Bypass Solution
This documentation provides detailed information on generating the Castle x-castle-request-token.
How the Solution Works
Identify the NuData script URL (e.g.,
https://fc.kohls.com/2.2/w/w-756138/sync/js/
).Send the URL to our API, optionally adding the form name.
Parse the response, where the
payload
is the value needed, andinput_name
is the name of the token.
Required Parameters:
url
: The NuData script URL.
An example script is https://fc.kohls.com/2.2/w/w-756138/sync/js/ This will let our API load all the website settings, we support any configuration of NuData, as well as knowing the exact name of the parameter excepted from the website.

Optional Parameters:
form_name
: The form you’re submitting (if applicable).
Example Response
{
"payload": "...", // this is the value of the parameter to pass
"input_name": "..." // this is the name of the parameter to pass
}
This endpoint generates the necessary NuData input name and value required for interacting with NuData-protected websites.
The URL of the NuData script from the website.
The name of the form you're going to submit (optional).
GET /generate HTTP/1.1
Host: nudata.takionapi.tech
x-api-key: YOUR_API_KEY
Accept: */*
{
"payload": "4b6fa...db68",
"input_name": "nds-pmd"
}
Last updated
Was this helpful?