Solving reCAPTCHA Enterprise: Complete Guide
How to solve reCAPTCHA Enterprise challenges — understanding enterprise site keys, action parameters, minimum scores, and the correct API task types.
Solving reCAPTCHA Enterprise programmatically requires understanding how it differs from the standard free version. Enterprise is Google’s commercial CAPTCHA product, used by large organizations that need advanced bot detection, detailed analytics, and SLA-backed reliability. While the underlying mechanics are similar to standard reCAPTCHA v2 and v3, Enterprise introduces distinct site keys, a different API domain, additional payload parameters, and tighter validation — all of which change how you interact with a CAPTCHA solving API.
How Enterprise Differs from Standard reCAPTCHA
At a high level, reCAPTCHA Enterprise and standard reCAPTCHA produce the same output: a token that the server verifies with Google. But several implementation details differ:
Separate site keys: Enterprise site keys are created in the Google Cloud Console under the reCAPTCHA Enterprise product, not through the standard reCAPTCHA admin panel. These keys are not interchangeable. If you submit a standard site key to an enterprise task type, the solve will fail.
Different JavaScript source: Standard reCAPTCHA loads from google.com/recaptcha/api.js. Enterprise loads from recaptcha.net/recaptcha/enterprise.js or google.com/recaptcha/enterprise.js. This is often the quickest way to identify an Enterprise implementation.
Enterprise API endpoint: The server-side verification call goes to recaptchaenterprise.googleapis.com instead of google.com/recaptcha/api/siteverify. This endpoint returns a richer response with risk scores and reason codes.
The s parameter: Some Enterprise implementations pass an additional s token alongside the site key. This parameter is generated by Google’s JavaScript and adds an extra layer of session binding. When present, you must extract and forward it to the CAPTCHA solver.
Stricter validation: Enterprise applies more aggressive detection heuristics. Token reuse, IP mismatches, and timing anomalies are more likely to trigger failures compared to the free version.
Identifying reCAPTCHA Enterprise on a Page
Before solving, confirm you are dealing with Enterprise and not standard reCAPTCHA. Here are the reliable indicators:
Check the Script Source
Open the page source and search for the reCAPTCHA script tag:
<!-- Standard reCAPTCHA -->
<script src="https://www.google.com/recaptcha/api.js"></script>
<!-- Enterprise reCAPTCHA -->
<script src="https://www.google.com/recaptcha/enterprise.js"></script>
<!-- or -->
<script src="https://recaptcha.net/recaptcha/enterprise.js"></script>If the script URL contains /enterprise.js, you are dealing with the Enterprise version.
Check Network Requests
In DevTools, filter network requests for recaptcha. Enterprise requests go to domains containing enterprise in the path. The anchor URL will look like:
https://www.google.com/recaptcha/enterprise/anchor?k=SITE_KEY...Look for the s Parameter
Search the page’s JavaScript for references to an s parameter being passed alongside the reCAPTCHA execution. This is a Base64-encoded string that some Enterprise implementations require:
grecaptcha.enterprise.execute('SITE_KEY', {
action: 'login',
s: 'base64_encoded_string...'
});Task Types for Enterprise
uCaptcha provides dedicated task types for Enterprise variants:
| Task Type | Description | Proxy |
|---|---|---|
RecaptchaV2EnterpriseTaskProxyless | Enterprise v2 (checkbox/invisible) | No |
RecaptchaV2EnterpriseTask | Enterprise v2 with your proxy | Yes |
RecaptchaV3TaskProxyless with isEnterprise | Enterprise v3 (score-based) | No |
For Enterprise v3, you use the standard v3 task type but include the isEnterprise: true flag. For Enterprise v2, you use the dedicated Enterprise task types.
Solving Enterprise v2
Enterprise v2 works like standard v2 — checkbox or invisible challenge — but uses the Enterprise task type and may require the enterprisePayload field.
Basic Enterprise v2 Solve
import requests
import time
API_KEY = "YOUR_UCAPTCHA_API_KEY"
BASE_URL = "https://api.ucaptcha.net"
response = requests.post(f"{BASE_URL}/createTask", json={
"clientKey": API_KEY,
"task": {
"type": "RecaptchaV2EnterpriseTaskProxyless",
"websiteURL": "https://enterprise-site.com/form",
"websiteKey": "6LcENTERPRISE_KEY..."
}
})
task_id = response.json()["taskId"]
# Poll for result
while True:
time.sleep(5)
result = requests.post(f"{BASE_URL}/getTaskResult", json={
"clientKey": API_KEY,
"taskId": task_id
})
data = result.json()
if data["status"] == "ready":
token = data["solution"]["gRecaptchaResponse"]
print(f"Enterprise token: {token[:80]}...")
break
elif data["status"] != "processing":
print(f"Error: {data}")
breakEnterprise v2 with the s Parameter
When the target site passes an s parameter, you must include it in the enterprisePayload:
response = requests.post(f"{BASE_URL}/createTask", json={
"clientKey": API_KEY,
"task": {
"type": "RecaptchaV2EnterpriseTaskProxyless",
"websiteURL": "https://enterprise-site.com/form",
"websiteKey": "6LcENTERPRISE_KEY...",
"enterprisePayload": {
"s": "base64_encoded_s_value..."
}
}
})The s value is session-specific and time-sensitive. You need to extract it fresh from the page for each solve attempt. Reusing an old s value will result in an invalid token.
Solving Enterprise v3
Enterprise v3 is score-based, just like standard v3, but uses Enterprise site keys and the Enterprise JavaScript API. To solve it, use the RecaptchaV3TaskProxyless task type with the isEnterprise flag:
response = requests.post(f"{BASE_URL}/createTask", json={
"clientKey": API_KEY,
"task": {
"type": "RecaptchaV3TaskProxyless",
"websiteURL": "https://enterprise-site.com/checkout",
"websiteKey": "6LcENTERPRISE_KEY...",
"pageAction": "checkout",
"minScore": 0.7,
"isEnterprise": True
}
})The pageAction must match the action used in the site’s grecaptcha.enterprise.execute() call. Inspect the site’s JavaScript or network requests to find the correct action string.
JavaScript Example
const response = await fetch("https://api.ucaptcha.net/createTask", {
method: "POST",
headers: { "Content-Type": "application/json" },
body: JSON.stringify({
clientKey: "YOUR_UCAPTCHA_API_KEY",
task: {
type: "RecaptchaV3TaskProxyless",
websiteURL: "https://enterprise-site.com/checkout",
websiteKey: "6LcENTERPRISE_KEY...",
pageAction: "checkout",
minScore: 0.7,
isEnterprise: true,
},
}),
});
const { taskId } = await response.json();
// Poll for result using /getTaskResult as shown in the pillar guideExtracting the s Parameter
The s parameter is the trickiest part of Enterprise solving. Not all Enterprise implementations use it, but when they do, you cannot skip it. Here is how to extract it:
From JavaScript Source
Search the page’s JavaScript for assignment to an s variable or property near the reCAPTCHA execution:
// The s value is often stored in a data attribute or JavaScript variable
const sValue = document.querySelector('[data-s]')?.getAttribute('data-s');From Network Requests
Monitor network requests in DevTools. The s parameter sometimes appears in the reCAPTCHA anchor or reload request as a query parameter. Filter for requests to google.com/recaptcha/enterprise and inspect the parameters.
From Cookies
In some implementations, the s value is derived from a cookie set by Google’s Enterprise JavaScript. Check for cookies with names starting with _GRECAPTCHA or similar patterns.
Common Issues and Solutions
“Invalid site key” error: You are likely using a standard site key with an Enterprise task type, or vice versa. Verify the site is actually using Enterprise by checking the JavaScript source URL.
Token rejected despite successful solve: Enterprise validates more aggressively. Common causes include:
- Missing or incorrect
sparameter - IP mismatch — use the proxy variant (
RecaptchaV2EnterpriseTask) - Stale
svalue — extract it fresh for each attempt - Wrong
pageActionfor Enterprise v3
Inconsistent success rates: Enterprise detection is more sophisticated than standard reCAPTCHA. If you see intermittent failures, try routing through uCaptcha’s “Reliable” preset, which prioritizes providers with higher Enterprise success rates.
Higher costs: Enterprise solves are generally more expensive than standard reCAPTCHA because they require more resources from the solving provider. uCaptcha’s “Cheapest” routing preset helps minimize this by comparing rates across all six providers in real time.
Conclusion
reCAPTCHA Enterprise adds complexity on top of the standard v2 and v3 systems — separate site keys, an Enterprise JavaScript domain, the optional s parameter, and stricter validation. The solving process itself follows the same create-task, poll-result pattern, but you must use the correct Enterprise task types and include all required parameters. uCaptcha handles the provider routing automatically, so you can focus on extracting the right parameters from the target page. For the complete API reference and code examples covering all reCAPTCHA variants, see our pillar guide to solving reCAPTCHA v2 and v3.
Related Articles
reCAPTCHA v2 vs v3: Key Differences and Solving Strategies
Understand the differences between reCAPTCHA v2 and v3 — how each works, when sites use them, and the different approaches needed to solve each version programmatically.
Pillar Guide
How to Solve reCAPTCHA v2 and v3 Programmatically
Complete guide to solving reCAPTCHA v2 (checkbox, invisible) and v3 (score-based) programmatically using a CAPTCHA solver API. Includes Python and JavaScript code examples.