What is the datadome cookie and how does it work?

The datadome cookie is a session token DataDome's tags.js script sets after evaluating client signals like canvas, WebGL, fonts, navigator and timing. The server validates the cookie on each request. A missing or invalid datadome cookie returns a 403 with a captcha redirect or device check page.

How do I solve a DataDome 403 captcha via API?

Submit a POST to https://api.meshprivacy.com/v1/tasks/submit with service: 'datadome-invisible' for the silent flow, 'datadome-device-check' for device redirects, or 'datadome-slider' for the slider captcha. Pass the page url, your proxy_config and user_agent. Poll /v1/tasks/result/{task_id} for 3-8 seconds and you receive cookies.datadome ready to attach.

What is the difference between datadome-invisible, device-check and slider?

datadome-invisible runs the silent fingerprint flow and returns the cookie directly. datadome-device-check handles the GET/POST device verification redirect that DataDome serves on suspicious sessions. datadome-slider solves the visible slider captcha shown via the geo.captcha-delivery.com redirect. All three return the same datadome cookie.

How long does the datadome cookie remain valid?

The datadome cookie is bound to the IP, user agent and session — typical lifetime is 1-3 hours but DataDome can revoke it earlier on suspicious behavior. Always solve from the same proxy and user agent you will retry with, and refresh the cookie on the next 403.

How fast does MeshPrivacy generate datadome cookies?

datadome-invisible: 3-8 seconds typical. datadome-device-check: 4-9 seconds. datadome-slider: 5-10 seconds for the visual challenge. Upstream timeout is 120 seconds. We do not advertise sub-second numbers — DataDome's tags.js fingerprint collection requires real compute time.

How much does DataDome solving cost?

Pricing is per-credit at 1 USD = 1,000 credits. Credit cost per request varies per service and may change — see meshprivacy.com/pricing for current rates. New accounts get 20 free credits with no credit card required.

How does MeshPrivacy compare to other DataDome solvers?

Compared to ScrapFly, ZenRows, 2Captcha and similar services, MeshPrivacy returns the datadome cookie from a single REST endpoint with no browser farm and no SDK. The same submit/poll contract handles invisible, device-check and slider variants, plus 12+ other vendors (Akamai, Kasada, PerimeterX, AWS WAF and more).

Looking for an overview? See the DataDome product page

Resolving DataDome 403 Errors

DataDome uses behavioral analysis and device fingerprinting to detect automated traffic. When requests fail verification, servers return 403 errors or serve deceptive block pages. MeshPrivacy generates valid datadome cookies by completing the behavioral verification process.

Error Codes

Code	Meaning	Resolution
403	Access denied, challenge required	Generate valid datadome cookie via API
200	Deceptive block page (challenge HTML)	Detect and solve embedded challenge

Note: DataDome may return 200 status with challenge HTML instead of 403. Check response content for dd= parameters.

Real-time API status: trust.meshprivacy.com

Cookies & Detection

Primary Cookie

datadome - Main verification token

Cookie TTL: approximately 10 minutes

Detection Indicators

dd= parameter in HTML

Challenge JavaScript loading

WebSocket connections for validation

GPU rendering pattern analysis

Service Variants

DataDome ships three distinct service IDs in the MeshPrivacy API. Pick the one that matches the challenge type the target site serves.

`datadome-invisible`Primary

Background behavioral verification without user interaction. Analyzes browser fingerprint and behavior patterns silently.

Field	Type	Required	Description
`url`	string	Yes	Protected page URL
`script_url`	string	No	DataDome script URL (e.g. tags.js)
`initial_cid`	string	No	Initial datadome cookie value for session continuity
`proxy_config`	string	No	Proxy in `http://user:pass@ip:port` format
`user_agent`	string	No	Custom user agent

datadome-invisible.js

// Submit DataDome Invisible task
const response = await fetch('https://api.meshprivacy.com/v1/tasks/submit', {
  method: 'POST',
  headers: { 'Content-Type': 'application/json', 'X-API-Key': API_KEY },
  body: JSON.stringify({
    service: 'datadome-invisible',
    url: 'https://target-site.com/',                        // required
    script_url: 'https://js.datadome.co/tags.js',           // optional
    initial_cid: '',                                        // optional - existing datadome cookie
    proxy_config: 'http://user:pass@ip:port',               // optional
    user_agent: 'Mozilla/5.0 (Windows NT 10.0; Win64; x64)...' // optional
  })
});
const { task_id } = await response.json();
const result = await fetch(`https://api.meshprivacy.com/v1/tasks/result/${task_id}`, {
  headers: { 'X-API-Key': API_KEY }
});
const { cookies } = await result.json();
// Use cookies.datadome in your requests

`datadome-device-check`

Device fingerprint validation challenge. Collects and verifies hardware and software characteristics without visual interaction.

Field	Type	Required	Description
`url`	string	Yes	Protected page URL triggering device check
`script_url`	string	No	DataDome script URL
`device_link`	string	No	Device link token
`http_method`	string	No	HTTP method (GET/POST)
`initial_cid`	string	No	Initial datadome cookie value
`proxy_config`	string	No
`user_agent`	string	No

datadome-device-check.js

// Submit DataDome Device Check task
const response = await fetch('https://api.meshprivacy.com/v1/tasks/submit', {
  method: 'POST',
  headers: { 'Content-Type': 'application/json', 'X-API-Key': API_KEY },
  body: JSON.stringify({
    service: 'datadome-device-check',
    url: 'https://target-site.com/',                        // required
    script_url: 'https://js.datadome.co/tags.js',           // optional
    device_link: '',                                        // optional - device link token
    http_method: 'GET',                                     // optional - GET or POST
    initial_cid: '',                                        // optional
    proxy_config: 'http://user:pass@ip:port',               // optional
    user_agent: 'Mozilla/5.0 (Windows NT 10.0; Win64; x64)...' // optional
  })
});
const { task_id } = await response.json();

`datadome-slider`

Interactive slider captcha challenge. Requires drag interaction to verify human behavior patterns.

Field	Type	Required	Description
`url`	string	Yes	Original protected page URL
`script_url`	string	No	DataDome script URL
`device_link`	string	No	Device link token
`http_method`	string	No	HTTP method (GET/POST)
`captcha_url`	string	No	Captcha redirect URL from `geo.captcha-delivery.com`
`initial_cid`	string	No	Initial datadome cookie value
`proxy_config`	string	No
`user_agent`	string	No

datadome-slider.js

// Submit DataDome Slider task
const response = await fetch('https://api.meshprivacy.com/v1/tasks/submit', {
  method: 'POST',
  headers: { 'Content-Type': 'application/json', 'X-API-Key': API_KEY },
  body: JSON.stringify({
    service: 'datadome-slider',
    url: 'https://target-site.com/',                        // required
    script_url: 'https://js.datadome.co/tags.js',           // optional
    device_link: '',                                        // optional
    http_method: 'GET',                                     // optional
    captcha_url: 'https://geo.captcha-delivery.com/...',    // optional - redirect URL
    initial_cid: '',                                        // optional
    proxy_config: 'http://user:pass@ip:port',               // optional
    user_agent: 'Mozilla/5.0 (Windows NT 10.0; Win64; x64)...' // optional
  })
});
const { task_id } = await response.json();

FAQ

Check the response HTML for DataDome challenge indicators: dd= parameters, DataDome JavaScript includes, or challenge-specific HTML structure. A valid response will have your expected content.

Related Services

Akamai|Kasada|PerimeterX|Incapsula