
}
}
Understanding the Response
The token field contains the hCaptcha Enterprise response token. This token should be
submitted in the h-captcha-response field of your form or API request. Enterprise tokens
are compatible with standard hCaptcha verification endpoints.
Implementation Guide
Step 1: Extract hCaptcha Enterprise Site Key
// Method 1: From iframe
function getHCaptchaEnterpriseSiteKey() {
const iframe = document.querySelector('iframe[src*="hcaptcha.com"]');
if (iframe) {
const src = iframe.src;
const match = src.match(/sitekey=([^&]+)/);
return match ? match[1] : null;
}
const hcaptchaDiv = document.querySelector('[data-sitekey]');
if (hcaptchaDiv) {
return hcaptchaDiv.getAttribute('data-sitekey');
}
const scripts = document.querySelectorAll('script');
for (const script of scripts) {
const match = script.textContent.match(/sitekey['"s:]+([a-f0-9-]+)/i);
if (match) {
return match[1];
}
}
return null;
}
const siteKey = getHCaptchaEnterpriseSiteKey();
console.log('Enterprise Site Key:', siteKey);Step 2: Extract rqdata (Required for Enterprise)
// Extract rqdata from page or API
function getRqdata() {
const rqdataInput = document.querySelector('input[name="rqdata"]');
if (rqdataInput) {
return rqdataInput.value;
}
const scripts = document.querySelectorAll('script');
for (const script of scripts) {
const match = script.textContent.match(/rqdata['"s:]+([^'"s]+)/);
if (match) {
return match[1];
}
}
return null;
}
const rqdata = getRqdata();
console.log('rqdata:', rqdata);Step 3: Extract Cookies (Recommended for Enterprise)
// Extract cookies from browser
function getRelevantCookies(domain) {
const cookies = document.cookie.split(';').map(c => {
const [name, value] = c.trim().split('=');
return { name, value, domain };
});
async function getCookiesFromExtension(domain) {
return new Promise((resolve) => {
chrome.cookies.getAll({ domain }, (cookies) => {
resolve(cookies.map(c => ({
name: c.name,
value: c.value,
domain: c.domain,
path: c.path || '/'
})));
});
});
}
return cookies;
}
const cookies = await getCookiesFromExtension('.discord.com');
console.log('Cookies:', cookies);
const importantCookies = cookies.filter(c =>
['__dcfduid', '__sdcfduid', '__cf_bm', 'locale'].includes(c.name)
);
Step 4: Solve hCaptcha Enterprise Token with Cookies
async function solveHCaptchaEnterpriseWithCookies(siteUrl, siteKey, rqdata, cookies) {
const createResponse = await fetch('https://solver-api.mydisct.com/createTask', {
method: 'POST',
headers: {
'Content-Type': 'application/json',
'apikey': 'YOUR_API_KEY'
},
body: JSON.stringify({
auth: { token: 'YOUR_API_KEY' },
context: { source: 'api', version: '1.0.0' },
captcha: {
type: 'HCAPTCHA_ENTERPRISE_TOKEN',
metadata: { siteUrl, siteKey },
payload: {
rqdata: rqdata,
userAgent: navigator.userAgent,
cookies: cookies // Include extracted cookies
}
}
})
});
const createData = await createResponse.json();
if (!createData.success) throw new Error(createData.error.message);
const taskId = createData.task.id;
while (true) {
await new Promise(resolve => setTimeout(resolve, 5000));
const resultResponse = await fetch('https://solver-api.mydisct.com/fetchResult', {
method: 'POST',
headers: {
'Content-Type': 'application/json',
'apikey': 'YOUR_API_KEY'
},
body: JSON.stringify({ taskId })
});
const resultData = await resultResponse.json();
if (resultData.task.status === 'completed') {
return resultData.task.result.token;
} else if (resultData.task.status === 'failed') {
throw new Error('Enterprise token solving failed');
}
}
}
const cookies = [
{ name: '__dcfduid', value: '7a...f', domain: '.discord.com', path: '/' },
{ name: '__sdcfduid', value: '9b...e', domain: '.discord.com', path: '/' },
{ name: '__cf_bm', value: '8x...s', domain: '.discord.com', path: '/' }
];
const token = await solveHCaptchaEnterpriseWithCookies(
'https://discord.com/register',
'f5561ba9-8f1e-40ca-9b5b-a0b3f719ef34',
'custom_rqdata_value',
cookies
);
console.log('hCaptcha Enterprise Token:', token);Step 5: Submit Token with Form
// Method 1: Submit with form data
async function submitFormWithEnterpriseToken(token) {
const formData = new FormData();
formData.append('username', 'myusername');
formData.append('password', 'mypassword');
formData.append('h-captcha-response', token);
const response = await fetch('https://example.com/register', {
method: 'POST',
body: formData
});
return await response.json();
}
function injectEnterpriseTokenIntoForm(token) {
let responseField = document.querySelector('[name="h-captcha-response"]');
if (!responseField) {
responseField = document.createElement('textarea');
responseField.name = 'h-captcha-response';
responseField.style.display = 'none';
document.querySelector('form').appendChild(responseField);
}
responseField.value = token;
document.querySelector('form').submit();
}
await submitFormWithEnterpriseToken(token);Python Example
Basic Example
Python
import requests
import time
def solve_hcaptcha_enterprise_token(site_url, site_key, rqdata, api_key):
"""Solve hCaptcha Enterprise token challenge"""
# Step 1: Create task
create_response = requests.post(
'https://solver-api.mydisct.com/createTask',
headers={
'Content-Type': 'application/json',
'apikey': api_key
},
json={
'auth': {'token': api_key},
'context': {'source': 'api', 'version': '1.0.0'},
'captcha': {
'type': 'HCAPTCHA_ENTERPRISE_TOKEN',
'metadata': {
'siteUrl': site_url,
'siteKey': site_key
},
'payload': {
'rqdata': rqdata, # Required for Enterprise
'userAgent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36'
}
}
}
)
create_data = create_response.json()
if not create_data['success']:
raise Exception(create_data['error']['message'])
task_id = create_data['task']['id']
print(f'Task created: {task_id}')
# Step 2: Poll for result (Enterprise takes longer)
while True:
time.sleep(5) # Wait 5 seconds
result_response = requests.post(
'https://solver-api.mydisct.com/fetchResult',
headers={
'Content-Type': 'application/json',
'apikey': api_key
},
json={'taskId': task_id}
)
result_data = result_response.json()
if result_data['task']['status'] == 'completed':
return result_data['task']['result']['token']
elif result_data['task']['status'] == 'failed':
raise Exception('Enterprise token solving failed')
print('Waiting for solution...')
# Example usage
token = solve_hcaptcha_enterprise_token(
site_url='https://discord.com/register',
site_key='f5561ba9-8f1e-40ca-9b5b-a0b3f719ef34',
rqdata='custom_rqdata_value',
api_key='YOUR_API_KEY'
)
print(f'hCaptcha Enterprise Token: {token}')
# Submit with form
response = requests.post(
'https://discord.com/api/v9/auth/register',
data={
'email': '[email protected]',
'username': 'newuser',
'password': 'securepassword',
'captcha_key': token
}
)
print(f'Registration response: {response.status_code}')Example with Cookies
Python
import requests
import time
def solve_hcaptcha_enterprise_with_cookies(site_url, site_key, rqdata, cookies, api_key):
"""Solve hCaptcha Enterprise with cookies for better success rate"""
# Step 1: Create task with cookies
create_response = requests.post(
'https://solver-api.mydisct.com/createTask',
headers={
'Content-Type': 'application/json',
'apikey': api_key
},
json={
'auth': {'token': api_key},
'context': {'source': 'api', 'version': '1.0.0'},
'captcha': {
'type': 'HCAPTCHA_ENTERPRISE_TOKEN',
'metadata': {
'siteUrl': site_url,
'siteKey': site_key
},
'payload': {
'rqdata': rqdata,
'userAgent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36',
'cookies': cookies # Include cookies for better success rate
}
}
}
)
create_data = create_response.json()
if not create_data['success']:
raise Exception(create_data['error']['message'])
task_id = create_data['task']['id']
print(f'Task created with cookies: {task_id}')
# Step 2: Poll for result
while True:
time.sleep(5)
result_response = requests.post(
'https://solver-api.mydisct.com/fetchResult',
headers={
'Content-Type': 'application/json',
'apikey': api_key
},
json={'taskId': task_id}
)
result_data = result_response.json()
if result_data['task']['status'] == 'completed':
return result_data['task']['result']['token']
elif result_data['task']['status'] == 'failed':
raise Exception('Enterprise token solving failed')
print('Waiting for solution...')
# Example: Extract cookies from browser session
cookies = [
{
'name': '__dcfduid',
'value': '7a2b...3f4e',
'domain': '.discord.com',
'path': '/'
},
{
'name': '__sdcfduid',
'value': '9b1c...5e6f',
'domain': '.discord.com',
'path': '/'
},
{
'name': '__cf_bm',
'value': '8x3y...7z9a',
'domain': '.discord.com',
'path': '/'
},
{
'name': 'locale',
'value': 'en-US',
'domain': '.discord.com',
'path': '/'
}
]
# Solve with cookies
token = solve_hcaptcha_enterprise_with_cookies(
site_url='https://discord.com/register',
site_key='f5561ba9-8f1e-40ca-9b5b-a0b3f719ef34',
rqdata='custom_rqdata_value',
cookies=cookies,
api_key='YOUR_API_KEY'
)
print(f'hCaptcha Enterprise Token: {token}')
# Submit with the token
response = requests.post(
'https://discord.com/api/v9/auth/register',
headers={
'Content-Type': 'application/json',
'User-Agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36'
},
json={
'email': '[email protected]',
'username': 'newuser',
'password': 'securepassword',
'captcha_key': token
}
)
print(f'Registration response: {response.status_code}')
print(f'Response body: {response.json()}')Best Practices
Recommendations
- rqdata Parameter: Always include the rqdata parameter for Enterprise hCaptcha - it's required for most implementations
- User Agent: Use a realistic user agent string that matches the target platform for better success rates
- Polling Intervals: Enterprise tokens take longer (8-15 seconds), use 5-second polling intervals instead of shorter ones
- Site URL Matching: Ensure the site URL exactly matches where the captcha appears (including protocol and path)
- Token Expiration: Enterprise tokens expire after 2 minutes, use them immediately after receiving
- Error Handling: Implement retry logic for failed Enterprise token requests with exponential backoff
- Cookies: Include relevant cookies (like __dcfduid, __sdcfduid, __cf_bm) for platforms like Discord to improve success rate
- Proxy Usage: Consider using proxies for sensitive platforms to avoid IP-based detection
Common Issues
Issue: Enterprise token rejected
Solution: Ensure you're using the correct rqdata parameter. For platforms like Discord, the rqdata is generated server-side and must be extracted from the page or API response.
Issue: Token takes too long to generate
Solution: Enterprise hCaptcha uses more sophisticated challenges. Expect 8-15 second solve times. Increase your polling timeout accordingly.
Issue: Wrong site key for Enterprise
Solution: Enterprise site keys are different from regular hCaptcha keys. Make sure you're extracting the correct site key from the Enterprise implementation.