I am trying to simulate the login process of a website that has invisible recaptcha using Postman. I used both chrome DevTools and interceptor feature of the Postman. I also used the capture cookies feature in Postman to ensure I have the same cookies as in Chrome. The POST request for login api of the website has a JSON body of something like below:
{"userName":"myusermane","password":"mypassword","captchaResponse":"03AGdBq25SXrvrLWv3VbhyNPYCccO62Scf5reo04IeLNloKGo7ND1TcX7mg67fG-tL_0w1E7urn0MvoCJvdl6c5SBDloPXaeHiTnDMsjIgEGrvLjPbdsZ8U6vpL8VuqX1DZgGFRXXj_97ra1ZgYpuQykxnCEtgXQXwVqF5IbHyGj7MwtzM0jvT1wHdfFCDDJ3o9Z7edgUfHZeHHjfmMI_s1j5wZY2Lvp9XEGYdA9kmR5kZxu_CaGZ9i9rll8nY-GBqC4wWNuazB0l9F7k3R0ragTL9eoNawsdUP2l8nBvpR0dhWf476KqBgN7fE7aIj6HNQbCzRltgiUJeUh5RUmZk_XeUdN2hNhTAhfK8cwH1crn-bddCQ9J4ZJtFOcZ8qTYZbf6PWp1Hw8lX"}
The problem is while the login is successful in Chrome, the exact same request in Postman fails. Why is this happening? I am thinking that there might be something with invisible recaptcha fundamental that I do not understand. Hope someone can figure it out
The problem is while the login is successful in Chrome, the exact same request in Postman fails. Why is this happening?
This is the purpose of a Captcha: it prevents automated logins, allowing only a human to log in.
In other words, this is happening because it is exactly what is supposed to be happening.