Bypass Solution

This documentation provides detailed information on generating the Castle x-castle-request-token.

How the Solution Works

  1. Identify the NuData script URL (e.g., https://fc.kohls.com/2.2/w/w-756138/sync/js/).

  2. Send the URL to our API, optionally adding the form name.

  3. Parse the response, where the payload is the value needed, and input_name is the name of the token.

Required Parameters:

  • url: The NuData script URL.

An example script is https://fc.kohls.com/2.2/w/w-756138/sync/js/ This will let our API load all the website settings, we support any configuration of NuData, as well as knowing the exact name of the parameter excepted from the website.

Optional Parameters:

  • form_name: The form you’re submitting (if applicable).

Example Response

{
  "payload": "...", // this is the value of the parameter to pass
  "input_name": "..." // this is the name of the parameter to pass
}

In order to access any of our endpoint you'll need a valid API Key, either join our discord for a trial or puchase a plan

Generate NuData payload

get

This endpoint generates the necessary NuData input name and value required for interacting with NuData-protected websites.

Authorizations
Query parameters
urlstringRequired

The URL of the NuData script from the website.

form_namestringOptional

The name of the form you're going to submit (optional).

Responses
200
Payload generated
application/json
get
GET /generate HTTP/1.1
Host: nudata.takionapi.tech
x-api-key: YOUR_API_KEY
Accept: */*
{
  "payload": "4b6fa...db68",
  "input_name": "nds-pmd"
}

Last updated

Was this helpful?