Was this helpful?
How to bypass Alibaba captcha
Technical engineer
Introduction
Alibaba CAPTCHA (also known as Aliyun Captcha) is a popular protection system found on websites within the Alibaba ecosystem, such as AliExpress, Alibaba.com, and many others. It often appears as a slider that needs to be dragged or a puzzle assembly task. For automation, this means we need to obtain special tokens from a solving service and correctly inject them into the target page.
In this guide, we will break down how to automate bypassing Alibaba CAPTCHA using the 2Captcha API.
How to find all the necessary parameters
To obtain the parameters required to create a task, you will need to analyze the page's network traffic and the data returned by the server when the captcha appears.
IMPORTANT: some parameters are generated dynamically and may differ with each page load protected by Alibaba captcha.
Step 1. Getting the page with the captcha
- Open the website and perform the action that triggers the captcha (e.g., a login attempt).
- Open DevTools → Network.
- Find the request after which the server returns the captcha HTML page instead of a regular JSON response.
The page response usually contains an object like this:
javascript
var requestInfo = {
data,
region,
sceneId,
token,
traceid,
type,
userId,
userUserId
}
Step 2. Extracting parameters from requestInfo
From the requestInfo object, you need to extract the following values:
| Task Parameter | Source |
|---|---|
| sceneId | sceneId field |
| userId | userId field |
| userUserId | userUserId field |
| verifyType | type field |
| region | region field |
| UserCertifyId | traceid field |
Additionally, you need to save:
| Parameter | Source |
|---|---|
| u_atoken | token value |
| u_asig | traceid value |
These parameters are used when resending the request after successfully solving the captcha.
Step 3. Finding sceneId via network requests
If the requestInfo object is missing or obfuscated, the sceneId value can be found using an alternative method:
- Go to the Network tab.
- Search by keywords: sceneId, CaptchaSceneId, sId.
- Check the contents of requests and responses related to captcha verification or initialization.
Step 4. Getting prefix
The prefix parameter is usually contained in requests related to loading the captcha task.
To find it:
- Find the requests made during captcha initialization.
- Open the request URL.
- Find the prefix parameter in the query string, URL parameters, or in the server response body.
If the URL looks like this: https://dlw3kug.captcha-open.example.aliyuncs.com/, then the value of the prefix parameter corresponds to the subdomain — dlw3kug.
Step 5. Getting apiGetLib
The apiGetLib parameter is a link to the captcha's JavaScript library.
Usually, it can be obtained in one of the following ways:
- Find the
<script>tag on the captcha page that loads the library. - Find the request to the AliyunCaptcha.js file in the Network tab.
- Form the URL according to the template used by the site.
Example: https://o.example.com/captcha-frontend/aliyunCaptcha/AliyunCaptcha.js?t=2041
Final set of parameters
As a result, the following values should be obtained:
json
{
"sceneId": "...",
"prefix": "...",
"userId": "...",
"userUserId": "...",
"verifyType": "...",
"region": "...",
"UserCertifyId": "...",
"apiGetLib": "..."
}
Additionally, you need to save:
json
{
"u_atoken": "...",
"u_asig": "..."
}
These values are used to re-execute the request after receiving the captcha solution.
API Parameters
The 2Captcha API supports two task types for Alibaba: using our internal proxies (AlibabaTaskProxyless) and using your own proxies (AlibabaTask).
| Parameter | Required | Description |
|---|---|---|
| type | Yes | Task type. Specify AlibabaTaskProxyless or AlibabaTask |
| websiteURL | Yes | Full URL of the target web page |
| sceneId | Yes | Captcha scene identifier (extracted from requestInfo or network requests) |
| prefix | Yes | Captcha initialization parameter, usually corresponds to the subdomain in the captcha request URL |
| userId | No | Unique identifier of the user or session on the site side |
| userUserId | No | Additional (secondary) user identifier |
| verifyType | No | Version or type of the captcha verification mechanism |
| region | No | Server or data center region through which the captcha is processed |
| UserCertifyId | No | Unique verification ID associated with the current captcha session |
| apiGetLib | No | Link to the captcha JS library used by the site |
| userAgent | No | Browser User-Agent with which the page is opened |
| proxyType | No | Proxy type (http, socks4, socks5). Required for AlibabaTask type |
| proxyAddress | No | IP address or hostname of the proxy server |
| proxyPort | No | Proxy server port |
| proxyLogin | No | Login for proxy server authentication |
| proxyPassword | No | Password for proxy server authentication |
JSON Request Examples
Request to create a task (Proxyless):
json
{
"clientKey":"YOUR_API_KEY",
"task":{
"type":"AlibabaTaskProxyless",
"websiteUrl":"https://www.example.com",
"sceneId":"abc123xyz4",
"prefix":"def456gh",
"userId":"Abc123Def456Ghi789Jkl012Mno345Pqr678Stu901=",
"userUserId":"Xyz987Abc654Def321Ghi098Jkl765Mno432Pqr109=",
"verifyType":"1.0",
"region":"sgp",
"UserCertifyId":"abc123def456ghi789jkl012mno345pq",
"apiGetLib":"https://o.example.com/captcha-frontend/aliyunCaptcha/AliyunCaptcha.js?t=1234",
"userAgent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/146.0.0.0 Safari/537.36"
}
}
Request using your own proxies:
json
{
"clientKey":"YOUR_API_KEY",
"task":{
"type":"AlibabaTask",
"websiteUrl":"https://www.example.com",
"sceneId":"abc123xyz4",
"prefix":"def456gh",
"userId":"Abc123Def456Ghi789Jkl012Mno345Pqr678Stu901=",
"userUserId":"Xyz987Abc654Def321Ghi098Jkl765Mno432Pqr109=",
"verifyType":"1.0",
"region":"sgp",
"UserCertifyId":"abc123def456ghi789jkl012mno345pq",
"apiGetLib":"https://o.example.com/captcha-frontend/aliyunCaptcha/AliyunCaptcha.js?t=1234",
"userAgent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/146.0.0.0 Safari/537.36",
"proxyType":"http",
"proxyAddress":"1.2.3.4",
"proxyPort":8080,
"proxyLogin":"login",
"proxyPassword":"password"
}
}
Request to get the result is standard:
json
{
"clientKey": "YOUR_API_KEY",
"taskId": "TASK_ID_FROM_CREATE_TASK"
}
A successful response from the API will contain the tokens for injection:
json
{
"errorId": 0,
"status": "ready",
"solution": {
"data": {
"tokens": "{\"sceneId\":\"abc123xyz4\",\"certifyId\":\"aBcDeF1234\",\"deviceToken\":\"ABC_WEB#1234...xyz789=\",\"data\":\"AbC123xYz...DeF456qWe789\"}"
}
}
}
Step-by-step implementation in Python
Using the official SDK
python
from twocaptcha import TwoCaptcha
solver = TwoCaptcha('YOUR_API_KEY')
try:
result = solver.alibaba(
scene_id='abc123xyz4',
prefix='def456gh',
url='https://www.example.com',
user_id='Abc123Def456Ghi789Jkl012Mno345Pqr678Stu901=',
user_user_id='Xyz987Abc654Def321Ghi098Jkl765Mno432Pqr109=',
verify_type='1.0',
region='sgp',
user_certify_id='abc123def456ghi789jkl012mno345pq',
api_get_lib='https://o.example.com/captcha-frontend/aliyunCaptcha/AliyunCaptcha.js?t=1234',
user_agent='Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/146.0.0.0 Safari/537.36'
)
print(f"Solution received: {result}")
except Exception as e:
print(f"Error solving: {e}")
Injecting the solution into the page
After you receive the response from the API, you need to correctly pass it to the target website. The response contains a data object with tokens, which needs to be parsed and injected.
python
import json
from twocaptcha import TwoCaptcha
solver = TwoCaptcha('YOUR_API_KEY')
try:
result = solver.alibaba(
scene_id='abc123xyz4',
prefix='def456gh',
url='https://www.example.com'
)
# Parse tokens from the response
tokens_data = json.loads(result['data']['tokens'])
# Extract necessary values
certify_id = tokens_data['certifyId']
device_token = tokens_data['deviceToken']
data = tokens_data['data']
# Inject tokens via JavaScript
driver.execute_script(f"""
let certifyInput = document.querySelector('input[name="certifyId"]');
let deviceTokenInput = document.querySelector('input[name="deviceToken"]');
let dataInput = document.querySelector('input[name="data"]');
if (certifyInput) certifyInput.value = '{certify_id}';
if (deviceTokenInput) deviceTokenInput.value = '{device_token}';
if (dataInput) dataInput.value = '{data}';
""")
except Exception as e:
print(f"Error: {e}")
If you are sending data directly via a POST request, simply add these parameters to the request body:
python
payload = {
'username': 'my_user',
'password': 'my_password',
'certifyId': certify_id,
'deviceToken': device_token,
'data': data
}
Important nuances and best practices
Alibaba CAPTCHA is highly sensitive to network fingerprints and IP addresses. If you solve the captcha from one IP address and submit the form from another, the protection will instantly notice.
Always use high-quality residential proxies if the target website strictly checks IP addresses. To do this, use the AlibabaTask type and pass the proxy parameters directly to the API. The proxy used for solving and the proxy used for the final request must be identical.
Do not delay submitting the form. Alibaba tokens have a limited lifespan. As soon as you receive the solution, immediately inject it and submit the form.
Use the saved u_atoken and u_asig values when resending the request after successfully solving the captcha.
Solution accuracy reports
If the website rejects the received token, be sure to report it. This helps the service improve its algorithms and refunds your funds for the failed attempt.
You can submit a report via the API using the reportIncorrect and reportCorrect endpoints.
Example JSON request:
json
{
"clientKey": "YOUR_API_KEY",
"taskId": "TASK_ID_FROM_CREATE_TASK"
}
Troubleshooting common issues
If the API returns an ERROR_CAPTCHA_UNSOLVABLE error, you most likely copied the sceneId or prefix incorrectly. Check the source code and network requests again.
If the site accepts the tokens but then still blocks you or asks you to pass the captcha again, the problem is almost certainly the IP address. Check your proxy settings and make sure you are using the same IP for solving and for submitting the final form.
If the requestInfo object is obfuscated or missing, use the alternative method to find sceneId via network requests (search by keywords sceneId, CaptchaSceneId, sId).
Conclusion
Bypassing Alibaba CAPTCHA via 2Captcha boils down to extracting sceneId and prefix from the page, sending this data to the API, and injecting the received tokens (certifyId, deviceToken, data) into the form or POST request. The main thing to remember is the importance of using good proxies and submitting the form quickly, as the tokens have a limited lifespan.
Useful links
- Alibaba API Documentation: https://2captcha.com/api-docs/alibaba-captcha
- Upload statistics and sending reports: https://2captcha.com/statistics/uploads
- Support Center: https://2captcha.com/support/tickets/new
- Code examples on GitHub: https://github.com/2captcha