VK API: Captcha needed?

Nodge2013-06-26 09:09:43

CAPTCHA

Nodge, 2013-06-26 09:09:43

TL;DR The limits on the number of requests from the server did not exceed, but the error with the captcha appears constantly. Does anyone know how to deal with this?
Good afternoon habravchane!
In our application, there are, let's say, about 1000 users, each of which has its own offline token for working with the VK API. The application is executed by cron, using different user tokens for requests.
As stated in the FAQ , there are limits on the number of requests from the server:

3 requests per second from each unique user
if the application is installed by less than 10,000 people, then you can make 5 requests per second from one server

These restrictions are met by us even with a margin: 3 requests per second with different users. The application runs on a dedicated IP, no other requests are made from this IP.
The essence of the problem is that after an indefinite number of requests, an error begins to constantly fall out:

Code: 14; Message: Captcha needed

Naturally, if you enter captcha as indicated here , then several requests will pass without captcha, and then the error will repeat again. Because Since our application works offline by cron, this state of affairs does not suit us at all.
Tried to contact the TP:
Appeal 1

Alexander Skutin
Recently, Captcha needed error constantly crashes when accessing the API. How can this be bypassed? What are the real restrictions, and what do they apply to (token or ip)? Thank you.

Support Agent #519
Hello Alexander!
Please try to start using the processing method indicated on the documentation page vk.com/dev/auth_direct.
Always with you,
VK support team.

Appeal 2

Alexander Skutin
Constantly getting a Captcha needed error, what are the real limits on requests?

Support agent #720
Hello Alexander!
We cannot name any specific restrictions. This error starts returning when the action happens too often - see vk.com/dev/captcha_error Regards
,
VK support team.

Attention question...

Why does the TP recommend auth_direct if it is written in black and white in the documentation that this does not save you from captcha? Has anyone tried this method, maybe other restrictions on requests? In this case, so as not to exceed them, where are the numbers?
Maybe someone has already struggled with such a problem and knows a bulletproof way to make requests to the API without the danger of being blocked?
If all else fails... Has anyone parsed a VK captcha? Share bases of images or even algorithms? :)

I would be grateful for any piece of valuable information ...
PS Tech. VK support answers for days and is completely uninformative. Sadness, trouble, a mess in the documentation...
UPD1:
There was information that the appearance of captcha depends on the users of your application. How close to the truth this is is unknown.

Answer the question

In order to leave comments, you need to log in

8 answer(s)

Stepan, 2013-06-26
@L3n1n

Had a deal, no way out. The captcha is requested only when the user and the server from which you are trying to use the token are from different countries/regions. Verified by more than 50k accounts.
Example:
A user who granted rights from Ukraine + a server receiving data on a token is also in Ukraine = does not ask for captcha.
… from Ukraine + the server receiving data on the token is also in Ukraine = does not ask for captcha.
… not from ukraine + server in ukraine = asks for captcha even at the first request.
…from russia + server in ukraine = it asks for captcha even at the first request.
… from Russia + server in Russia = does not ask for captcha.
... from Russia (Siberia) + server in Russia (MSK) = asks for captcha.
For several weeks we tried to somehow get around it, but nothing came of it, the only option was to parse the captcha through some online service. But it is long and problematic with a large number of users.
We chose a solution for ourselves when the user himself parses data from VK and sends it to our server. In this situation, the captcha does not ask.
If you need to make requests when the user is offline, you can transfer this work to users who are online :). Depending on what application you have.

Zafon, 2016-11-19
@Zafon

I was looking for a solution to this problem for a long time, by chance it was solved after the hoster transferred the site on which the script with the VK API worked from the server of Ukraine to the server in Germany.
The script stopped working and began to request captcha at the first access to VK.
But while the site was on a server in Ukraine, everything worked fine, I installed this script on another site that was on a server in Ukraine and voila - everything works.
Asking why? Yes, because the token was received by a user whose IP was Ukrainian and the script worked from the Ukrainian IP.
What I did was get a token using a German IP.
I went through the German proxy server in VK, received a token, entered a new token in the script settings and it all worked.
From this we conclude that the token must be received from the same country where the script or program is running.
If they do not match, then the VK protection system is triggered and they are asked to enter a captcha.

romaro, 2018-10-13
@romaro

Do I understand correctly that if you use the execute wrapper method , in which you can add up to 25 calls to PHOTOS.save, then you can multiply the number of returned captchas, because If the captcha is solved correctly, will 25 photos in the album be created at once instead of entering a captcha for each photo?

habrsa, 2013-06-26
@habrsa

The fact that you brought the restriction is a restriction on throttling.
What specific actions are being taken?
I didn’t have much experience with the VK API, but it seemed to me that Captcha needed “especially” often appears when performing requests that can be used to spam: post on the wall, edit, send a message, edit the description of a photo ... in general, everything that leave a "trace" and other users can see.
I have a script that also works by cron and synchronizes once a day a couple of large online stores with photo albums in my wife's group, works from one user - uploads photos to VK or changes the description of the photo.
So, with constant requests to change the description of the photo, I could only get rid of captcha_needed by setting the timeout to 2 seconds, as far as I remember, neither 1 nor 1.5 seconds timeout helped me.
There were no problems with other types of requests for reading, for example, photos, I also uploaded thousands of photos from VK, timeouts were not needed there at all, I never showed captcha.

habrsa, 2013-06-26
@habrsa

If the requests do not require "installing the application", then in principle it is simple, you can spread the requests to different applications and to different IPs.
If they require installation ... well, you can try to make requests from the same application from different IPs, maybe it will help.
VK will never give details of the “blocking”, as this will simply bypass it.
I myself am interested in this topic, if there are any results, please unsubscribe here.
PS missed a bit with a comment

nukex, 2013-07-04
@nukex

I recently ran into the same problem when working with the audio.search method . Yes, it all depends on the quality of the token, more precisely on the parameters of the user's account (region, phone binding, account age). Previously, as I understand it, there was only - binding the phone.

Chukchuk, 2014-08-14
@Chukchuk

I have the same problem,,Any news on this issue? maybe they changed api or something..

iBird Rose, 2017-06-20
@iiiBird

We also encountered this problem and even found the cause. Maybe it will be useful to someone:
In general, our application was quite competitive. And it happened that the user used some competitive application, and then connected ours. And users of course forgot to turn off the competitive application. Thus, in the user community, 2 or even 3 applications similar in functionality worked at once. Thus, requests from all these applications went to VK and he began to issue captcha.