How to Bypass hCaptcha automatically
CAPTCHAs are designed to block automated traffic, and hCaptcha is notoriously difficult to bypass using traditional browser automation out of the box because it relies heavily on fingerprinting and complex image classification challenges.
However, with solveOCR, our neural visual models can extract and classify the images perfectly, allowing you to pass the challenge just like a real user.
Step 1: Extract the SiteKey
hCaptcha relies on a sitekey to build the challenge. When you navigate to the target page, you need to extract the sitekey from the DOM.
<div class="h-captcha" data-sitekey="YOUR_TARGET_SITEKEY"></div>
You can programmatically grab this in JavaScript:
const sitekey = document.querySelector('.h-captcha').getAttribute('data-sitekey');
console.log(sitekey);
Step 2: Request the Challenge
Once you have the sitekey, you must request a challenge token. This token defines what the user is supposed to look for (e.g. "Please click each image containing a bicycle").
Step 3: Call solveOCR
Pass the downloaded challenge images directly into the solveOCR API along with the instruction prompt.
import { solveOCR } from '@solveocr/node';
const client = new solveOCR('API_KEY');
const response = await client.solveCaptcha({
images: [image1, image2, image3, image4, image5, image6, image7, image8, image9],
instruction: "Click each image containing a bicycle",
type: "hcaptcha-grid"
});
console.log(response.selections); // [1, 4, 7]
Step 4: Submit to hCaptcha
Use the returned selections to emulate clicks or send the token payload directly back to the hCaptcha verify endpoint. You will receive an h-captcha-response token that you can then inject into the target site's form before submitting.
Note: Always pair solveOCR with a resilient proxy network and good browser fingerprints (like Camoufox) when sending
checkCaptcharequests to mimic legitimate entropy.