GeeTest solver, token on return.
A GeeTest solver API without a browser. Takion returns a valid GeeTest solve for v3 and v4, slide, icon, and AI captchas, in one call, so your form submits and your requests get through.
Last updated · Coverage tested against a live GeeTest target.
Getting blocked by GeeTest?
GeeTest hands the site a captcha, a slide puzzle, an icon grid, or an AI challenge, and expects a matching token set back. Takion solves it server-side and returns those values (v3: geetest_validate; v4: lot_number, pass_token, captcha_output), with no browser and no puzzle to drag. Submit them with your form and the check clears.
How GeeTest works
GeeTest is a behavior captcha used across login, signup, and checkout flows. It ships several challenge types, a slide puzzle, an icon-selection grid, and AI-based captchas, in two generations: v3, which returns geetest_challenge / geetest_validate / geetest_seccode, and v4, which returns captcha_id / lot_number / pass_token / captcha_output. Most sites are on v3; some have moved to v4.
Takion solves the challenge server-side and returns the token set the site verifies, for either version. One call, no browser, no puzzle to drag. You submit the returned values with your form or request the way the site expects.
- Challenges Takion covers
- Slide captcha
- Icon / point-selection captcha
- AI / space captcha
- GeeTest v3 and v4
What one call returns
One call to the GeeTest endpoint returns the exact token set the site verifies, for v3 or v4.
captcha_outputthe v4 solve, with lot_number, pass_token and captcha_id
geetest_validatethe v3 solve, with geetest_challenge and geetest_seccode
curl -G https://geetest.takionapi.tech/v4 \
--data-urlencode "api_key=$TAKION_KEY" \
--data-urlencode "captcha_id=fcd636b4514bf7ac4143922550b3008b" \
--data-urlencode "kind=slide"
# → { "captcha_id": ..., "lot_number": ..., "pass_token": ..., "captcha_output": ... }Read the GeeTest docsSame key, every wall. Same JSON shape, every vendor.
How the GeeTest solve works, end to end
No browser, no rendered puzzle. Four moves from challenge to token.
- 1
You read the challenge params
Pull them from the page HTML or the captcha's init endpoint. For v3 that's
gtandchallenge; for v4 it'scaptcha_idand, if you know it, thekind. - 2
You send them to Takion
One GET to the /v3 or /v4 endpoint with your key and those params. Optionally a proxy to solve under. No SDK, no widget to embed.
- 3
We solve it server-side
Takion runs the challenge logic the GeeTest JS would have run, works out the slide offset or the icon picks, and produces the token set the site verifies against.
- 4
You submit the returned fields
The response carries the full token set for your version. Drop those values into your form or request exactly where the widget would put them, and the check clears.
v3 and v4, decoded
Two generations, two payload shapes. Takion returns the right one for whichever the site runs:
v3 (in)- the captcha's
gtandchallenge.gtis the site's fixed public ID;challengeis minted per attempt and expires fast. v3 (out)geetest_challenge,geetest_validate, andgeetest_seccode(the seccode is the validate value with a suffix appended).v4 (in)- the captcha's
captcha_id, plus an optionalkindfor the challenge type. v4 (out)captcha_id,lot_number,pass_token,gen_time, andcaptcha_output.kind- which surface to solve:
slidepuzzle,icon/ point-selection grid, orai/ space captcha. Set it to match what the site serves.
Why request-based beats a headless browser here
The browser way to beat GeeTest is a headless Chrome that loads the widget, renders the puzzle image, and fakes a mouse path dragging the slider to the gap. It works until GeeTest tweaks the challenge, and it costs you a page render, a real viewport, and seconds per solve. Scale that to thousands of logins and you're running a Chrome farm just to drag one slider.
Takion never opens the widget. We reverse the challenge and generate the validation payload directly, so a solve is one HTTP round trip that returns a token set instead of a rendered image. No Selenium to babysit, no screenshots, no retries when a container OOMs mid-puzzle. You send the params, you get the fields back, you submit them yourself.
What breaks a GeeTest solve
A GeeTest token is short-lived and tied to the attempt it was minted for. These are what usually turns a valid solve into a rejected one:
- A stale
challenge. The v3challengevalue expires quickly. Read it and solve in the same flow; don't cache it and come back later. - The wrong
kindon v4. Ask for aslidesolve on aniconchallenge and the site rejects it. Match the kind to the surface the widget actually shows. - Submitting the fields in the wrong place. The token set has to land in your request exactly where the widget posts it. Miss a field or misname it and the verify call fails.
- Reusing a solved token. One token clears one submission. It's single-use; solve a fresh challenge for each request.
- An occasional unsolvable challenge. Like any captcha, some challenges just don't solve. That's expected. Load a new one and solve again instead of retrying the dead one.
The one rule that keeps a solve valid
Read the challenge and submit the token in one continuous flow. GeeTest tokens are single-use and short-lived, so a solve is only good for the attempt it was minted against. Solve fresh, submit the exact fields Takion returns, and the check clears.
GeeTest solver FAQ
- Yes. Takion returns the v3 token set (geetest_challenge, geetest_validate, geetest_seccode) and the v4 set (captcha_id, lot_number, pass_token, captcha_output). Pass the version your target uses.
- The slide puzzle, the icon / point-selection grid, and the AI (space) captcha. Set the kind for the challenge your target serves.
- Drop the returned fields into the form or request the site verifies against, exactly as the widget would. The docs show the placement per version.
- Yes. The slide puzzle is the classic v3 challenge: drag the piece to fill the gap. Takion computes the correct offset server-side and returns geetest_challenge, geetest_validate, and geetest_seccode. There is no image to render and no slider to drag on your end. You submit the three fields and the check clears.
- They live in the page HTML or the captcha's init endpoint.
gtis the site's public GeeTest ID and stays fixed;challengeis minted fresh per attempt and expires fast. Read both, pass them to the /v3 endpoint, and solve while the challenge is still live. v4 works the same way but with a singlecaptcha_id. - One request, usually a second or two. There is no browser to boot and no puzzle to animate, so a solve is a single round trip. Like any captcha, you will hit an unsolvable challenge once in a while. Load a fresh one and solve again.
- Takion is built for accessing data you are authorized to access: your own accounts, public data, sites you have permission to automate. It is not for fraud or abuse, and our acceptable-use policy draws that line. What you do with a solved token is on you.
Every other wall
Start solving GeeTest today.
Start free, no card. One key clears every wall, and your first solve lands within the hour.