Why do I need to use the same proxy?

cf_clearance is cryptographically tied to the IP that solved the challenge. Cloudflare checks every request against the issuing IP, so a cookie earned on our pod's IP won't work from your machine unless both route through the same proxy.

Can I reuse one cf_clearance across many requests?

Yes, for ~30 minutes, as long as every request uses the same IP, user-agent, and TLS fingerprint. After that the cookie expires and Cloudflare re-challenges.

What's the difference between this and Turnstile?

Turnstile is a widget that sits in a form and produces a one-time token. Cloudflare Challenge is a full-page block that gates access to the entire site and produces a cookie. Some sites use both — solve Turnstile for the form token, then use Cloudflare Challenge to bypass the initial block.

Will the token work with requests/httpx/fetch?

Not reliably. Cloudflare inspects TLS fingerprints and rejects clients that don't match a real Chrome TLS handshake. Use curl_cffi (ja3 impersonation) or tls-client in Python, or a headless browser.

Cloudflare Challenge Captcha Solver — Proxy API for Scraping & Automation

Before you submit — these must be correct

If any of these are wrong, your token may be accepted by our solver but rejected or scored poorly by the target site. We can’t detect these mismatches for you.

Proxy is REQUIRED. AntiCloudflareTaskProxyLess is permanently disabled — we'll return ERROR_PROXY_REQUIRED if you submit it. The reason is fundamental: cf_clearance is IP-bound, so a cookie produced on our IP is useless from yours. Use AntiCloudflareTask with a static or sticky proxy you control.
Use the same proxy on subsequent requests. Switching IPs (rotating proxies, networks) invalidates the cookie immediately.
Use the userAgent we return. Cloudflare correlates UA + JA3, so a UA mismatch invalidates the cookie. Pin the value we send back into your HTTP client.
Use a Chrome-compatible TLS stack. Requests with Python's default urllib TLS get rejected — use curl_cffi, tls-client, or a real browser session for replay.

What is Cloudflare Challenge?

Cloudflare Challenge is the full-page block that sites show when Cloudflare's bot-management layer decides your IP needs to prove it's a real browser. Titles include 'Just a moment...', 'Checking your browser before accessing', or 'Attention Required!'. Unlike Turnstile (a widget that returns a token), this is a hard block that produces a cf_clearance cookie once cleared. The cookie is valid for 30 minutes and is cryptographically bound to the exact IP that solved the challenge. Any request to the site from a different IP will fail even with the cookie.

How it works

Send Task

POST your AntiCloudflareTask with the target URL and sitekey to our API. We'll queue it instantly.

We Solve

Capzy's proprietary infrastructure handles the Cloudflare Challenge using YOUR provided proxy — there's no proxyless variant because the resulting cookie can't be transferred between IPs. We return the cf_clearance cookie along with the exact user-agent and headers used, so your client can replay them. Intended for authorized QA, accessibility testing, and automation against sites you own or are permitted to test.

Get Token

Poll getTaskResult — when status is 'ready', the solution contains the token to inject into the target page.

Quick integration

solve.py

import requests, time

API = "https://api.capzy.ai"
KEY = "capzy_your_key_here"

# Step 1: Create task
task = requests.post(f"{API}/createTask", json={
    "clientKey": KEY,
    "task": {
        "type": "AntiCloudflareTask",
        "proxyPort": "8080",
        "proxyType": "http",
        "proxyLogin": "user",
        "websiteURL": "https://example.com/",
        "proxyAddress": "123.45.67.89",
        "proxyPassword": "pass"
    }
}).json()

task_id = task["taskId"]
print(f"Task created: {task_id}")

# Step 2: Poll for result
while True:
    result = requests.post(f"{API}/getTaskResult", json={
        "clientKey": KEY,
        "taskId": task_id
    }).json()

    if result["status"] == "ready":
        print("Solved!", result["solution"])
        break
    elif result["status"] == "failed":
        print("Failed:", result.get("errorDescription"))
        break

    time.sleep(1)

# Step 3: Use the result — paste the token into the site's captcha form field
token = result["solution"]["token"]
# Browser side: set the textarea value or the hidden input. Then submit.
# Server-to-server: post the token alongside the form fields you normally send.
resp = requests.post("https://target.example.com/submit", data={
    "username": "...",
    "captcha_response": token,   # <-- replace with the field name your site uses
})
print(resp.status_code)

Task parameters

Proxy fields below are required for this captcha — userAgent must match the one you’ll use when submitting the resulting token.

fieldtyperequireddescription

typetypestringreqyesAntiCloudflareTask (only valid option — proxy required)

websiteURLtypestringreqyesThe URL of the page showing the Cloudflare challenge

userAgenttypestringreqnoChrome User-Agent to pin during the solve. Must contain 'Chrome/' and not 'HeadlessChrome'. If omitted, we use the slot's default and return whatever UA the browser actually sent — match it on your replay.

htmltypestringreqnoOptional: the 403 HTML body containing 'Just a moment...' that you received. Helps us detect Managed vs Under-Attack tier and may improve solve speed on edge cases.

proxyTypetypestringreqyesProxy protocol: http or https

proxyAddresstypestringreqyesProxy IP address or hostname

proxyPorttypenumberreqyesProxy port number

proxyLogintypestringreqnoProxy username (if auth required)

proxyPasswordtypestringreqnoProxy password (if auth required)

userAgenttypestringreqyesUser-Agent string to use. Must match the UA you use when submitting the token

Solution response

fieldtypedescription

tokentypestringAlias of `cf_clearance` for API-shape consistency with other solvers.

cf_clearancetypestringThe Cloudflare clearance cookie value. Set as the `cf_clearance` cookie on your HTTP client before subsequent requests.

cookiestypeobjectAll Cloudflare-set cookies on the target domain as `{name: value}` — set these alongside `cf_clearance` for best compatibility (some sites also check `__cf_bm`).

fullCookiestypearrayEvery cookie present on the page after clearance, including non-CF cookies the site set during the challenge flow. Useful when the site bootstraps a session cookie in the same response.

userAgenttypestringExact User-Agent the solver browser used. Cloudflare correlates UA + JA3 with the clearance cookie — any UA mismatch invalidates the cookie.

ipBoundtypebooleanAlways `true`. The clearance is bound to the IP that solved the challenge.

Example response

Full getTaskResult response shape. The fields in the table above describe what's inside solution — the outer envelope (errorId, status) is identical for every captcha type.

{
  "errorId": 0,
  "status": "ready",
  "solution": {
    "token": "abcdef1234567890.xYz789-Wv-clearance-token-string-here.AbCdEf1234",
    "cookies": {
      "__cf_bm": "session_bot_management_cookie_value",
      "cf_clearance": "abcdef1234567890.xYz789-Wv..."
    },
    "ipBound": true,
    "userAgent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36",
    "fullCookies": [
      {
        "name": "cf_clearance",
        "path": "/",
        "value": "...",
        "domain": ".example.com"
      },
      {
        "name": "__cf_bm",
        "path": "/",
        "value": "...",
        "domain": ".example.com"
      }
    ],
    "cf_clearance": "abcdef1234567890.xYz789-Wv-clearance-token-string-here.AbCdEf1234"
  }
}

Error response

Failures use the same envelope with errorId: 1 plus errorCode + errorDescription. See the error-code reference for the full list.

{
  "errorId": 1,
  "errorCode": "ERROR_CAPTCHA_UNSOLVABLE",
  "errorDescription": "Solver gave up — automatically refunded."
}

Pending response

While the solver is still working, getTaskResult returns status: "processing". Poll every 1–2 seconds until ready or failed.

{
  "errorId": 0,
  "status": "processing"
}

Features

Returns cf_clearance cookie + matching user-agent

Handles hybrid challenge pages with embedded Turnstile

Capzy proprietary infrastructure — high-quality solves

Works on hard-gated sites that use Cloudflare's strictest Challenge variants

Cookie valid for 30 minutes on the solving IP

task types

required: AntiCloudflareTask

Cloudflare Challenge Solver, solved in 5.0s.