hCaptcha solver for Puppeteer Node.js

Runnable example

import puppeteer from 'puppeteer'
import { CaptchaSonic } from 'captchasonic'

const browser = await puppeteer.launch()
const page = await browser.newPage()
await page.goto('https://accounts.hcaptcha.com/demo')

const sonic = new CaptchaSonic('YOUR_API_KEY')
const result = await sonic.solve({
  type: 'HCaptchaTaskProxyless',
  websiteURL: page.url(),
  websiteKey: '10000000-ffff-ffff-ffff-000000000001',
})

await page.evaluate(
  (token) => {
    document.querySelector('[name="h-captcha-response"]').value = token
    document.querySelector('[name="g-recaptcha-response"]').value = token
  },
  result.token,
)
await page.click('button[type="submit"]')

Replace YOUR_API_KEY with a real key from your dashboard. The token is good for one form submission.

FAQ

Why two hidden fields for hCaptcha?

hCaptcha emits both h-captcha-response and g-recaptcha-response so sites that originally integrated reCAPTCHA can drop hCaptcha in with no backend change. Setting both ensures the form post validates regardless of which field the backend reads.

Can the solver handle Enterprise hCaptcha?

Yes — pass the rqdata field if the page provides one (it's embedded in the widget bootstrap JS as data-rqdata). Sonic returns a token that validates against the Enterprise verify endpoint.

Does this work with puppeteer-extra-plugin-stealth?

Yes. Stealth helps the surrounding page navigate without flagging the bot, and the Sonic token handles the captcha step. The two stack cleanly.

Other hCaptcha stacks

• Cloudflare Turnstile · Puppeteer · Node.jsBypass Cloudflare Turnstile with Puppeteer in Node.js. Sonic returns the cf-turnstile-response token in under 7 seconds.
• hCaptcha · Selenium · PythonBypass hCaptcha from a Selenium Python script. Drop the Sonic token into the form's hidden field; no clicking the widget.
• hCaptcha · Playwright · PythonSolve hCaptcha from Playwright Python with a Sonic-issued token. Drop-in for both standard and Enterprise widgets.