Bypass Solution

This documentation provides detailed information on generating the Cognito cognitoAsfData

How the Solution Works

To bypass Castle:

Send to our endpoint the website domain and mail
Parse the response and use it as cognitoAsfData

Required Parameters:

website: The website domain
username: The username or mail you are going to use for authentiation

It's highly recommended to provide your session’s User-Agent, Sec-Ch-Ua, and Accept-Language headers for more accurate token generation.

Example Response

{
  "response": "...",  // Use this token for your next request
}

In order to access any of our endpoint you'll need a valid API Key, either join our discord for a trial or puchase a plan

Generate cognitoAsfData

get

This endpoint generates the cognitoAsfData for Cognito-protected websites. It requires the website domain and the username (or mail) you need to login with. The browser's user-agent string and client hints can also be passed for content negotiation.

Authorizations

x-api-keystringRequired

Query parameters

websitestringRequired

The website domain you are interacting with.

usernamestringOptional

Either the mail or username you need to login

Header parameters

User-AgentstringOptional

The browser's user-agent string to simulate during the request.

Sec-Ch-UastringOptional

Client hints for content negotiation (used by some modern browsers).

Responses

200

Token generated

application/json

400

Bad request, missing or invalid parameters

application/json

500

Internal server error

application/json

get

/generate

GET /generate?website=text HTTP/1.1
Host: cognito.takionapi.tech
x-api-key: YOUR_API_KEY
Accept: */*

{
  "response": "eyJwYXls...=="
}

PreviousAWS Cognito NextExample Implementations

Last updated 1 year ago

Was this helpful?