Bypass Solution

This documentation provides detailed information on generating the Cognito cognitoAsfData

How the Solution Works

To bypass Castle:

Send to our endpoint the website domain and mail
Parse the response and use it as cognitoAsfData

Required Parameters:

website: The website domain
username: The username or mail you are going to use for authentiation

It's highly recommended to provide your session’s User-Agent, Sec-Ch-Ua, and Accept-Language headers for more accurate token generation.

Example Response

{
  "response": "...",  // Use this token for your next request
}

In order to access any of our endpoint you'll need a valid API Key, either join our discord for a trial or puchase a plan

Generate cognitoAsfData

get

This endpoint generates the cognitoAsfData for Cognito-protected websites. It requires the website domain and the username (or mail) you need to login with. The browser's user-agent string and client hints can also be passed for content negotiation.

Authorizations

Query parameters

websitestringRequired

The website domain you are interacting with.

usernamestringOptional

Either the mail or username you need to login

Header parameters

User-AgentstringOptional

The browser's user-agent string to simulate during the request.

Sec-Ch-UastringOptional

Client hints for content negotiation (used by some modern browsers).

Responses

200

Token generated

application/json

400

Bad request, missing or invalid parameters

application/json

500

Internal server error

application/json

get

GET /generate HTTP/1.1
Host: cognito.takionapi.tech
x-api-key: YOUR_API_KEY
Accept: */*

{
  "response": "eyJwYXls...=="
}

PreviousAWS Cognito NextExample Implementations

Last updated 9 months ago

Was this helpful?