GeeTest solver, token on return.

A GeeTest solver API without a browser. Takion returns a valid GeeTest solve for v3 and v4, slide, icon, and AI captchas, in one call, so your form submits and your requests get through.

Last updated · Coverage tested against a live GeeTest target.

Getting blocked by GeeTest?

GeeTest hands the site a captcha, a slide puzzle, an icon grid, or an AI challenge, and expects a matching token set back. Takion solves it server-side and returns those values (v3: geetest_validate; v4: lot_number, pass_token, captcha_output), with no browser and no puzzle to drag. Submit them with your form and the check clears.

How GeeTest works

GeeTest is a behavior captcha used across login, signup, and checkout flows. It ships several challenge types, a slide puzzle, an icon-selection grid, and AI-based captchas, in two generations: v3, which returns geetest_challenge / geetest_validate / geetest_seccode, and v4, which returns captcha_id / lot_number / pass_token / captcha_output. Most sites are on v3; some have moved to v4.

Takion solves the challenge server-side and returns the token set the site verifies, for either version. One call, no browser, no puzzle to drag. You submit the returned values with your form or request the way the site expects.

  • Challenges Takion covers
  • Slide captcha
  • Icon / point-selection captcha
  • AI / space captcha
  • GeeTest v3 and v4

What one call returns

One call to the GeeTest endpoint returns the exact token set the site verifies, for v3 or v4.

captcha_output

the v4 solve, with lot_number, pass_token and captcha_id

geetest_validate

the v3 solve, with geetest_challenge and geetest_seccode

curl -G https://geetest.takionapi.tech/v4 \
  --data-urlencode "api_key=$TAKION_KEY" \
  --data-urlencode "captcha_id=fcd636b4514bf7ac4143922550b3008b" \
  --data-urlencode "kind=slide"
# → { "captcha_id": ..., "lot_number": ..., "pass_token": ..., "captcha_output": ... }

Read the GeeTest docsSame key, every wall. Same JSON shape, every vendor.

How the GeeTest solve works, end to end

No browser, no rendered puzzle. Four moves from challenge to token.

  1. 1

    You read the challenge params

    Pull them from the page HTML or the captcha's init endpoint. For v3 that's gt and challenge; for v4 it's captcha_id and, if you know it, the kind.

  2. 2

    You send them to Takion

    One GET to the /v3 or /v4 endpoint with your key and those params. Optionally a proxy to solve under. No SDK, no widget to embed.

  3. 3

    We solve it server-side

    Takion runs the challenge logic the GeeTest JS would have run, works out the slide offset or the icon picks, and produces the token set the site verifies against.

  4. 4

    You submit the returned fields

    The response carries the full token set for your version. Drop those values into your form or request exactly where the widget would put them, and the check clears.

v3 and v4, decoded

Two generations, two payload shapes. Takion returns the right one for whichever the site runs:

v3 (in)
the captcha's gt and challenge. gt is the site's fixed public ID; challenge is minted per attempt and expires fast.
v3 (out)
geetest_challenge, geetest_validate, and geetest_seccode (the seccode is the validate value with a suffix appended).
v4 (in)
the captcha's captcha_id, plus an optional kind for the challenge type.
v4 (out)
captcha_id, lot_number, pass_token, gen_time, and captcha_output.
kind
which surface to solve: slide puzzle, icon / point-selection grid, or ai / space captcha. Set it to match what the site serves.

Why request-based beats a headless browser here

The browser way to beat GeeTest is a headless Chrome that loads the widget, renders the puzzle image, and fakes a mouse path dragging the slider to the gap. It works until GeeTest tweaks the challenge, and it costs you a page render, a real viewport, and seconds per solve. Scale that to thousands of logins and you're running a Chrome farm just to drag one slider.

Takion never opens the widget. We reverse the challenge and generate the validation payload directly, so a solve is one HTTP round trip that returns a token set instead of a rendered image. No Selenium to babysit, no screenshots, no retries when a container OOMs mid-puzzle. You send the params, you get the fields back, you submit them yourself.

What breaks a GeeTest solve

A GeeTest token is short-lived and tied to the attempt it was minted for. These are what usually turns a valid solve into a rejected one:

  • A stale challenge. The v3 challenge value expires quickly. Read it and solve in the same flow; don't cache it and come back later.
  • The wrong kind on v4. Ask for a slide solve on an icon challenge and the site rejects it. Match the kind to the surface the widget actually shows.
  • Submitting the fields in the wrong place. The token set has to land in your request exactly where the widget posts it. Miss a field or misname it and the verify call fails.
  • Reusing a solved token. One token clears one submission. It's single-use; solve a fresh challenge for each request.
  • An occasional unsolvable challenge. Like any captcha, some challenges just don't solve. That's expected. Load a new one and solve again instead of retrying the dead one.

The one rule that keeps a solve valid

Read the challenge and submit the token in one continuous flow. GeeTest tokens are single-use and short-lived, so a solve is only good for the attempt it was minted against. Solve fresh, submit the exact fields Takion returns, and the check clears.

GeeTest solver FAQ

Yes. Takion returns the v3 token set (geetest_challenge, geetest_validate, geetest_seccode) and the v4 set (captcha_id, lot_number, pass_token, captcha_output). Pass the version your target uses.
The slide puzzle, the icon / point-selection grid, and the AI (space) captcha. Set the kind for the challenge your target serves.
Drop the returned fields into the form or request the site verifies against, exactly as the widget would. The docs show the placement per version.
Yes. The slide puzzle is the classic v3 challenge: drag the piece to fill the gap. Takion computes the correct offset server-side and returns geetest_challenge, geetest_validate, and geetest_seccode. There is no image to render and no slider to drag on your end. You submit the three fields and the check clears.
They live in the page HTML or the captcha's init endpoint. gt is the site's public GeeTest ID and stays fixed; challenge is minted fresh per attempt and expires fast. Read both, pass them to the /v3 endpoint, and solve while the challenge is still live. v4 works the same way but with a single captcha_id.
One request, usually a second or two. There is no browser to boot and no puzzle to animate, so a solve is a single round trip. Like any captcha, you will hit an unsolvable challenge once in a while. Load a fresh one and solve again.
Takion is built for accessing data you are authorized to access: your own accounts, public data, sites you have permission to automate. It is not for fraud or abuse, and our acceptable-use policy draws that line. What you do with a solved token is on you.

Every other wall

Start solving GeeTest today.

Start free, no card. One key clears every wall, and your first solve lands within the hour.