Bypass Solution

This documentation provides detailed information on generating the Cognito cognitoAsfData

How the Solution Works

To bypass Castle:

  1. Send to our endpoint the website domain and mail

  2. Parse the response and use it as cognitoAsfData

Required Parameters:

  • website: The website domain

  • username: The username or mail you are going to use for authentiation

It's highly recommended to provide your session’s User-Agent, Sec-Ch-Ua, and Accept-Language headers for more accurate token generation.

Example Response

{
  "response": "...",  // Use this token for your next request
}

In order to access any of our endpoint you'll need a valid API Key, either join our discord for a trial or puchase a plan

Generate cognitoAsfData

get

This endpoint generates the cognitoAsfData for Cognito-protected websites. It requires the website domain and the username (or mail) you need to login with. The browser's user-agent string and client hints can also be passed for content negotiation.

Authorizations
Query parameters
websitestringRequired

The website domain you are interacting with.

usernamestringOptional

Either the mail or username you need to login

Header parameters
User-AgentstringOptional

The browser's user-agent string to simulate during the request.

Sec-Ch-UastringOptional

Client hints for content negotiation (used by some modern browsers).

Responses
200
Token generated
application/json
get
GET /generate HTTP/1.1
Host: cognito.takionapi.tech
x-api-key: YOUR_API_KEY
Accept: */*
{
  "response": "eyJwYXls...=="
}

Last updated

Was this helpful?