Castle.io Solver

1,937,099 solves per day
Updates & Changelog

The ultimate API solution for generating valid Castle.io tokens for X (Twitter) automation. High throughput, low latency, and seamless integration for automated workflows.

Lightning Fast
Generate tokens in milliseconds with our optimized solver engine.
High Success Rate
Optimized for maximum validity rates with intelligent fingerprint management.
Developer Ready
Simple, well-documented REST API that integrates into any workflow.

Transparent Pricing

Starter
$10/mo
  • 5 req/sec
  • 2,000 req/hour
  • Priority Support
Basic
$18/mo
  • 10 req/sec
  • 5,000 req/hour
  • Priority Support
Scale
$50/mo
  • 40 req/sec
  • 30,000 req/hour
  • Priority Support
Enterprise
$80/mo
  • 80 req/sec
  • 70,000 req/hour
  • Priority Support

Documentation

Available Endpoints

GET /health System status & metrics
POST /generate-token Generate castle token for X/Twitter

Request Parameters

ParameterTypeRequiredDescription
cuidstringNoUUID v4 format (32 hex chars without dashes). Auto-generated if not provided. ? Set as __cuid cookie.
userAgentstringYesBrowser UA. Chrome 140+ recommended.
countrystringNoISO Country Code (e.g. US, GB). Default: US
browserstringNoBrowser type: chrome, brave, edge, opera. Auto-detected from sec-ch-ua if not provided, or random if not available.
versionstringNoBrowser version (e.g. "131"). Auto-detected from sec-ch-ua or parsed from userAgent.
sec-ch-uastringNoClient Hints header value. Can be passed in body or as HTTP header. Used to auto-detect browser and version.
public_keystringNoCastle public key. Default: pk_AvRa79bHyJSYSQHnRpcVtzyxetSvFerx (Twitter/X)
domainstringNoTarget domain for token. Default: x.com. Change for other Castle-protected sites.

Generate CUID

const cuid = crypto.randomUUID().replace(/-/g, '');

Example Request / Response

curl -X POST https://castle.botwitter.com/generate-token \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -d '{ 
    "cuid": "550e8400e29b41d4a716446655440000",
    "userAgent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64)...",
    "country": "US",
    "sec-ch-ua": "\"Chromium\";v=\"131\", \"Google Chrome\";v=\"131\"",
    "public_key": "pk_AvRa79bHyJSYSQHnRpcVtzyxetSvFerx",
    "domain": "x.com"
  }'

// Response:
{ 
  "success": true, 
  "token": "eyJhbG...", 
  "cuid": "550e8400e29b41d4a716446655440000",
  "cuidGenerated": false,
  "domain": "x.com",
  "headers": {
    "sec-ch-ua": "\"Chromium\";v=\"131\", \"Google Chrome\";v=\"131\"",
    "sec-ch-ua-mobile": "?0",
    "sec-ch-ua-platform": "\"Windows\""
  }
}

Response Headers

The API returns Client Hints headers that you should use with Twitter/X requests:

HeaderExample ValueDescription
sec-ch-ua"Chromium";v="131", "Google Chrome";v="131"User-Agent Client Hints - Browser brands and versions
sec-ch-ua-mobile?0Mobile device indicator (?0 = desktop, ?1 = mobile)
sec-ch-ua-platform"Windows"Operating system platform

Get Support

Need a custom enterprise plan or have technical questions?