How to bypass reCAPTCHA v2 Enterprise

Introduction

To end users, reCAPTCHA v2 Enterprise looks almost identical to regular v2: the same "I'm not a robot" checkbox or invisible badge. But under the hood, it's a completely different system. Instead of the standard verification API, Google uses the Google Cloud reCAPTCHA Enterprise API. This gives site owners access to advanced analytics, more flexible blocking rules, and — most importantly for developers — much stricter risk assessment.

For automation and web scraping, this means simply obtaining a token often isn't enough. If the IP address, User-Agent, or behavior looks suspicious, the Enterprise system may accept the token but still block the request or demand additional verification.

This guide walks through how to reliably solve reCAPTCHA v2 Enterprise using the 2Captcha API. We'll cover how to distinguish Enterprise from the standard version, which specific parameters (like data-s) you need to extract, and how to properly configure your task to avoid blocks.

Key Differences Between v2 and v2 Enterprise

Understanding these differences helps you configure API requests correctly.

Required Parameters for the 2Captcha API

Solving v2 Enterprise uses the same task type as regular v2, but with the mandatory Enterprise flag and — frequently — an additional data-s parameter.

Required Parameters

Critical Additional Parameter

Proxy Parameters (Recommended for Strict Sites)

If the site strictly checks IP reputation, using the RecaptchaV2Task type with your residential proxy significantly improves success rates.

How to Identify reCAPTCHA v2 Enterprise and Find Parameters

Step 1: Check the Script Source

Open the target page, press F12, and switch to the Network tab. Filter requests by the word recaptcha. If you see the script loading from enterprise.js or api.js?render=enterprise, you're looking at the Enterprise version.

Step 2: Find the Sitekey and data-s

Switch to the Elements tab and locate the element with the g-recaptcha class. In the Enterprise version, it typically looks like this:

<div class="g-recaptcha" 
     data-sitekey="6Lel38UnAAAAAMRwKj9qLH2Ws4Tf2uTDQCyfgR6b"
     data-s="03AGdBq24PxK...dynamic_value..."
     data-callback="onSubmit"
     data-size="invisible">
</div>

Copy the data-sitekey value into the websiteKey parameter. If the data-s attribute is present, copy its value into recaptchaDataSValue.

Step 3: Dynamic data-s Extraction (When Needed)

Often, the data-s value is generated by JavaScript when the page loads. If it's not in the source code, you can intercept it. Open the Network tab, refresh the page, and find the request that retrieves this token (usually a request to the site's internal API before CAPTCHA initialization), or look for it in global variables via the console:

// Example of searching for data-s in the global scope or configuration
console.log(window.RECAPTCHA_DATA_S); // Variable name may differ

If the site retrieves it via an XHR request, the simplest approach is to make that request upfront in your script, grab the data-s value, and pass it to the 2Captcha task.

Example JSON Request to the API

Here's what a correct payload looks like for submitting a task to 2Captcha:

{
    "clientKey": "YOUR_API_KEY",
    "task": {
        "type": "RecaptchaV2TaskProxyless",
        "websiteURL": "https://target-site.com/login",
        "websiteKey": "6Lel38UnAAAAAMRwKj9qLH2Ws4Tf2uTDQCyfgR6b",
        "isEnterprise": true,
        "recaptchaDataSValue": "03AGdBq24PxK...dynamic_value..."
    }
}

If the site is very strict, switch the type to RecaptchaV2Task and add a proxy object with your credentials.

Bypass Algorithm

1. Get your API key from the 2Captcha dashboard.
2. Open the target page (via browser or HTTP client) and extract the websiteKey and, if present, data-s.
3. Submit the task to createTask with the isEnterprise: true flag.
4. Poll getTaskResult at 5-second intervals.
5. Once you receive gRecaptchaResponse, inject it into the form or invoke the callback function.
6. Send the final request, making sure the IP and User-Agent match those used during solving (if you used a proxy in the task).

Code Example: Python + SeleniumBase (with Proxy)

If the site rejects proxyless solutions, use your own proxy directly in the task.

from seleniumbase import SB
import time
import requests

API_KEY = "YOUR_API_KEY"
SITE_KEY = "6Lel38UnAAAAAMRwKj9qLH2Ws4Tf2uTDQCyfgR6b"
PAGE_URL = "https://target-site.com/login"

def solve_via_api_with_proxy(sitekey, url, proxy_info):
    payload = {
        "clientKey": API_KEY,
        "task": {
            "type": "RecaptchaV2Task", # Use the type with proxy
            "websiteURL": url,
            "websiteKey": sitekey,
            "isEnterprise": True,
            "proxyType": proxy_info["type"],
            "proxyAddress": proxy_info["address"],
            "proxyPort": proxy_info["port"],
            "proxyLogin": proxy_info.get("login"),
            "proxyPassword": proxy_info.get("password")
        }
    }
    
    task = requests.post("https://api.2captcha.com/createTask", json=payload).json()
    task_id = task["taskId"]
    
    while True:
        time.sleep(5)
        result = requests.post(
            "https://api.2captcha.com/getTaskResult",
            json={"clientKey": API_KEY, "taskId": task_id}
        ).json()
        if result["status"] == "ready":
            return result["solution"]["gRecaptchaResponse"]

# Your proxy settings
my_proxy = {
    "type": "http",
    "address": "198.51.100.1",
    "port": 8080,
    "login": "user",
    "password": "pass"
}

with SB(uc=True, headless=False, proxy=f"{my_proxy['address']}:{my_proxy['port']}") as sb:
    sb.open(PAGE_URL)
    time.sleep(3)
    
    print("Solving reCAPTCHA v2 Enterprise with proxy...")
    token = solve_via_api_with_proxy(SITE_KEY, sb.get_current_url(), my_proxy)
    print(f"Token: {token[:40]}...")
    
    # Inject token into the hidden field
    sb.execute_script(f"document.getElementById('g-recaptcha-response').value = '{token}';")
    
    # Click submit button (or invoke callback if required)
    sb.click('button[type="submit"]')
    time.sleep(5)
    
    if "success" in sb.get_page_source().lower():
        print("Successfully passed")
    else:
        print("Possible block or validation error")

Why Enterprise Is Stricter and How to Work Around It

The main challenge with v2 Enterprise isn't the CAPTCHA solving itself — it's the subsequent request validation. Google compares the environment where the token was obtained with the environment of the final request.

1. IP Mismatch: If the token was solved through 2Captcha's internal pool (Proxyless) but your final request comes from your home or datacenter IP, Enterprise may notice.
   Solution: For strict sites, use the RecaptchaV2Task type and pass your residential proxy details. The token will then be solved from the same IP that sends the request.

2. Missing data-s: Ignoring this parameter on sites that require it guarantees a validation error on the site's backend.

3. Automation Detection: If you're using unmodified Selenium, Enterprise will detect it.
   Solution: Use UC Mode in SeleniumBase or libraries like curl_cffi to mask TLS fingerprints for non-browser requests.

Common Errors

Best Practices

1. Always start with RecaptchaV2TaskProxyless. If the site accepts the solution, there's no reason to complicate things with a proxy setup.

2. If you're getting rejections, first check whether the site requires the data-s parameter. Its absence is the most common cause of silent failures.

3. For critical tasks, use RecaptchaV2Task with quality residential proxies. This synchronizes the IP between solving and request submission.

4. Synchronize the User-Agent. If you pass a proxy to the task, make sure your browser or HTTP client uses the same User-Agent.

5. Add random delays (2–5 seconds) between page load, CAPTCHA solving, and form submission. Instant actions are a red flag for Enterprise.

Official SDKs

2Captcha provides official SDKs that simplify integration and handle task status polling for you.

• Python: https://github.com/2captcha/2captcha-python
• Node.js: https://github.com/2captcha/2captcha-node
• PHP: https://github.com/2captcha/2captcha-php
• Java: https://github.com/2captcha/2captcha-java
• C#: https://github.com/2captcha/2captcha-csharp
• Go: https://github.com/2captcha/2captcha-go
• Ruby: https://github.com/2captcha/2captcha-ruby

Python SDK example:

from twocaptcha import TwoCaptcha

solver = TwoCaptcha('YOUR_API_KEY')

result = solver.recaptcha(
    sitekey='6Lel38UnAAAAAMRwKj9qLH2Ws4Tf2uTDQCyfgR6b',
    url='https://target-site.com/login',
    enterprise=True,
    data_s='03AGdBq24PxK...' # Passing data-s via SDK
)

print(f"Solved: {result['code']}")

Useful Links

• 2Captcha API Documentation: https://2captcha.com/api-docs
• Testing Demo Page: https://2captcha.com/demo/
• Code Examples on GitHub: https://github.com/2captcha
• Support Center: https://2captcha.com/support/tickets/new

Conclusion

Bypassing reCAPTCHA v2 Enterprise through 2Captcha is technically similar to regular v2, but demands more attention to detail. Success comes down to three things: correctly setting the isEnterprise: true flag, extracting and passing the data-s parameter when the site requires it, and synchronizing the network environment (IP and User-Agent) between the CAPTCHA solving moment and the final request. Following these rules lets you reliably automate interactions with even the strictest protected resources.