> ## Documentation Index
> Fetch the complete documentation index at: https://docs.uncaptcha.io/llms.txt
> Use this file to discover all available pages before exploring further.

# WAF Auto Task

> Solve Cloudflare WAF challenges

### Data

<ParamField body="url" type="string" required>
  The URL of the page where the WAF challenge is located.

  **Example:** `https://mune.rs/`

  <Warning>
    URL must include a path. For example, `https://mune.rs` is invalid—use `https://mune.rs/` instead.
  </Warning>
</ParamField>

<ParamField body="user_agent" type="string" optional>
  The `User-Agent` we must use for the requests.\
  Defaults to: `Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36`

  <Info>
    We support:

    * Chrome (Windows, macOS, Linux, iOS & Android)
    * Firefox (Windows, macOS, Linux, iOS & Android)
    * Safari (macOS, iOS) // *Tested only on Safari 26*
  </Info>
</ParamField>

<ParamField body="html" type="string" optional>
  The HTML body of the challenge you've encountered.\
  If this is not sent, API will automatically try to retrieve the challenge from the URL.

  <Info>
    The response you send us must have the header `Cf-Mitigated: challenge`.
  </Info>

  <Warning>
    If you provide this field, you must also provide the same User-Agent used for the request, and the TLS fingerprint must match that User-Agent.\
    Otherwise, you will usually receive a `challenge triggered reload` error.
  </Warning>
</ParamField>

<ParamField body="proxy" type="string" required>
  Proxy to use for solving the challenge.

  **Format:** `<http|socks5>://[username:password@]host[:port]`

  **Example:** `http://user:pass@192.168.1.1:8080`
</ParamField>

### Data Example

```json theme={null}
{
  "url": "https://mune.rs/",
  "html": "<html>...</html>", // optional
  "proxy": "http://user:pass@192.168.1.1:8080"
}
```

***

### Solution Parameters

<ParamField body="clearance" type="string" required>
  The WAF clearance cookie value.

  **Cookie name:** `cf_clearance`
</ParamField>

<ParamField body="cf_bm" type="string">
  An optional Cloudflare bot management cookie value.

  **Cookie name:** `__cf_bm`
</ParamField>

<ParamField body="headers" type="object" required>
  HTTP headers used during the solve process. You must use these exact headers for your subsequent requests.

  **Includes:** `user-agent`, `sec-ch-ua`, `sec-ch-ua-mobile`, `sec-ch-ua-platform`
</ParamField>

<ParamField body="response" type="object" required>
  Response from the URL you sent with solved cookies.

  **Example:**

  ```json theme={null}
  {
    "status_code": 200,
    "url": "current_url", // URL after redirects
    "headers": { },
    "base64_body": "..."
  }
  ```
</ParamField>

### Solution Example

```json theme={null}
{
  "clearance": "abc123...",
  "cf_bm": "xyz789...",
  "headers": {
    "user-agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36",
    "sec-ch-ua": "\"Google Chrome\";v=\"137\", \"Chromium\";v=\"137\", \"Not/A)Brand\";v=\"24\"",
    "sec-ch-ua-mobile": "?0",
    "sec-ch-ua-platform": "\"Windows\""
  },
  "response": {
    "status_code": 200,
    "headers": {
      "content-type": "text/html;charset=utf-8"
    },
    "base64_body": "...",
    "url": "https:/mune.rs/"
  }
}
```

***

<Tip>
  Using a different IP from the one you used to solve will invalidate the clearance.
</Tip>

<Tip>
  Always use the exact headers returned in the solution. Mismatched headers (especially `user-agent`) will invalidate the clearance.
</Tip>
