A short identifier for your target (e.g. the brand/site name). We map it to the right configuration for that site. If your site isn't supported yet, contact support to add it.

What is `s` (platformInputs)?

It's the platformInputs string your live Kasada session is currently using. It looks like "tp-v2-input" followed by a short rotating suffix — for example tp-v2-input0UvPrgYUBiFkJK6o — and it changes frequently, so read the current value from your session and send it with each request.

Where do ct / st / fc come from?

ct and st are the x-kpsdk-ct and x-kpsdk-st values from your session's /tl response headers; fc is x-kpsdk-fc from the /mfc response (on sites that use it). Mint the session once with the browser-based Kasada task, then reuse ct/st across the ~30-min window.

How fast must I use the CD?

It's single-use and valid ~5 seconds from when it's generated. Request it immediately before sending your protected request.

Kasada CD Generator (x-kpsdk-cd) — Browserless Proof-of-Work API

Before you submit — these must be correct

If any of these are wrong, your token may be accepted by our solver but rejected or scored poorly by the target site. We can’t detect these mismatches for you.

The CD is single-use and short-lived (~5 seconds from its workTime). Generate it right before the request you need it for and send it immediately.
Pass `site` (the target identifier) — we resolve the per-site challenge configuration. If your site isn't supported yet, contact support to add it.
Pass `s` (platformInputs) — the per-request value from your live Kasada session. It rotates frequently, so read it fresh from the session you're replaying against.
Reuse the same ct/st/User-Agent across the session that minted them — the cd binds to that session.

What is Kasada CD — Browserless PoW Generator?

Kasada protects requests with two tokens: x-kpsdk-ct (the session token, reusable ~30 min) and x-kpsdk-cd — a single-use proof-of-work token that must be regenerated for every request and is consumed within ~5 seconds. Normally the Kasada SDK generates the cd inside a real browser. This task generates a valid one for you without a browser: send your current session values and get a fresh, single-use cd back in microseconds — ready to drop straight into the x-kpsdk-cd header.

How it works

Send Task

POST your KasadaCaptchaCDTask with the target URL and sitekey to our API. We'll queue it instantly.

We Solve

Send your live session values and we return a fresh, valid x-kpsdk-cd — single-use, and accepted exactly like a browser-generated token. It comes back in microseconds with no browser, no proxy and no pool, ready to set as your x-kpsdk-cd header. You keep full control of the session; we just hand back the token for each request.

Get Token

Poll getTaskResult — when status is 'ready', the solution contains the token to inject into the target page.

Quick integration

solve.py

import requests, time

API = "https://api.capzy.ai"
KEY = "capzy_your_key_here"

# Step 1: Create task
task = requests.post(f"{API}/createTask", json={
    "clientKey": KEY,
    "task": {
        "type": "KasadaCaptchaCDTask",
        "s": "tp-v2-input0UvPrgYUBiFkJK6o",
        "ct": "02TJZTdxVJoPnlY9kWC5y4RBf5P7ONoiInuT7vPmwrspHnq5LOdhUC84fgoYsJFx84AF…",
        "fc": "eyJmZWF0dXJlRmxhZ3MiOnt9LCJkeW5hbWljQ29uZmlnIjp7ImZyb250ZW5kIjp7…",
        "st": "1782377444921",
        "site": "your-site",
        "type": "KasadaCaptchaCDTask"
    }
}).json()

task_id = task["taskId"]
print(f"Task created: {task_id}")

# Step 2: Poll for result
while True:
    result = requests.post(f"{API}/getTaskResult", json={
        "clientKey": KEY,
        "taskId": task_id
    }).json()

    if result["status"] == "ready":
        print("Solved!", result["solution"])
        break
    elif result["status"] == "failed":
        print("Failed:", result.get("errorDescription"))
        break

    time.sleep(1)

# Step 3: Use the result — Kasada uses custom headers, not a Cookie:
sol = result["solution"]
headers = {
    "x-kpsdk-ct": sol["x-kpsdk-ct"],
    "x-kpsdk-cd": sol["x-kpsdk-cd"],   # single-use per request
    "User-Agent": sol.get("userAgent", ""),
}
cookies = sol.get("cookies", {})
resp = requests.get("https://target.example.com/", headers=headers, cookies=cookies)
print(resp.status_code)

Task parameters

fieldtyperequireddescription

typetypestringreqyesKasadaCaptchaCDTask

sitetypestringreqyesYour target site identifier — we map it to the right configuration. Example: "your-site". Contact support to add a new site.

stypestringreqyesplatformInputs — the value your live Kasada session is currently using. It starts with "tp-v2-input" and ends in a short rotating suffix (e.g. tp-v2-input0UvPrgYUBiFkJK6o) and changes frequently, so read the current value from your session per request. Alias: platformInputs.

cttypestringreqyesx-kpsdk-ct from your /tl response header — the session token, a long opaque string (e.g. 02TJZTdxVJoPnlY9kWC5y4RBf5P7ONoi…). Echoed back for replay.

sttypestringreqyesx-kpsdk-st from your /tl response header — a millisecond timestamp (e.g. 1782377444921).

fctypestringreqnox-kpsdk-fc from your /mfc response header — a base64 config string (e.g. eyJmZWF0dXJlRmxhZ3MiOnt9LCJk…). Optional; omit to use the site default.

Solution response

fieldtypedescription

x-kpsdk-cdtypestringFresh single-use proof-of-work (JSON: workTime/id/answers/duration/d/st/rst) — send as the x-kpsdk-cd header.

cdtypeobjectThe same cd, parsed, for convenience.

x-kpsdk-cttypestringYour ct, echoed for replay.

x-kpsdk-sttypestringYour st, echoed.

paramstypeobjectThe difficulty/subchallengeCount/target used.

Example response

Full getTaskResult response shape. The fields in the table above describe what's inside solution — the outer envelope (errorId, status) is identical for every captcha type.

{
  "errorId": 0,
  "status": "ready",
  "solution": {
    "params": {
      "target": 4,
      "difficulty": 8,
      "subchallengeCount": 2
    },
    "x-kpsdk-cd": "{\"workTime\":1782377444928,\"id\":\"b21d445994d396dbd5b2eac5e464515f\",\"answers\":[2,1],\"duration\":0.1,\"d\":0,\"st\":1782377444921,\"rst\":1782377444921}",
    "x-kpsdk-ct": "<your ct, echoed>",
    "x-kpsdk-st": "1782377444921"
  }
}

Error response

Failures use the same envelope with errorId: 1 plus errorCode + errorDescription. See the error-code reference for the full list.

{
  "errorId": 1,
  "errorCode": "ERROR_CAPTCHA_UNSOLVABLE",
  "errorDescription": "Solver gave up — automatically refunded."
}

Pending response

While the solver is still working, getTaskResult returns status: "processing". Poll every 1–2 seconds until ready or failed.

{
  "errorId": 0,
  "status": "processing"
}

Features

Browserless — pure SHA-256 compute, microseconds per CD

No proxy, no pool — IP-independent generation

You control the session (bring your own site/s/ct/st/fc); we just generate the PoW

Mint as many fresh CDs as you need against one session token

task types

proxyless: KasadaCaptchaCDTask

Kasada CD — Browserless PoW Generator, solved in 0.1s.