Skip to main content

General Questions

What browsers does Enigma use?

Enigma uses Chrome Desktop running in cloud-based instances. Each session gets a dedicated browser instance with:
  • Version: Latest stable Official Chrome
  • User Agent: Standard Chrome user agent
  • Extensions: Cookie blocker
  • Cookies: Isolated per session
  • JavaScript: Enabled by default
Note: You cannot currently specify browser type (Firefox, Safari, etc.) or version. All sessions uses Chrome. Related:

How long can sessions run?

Session duration depends on your configuration: Default Limits:
  • Minimum duration: 1 minutes (60,000ms)
  • Maximum duration: Unlimited
  • Default if not specified: 5 minutes (300,000ms)
Inactivity Timeout:
  • Sessions expire after the maxDuration is reached
  • No automatic extension - you must create a new session
Example: 
// Session that can run up to 10 minutes
const session = await fetch("https://connect.enigma.click/start/start-session", {
  method: "POST",
  headers: {
    "Content-Type": "application/json",
    "Authorization": `Bearer ${apiKey}`
  },
  body: JSON.stringify({
    taskDetails: "Long-running task",
    maxDuration: 600000 // 10 minutes - requires higher tier plan
  })
});
Plan-Specific Limits:
  • Free Tier: Max 5 minutes (300,000ms)
  • Pro Tier: Max 15 minutes (900,000ms)
  • Enterprise: Custom limits available
Related:

Is my data secure?

Yes, Enigma takes security seriously: Session Isolation:
  • Each session runs in an isolated browser instance
  • Cookies and localStorage are not shared between sessions
  • Instances are destroyed after session termination
Data Handling:
  • API keys are encrypted in transit and at rest
  • Session data is stored temporarily for debugging
  • Logs are automatically deleted after 30 days
Network Security:
  • All API communication uses HTTPS/TLS 1.3
  • WebSocket connections are encrypted (WSS)
  • No data is transmitted in plaintext
Privacy:
  • Enigma does not store credentials you provide to websites
  • Screenshots and recordings are deleted with the session
  • We do not track or log browsing behavior
Compliance:
  • GDPR compliant
  • Data residency options available for Enterprise
Best Practices:
  • Rotate API keys regularly
  • Don’t hardcode credentials in your code
  • Use environment variables for sensitive data
  • Terminate sessions immediately when done
Related:

Can I run parallel sessions?

Yes, but with limits based on your plan: Concurrent Session Limits:
  • Free Tier: 2 concurrent sessions
  • Pro Tier: 15 concurrent sessions
  • Enterprise: Custom limits
Example: 
// Run multiple sessions in parallel
const sessions = await Promise.all([
  createSession("Task 1", apiKey),
  createSession("Task 2", apiKey),
  createSession("Task 3", apiKey)
]);

console.log("Created sessions:", sessions.map(s => s.sessionId));

async function createSession(taskDetails, apiKey) {
  const response = await fetch("https://connect.enigma.click/start/start-session", {
    method: "POST",
    headers: {
      "Content-Type": "application/json",
      "Authorization": `Bearer ${apiKey}`
    },
    body: JSON.stringify({ taskDetails })
  });

  return await response.json();
}
What Happens if Limit Reached: 
{
  "success": false,
  "error": "Maximum concurrent sessions reached (limit: 5)",
  "code": "SESSION_LIMIT_REACHED",
  "details": {
    "current": 5,
    "limit": 5
  }
}
Solutions:
  • Terminate unused sessions before creating new ones
  • Queue tasks and process sequentially
  • Upgrade to a higher tier plan
Related:

How do I handle authentication for websites?

There are several approaches depending on the website: 1. Provide Credentials in Task 
const session = await fetch("https://connect.enigma.click/start/start-session", {
  method: "POST",
  headers: {
    "Content-Type": "application/json",
    "Authorization": `Bearer ${apiKey}`
  },
  body: JSON.stringify({
    taskDetails: `Navigate to example.com, click login, enter username "user@example.com" and password "myPassword123", then go to dashboard`,
    startingUrl: "https://example.com/login"
  })
});
2. Use Cookies/Session Storage 
// First session: Login and get cookies
const loginSession = await createSession("Login with credentials...", apiKey);
const cookies = await getCookies(loginSession.sessionId, apiKey);

// Second session: Reuse cookies (if supported)
// Note: Cookie persistence across sessions is limited
3. Handle Login via Guardrails 
ws.onmessage = async (event) => {
  const data = JSON.parse(event.data);

  if (data.type === "guardrail_trigger") {
    if (data.data.value.includes("login") || data.data.value.includes("credentials")) {
      // Provide credentials when asked
      await fetch("https://connect.enigma.click/start/send-message", {
        method: "POST",
        headers: {
          "Content-Type": "application/json",
          "Authorization": `Bearer ${apiKey}`
        },
        body: JSON.stringify({
          sessionId,
          message: {
            actionType: "guardrail",
            taskDetails: "Username: user@example.com, Password: myPassword123",
            newState: "resume"
          }
        })
      });
    }
  }
};
4. OAuth/Social Login
  • Provide redirect URLs in task details
  • Handle popup windows via guardrails
  • May require manual takeover for 2FA
Related:

Integration Questions

Can I use my own API keys for LLMs?

Short Answer: No, not currently. Enigma uses its own LLM infrastructure to power the browser agent. You cannot bring your own API keys or use different models. What You Get:
  • Optimized prompting for browser automation
  • No need to manage separate API keys
  • Usage tracked and billed through Enigma
Pricing:
  • Costs are included in your Enigma usage
  • Charged based on input/output tokens
  • See current pricing at enigma.click/pricing
Related:

Does Enigma work with [framework]?

Enigma provides a REST API, WebSocket interface, MCP and OPENAI format, making it compatible with any framework or language that can make HTTP requests. Officially Supported:
  • JavaScript/TypeScript (Node.js, Deno, Bun)
  • Python
  • Any language with HTTP/WebSocket support
Popular Integrations: Next.js / React: 
// app/api/enigma/route.js
export async function POST(request) {
  const { taskDetails } = await request.json();

  const response = await fetch("https://connect.enigma.click/start/start-session", {
    method: "POST",
    headers: {
      "Content-Type": "application/json",
      "Authorization": `Bearer ${process.env.ENIGMA_API_KEY}`
    },
    body: JSON.stringify({ taskDetails })
  });

  return Response.json(await response.json());
}
Express.js: 
app.post('/automate', async (req, res) => {
  const { taskDetails } = req.body;

  const response = await fetch("https://connect.enigma.click/start/start-session", {
    method: "POST",
    headers: {
      "Content-Type": "application/json",
      "Authorization": `Bearer ${process.env.ENIGMA_API_KEY}`
    },
    body: JSON.stringify({ taskDetails })
  });

  res.json(await response.json());
});
Python (FastAPI): 
import httpx
from fastapi import FastAPI

app = FastAPI()

@app.post("/automate")
async def automate(task_details: str):
    async with httpx.AsyncClient() as client:
        response = await client.post(
            "https://connect.enigma.click/start/start-session",
            json={"taskDetails": task_details},
            headers={
                "Authorization": f"Bearer {os.getenv('ENIGMA_API_KEY')}"
            }
        )
        return response.json()
Related:

Can I use Enigma with the MCP protocol?

Yes! Enigma provides a native Model Context Protocol (MCP) server. What is MCP?
  • Protocol for connecting AI models to external tools
  • Developed by Anthropic
  • Allows Claude Desktop and other MCP clients to use Enigma
Setup: 
// claude_desktop_config.json
{
  "mcpServers": {
    "enigma": {
      "command": "npx",
      "args": ["-y", "@enigma/mcp-server"],
      "env": {
        "ENIGMA_API_KEY": "your-api-key-here"
      }
    }
  }
}
Available Tools:
  • enigma_browser_start - Start a new session
  • enigma_browser_run_task - Execute a task
  • enigma_browser_control - Control session state
  • enigma_browser_get_result - Get task results
Resources:
  • Session streaming access
  • Task result access
Related:

Pricing Questions

Is there a free tier?

Yes! Enigma offers a free tier for testing and small-scale usage. Free Tier Includes:
  • $5 free credits per month
  • 2 concurrent sessions
  • 15 minutes session duration
  • All API features enabled
  • Community support
What You Can Do:
  • Test integration
  • Build proof-of-concepts
  • Automate low-volume tasks
  • Approximately 200-500 simple tasks/month
Limitations:
  • Credits reset monthly (don’t roll over)
  • Rate limits apply (10 req/min per endpoint)
  • No SLA guarantee
  • Email support only
Upgrade When:
  • You need longer sessions (> 60 seconds)
  • More concurrent sessions (> 2)
  • Higher rate limits
  • Priority support
  • Production SLA
Related:

How are tokens counted?

Tokens are counted based on the content processed by the AI agent: Input Tokens (Context):
  • Page HTML/DOM content
  • Task instructions
  • Previous conversation history
  • Guardrail responses
  • Images and screenshots (converted to tokens)
Output Tokens (Response):
  • Agent’s reasoning and actions
  • Extracted data
  • Error messages
  • Status updates
Example: 
{
  "usage": {
    "inputTokens": 15000,   // ~10-15 pages worth of content
    "outputTokens": 3000,   // Agent's actions and responses
    "cost": 0.018           // Total cost in USD
  }
}
Token Costs (Approximate):
  • Input: ~$0.003 per 1K tokens
  • Output: ~$0.015 per 1K tokens
  • Prices vary by model tier
How to Reduce Tokens:
  1. Set Token Limits: 
    {
  maxInputTokens: 10000,  // Limit context
  maxOutputTokens: 2000   // Limit response
}
  2. Use Starting URL: 
    {
  startingUrl: "https://example.com/target-page"  // Skip navigation
}
  3. Block Unnecessary Domains: 
    {
  avoidDomains: ["ads.example.com", "analytics.example.com"]
}
  4. Simplify Tasks:
    • Be specific and direct
    • Avoid exploration-heavy tasks
Related:

Do idle sessions cost money?

No - Idle sessions do not consume tokens, but they still occupy a session slot. How Costs Work:
  • Costs are only incurred when tasks are running and the AI agent processes content
  • Idle time (between tasks) has no token cost
  • However, idle sessions count toward your concurrent session limit
Example: 
// Session created - no cost yet
const session = await createSession("Navigate to example.com", apiKey);

// Task runs - COSTS TOKENS
const result1 = await runTask(session.sessionId, "Click first link", apiKey);

// Waiting 30 seconds - NO COST (but session still active)
await new Promise(r => setTimeout(r, 30000));

// Another task runs - COSTS TOKENS
const result2 = await runTask(session.sessionId, "Get page title", apiKey);

// Session terminated - no further costs
await terminateSession(session.sessionId, apiKey);
Best Practices:
  • Terminate sessions immediately when done to free up session slots
  • Don’t keep sessions running “just in case”
  • Use maxDuration to auto-terminate sessions
Session Management: 
try {
  const session = await createSession(taskDetails, apiKey);
  const result = await runTask(session.sessionId, task, apiKey);
  return result;
} finally {
  // Always terminate, even on error
  await terminateSession(session.sessionId, apiKey);
}
Related:

Can I set spending limits?

Yes - You can set spending limits in your account settings. How to Set Limits:
  1. Go to app.enigma.click/billing
  2. Navigate to “Spending Limits”
  3. Set daily, weekly, or monthly caps
  4. Enable alerts at threshold percentages
Limit Options:
  • Hard Limit: API requests fail when reached
  • Soft Limit: Receive alerts but requests continue
  • Alert Thresholds: 50%, 75%, 90%, 100%
Example: 
// When spending limit reached
{
  "success": false,
  "error": "Spending limit reached ($100.00). Increase limit or wait for reset.",
  "code": "SPENDING_LIMIT_REACHED"
}
Monitoring: 
// Check current usage via API
const usage = await fetch("https://connect.enigma.click/account/usage", {
  headers: { "Authorization": `Bearer ${apiKey}` }
});

const data = await usage.json();
console.log("Current spend:", data.currentPeriodSpend);
console.log("Limit:", data.spendingLimit);
console.log("Remaining:", data.remaining);
Best Practices:
  • Start with conservative limits
  • Monitor usage patterns
  • Set up alert notifications
  • Review usage regularly
Related:

Technical Questions

How do I handle CAPTCHAs?

CAPTCHAs require human intervention. Enigma provides several approaches: 1. Manual Takeover Mode 
// When CAPTCHA detected, switch to manual mode
await fetch("https://connect.enigma.click/start/send-message", {
  method: "POST",
  headers: {
    "Content-Type": "application/json",
    "Authorization": `Bearer ${apiKey}`
  },
  body: JSON.stringify({
    sessionId,
    message: { actionType: "state", newState: "manual" }
  })
});

// User solves CAPTCHA via video stream
// Watch stream at: https://connect.enigma.click/stream/${sessionId}

// After CAPTCHA solved, resume agent
await fetch("https://connect.enigma.click/start/send-message", {
  method: "POST",
  headers: {
    "Content-Type": "application/json",
    "Authorization": `Bearer ${apiKey}`
  },
  body: JSON.stringify({
    sessionId,
    message: { actionType: "state", newState: "resume" }
  })
});
2. Guardrail Handling 
ws.onmessage = async (event) => {
  const data = JSON.parse(event.data);

  if (data.type === "guardrail_trigger") {
    // Check if CAPTCHA mentioned
    if (data.data.value.toLowerCase().includes("captcha")) {
      // Notify user
      console.log("CAPTCHA detected - manual intervention needed");

      // Provide stream URL
      console.log(`Solve at: https://connect.enigma.click/stream/${sessionId}`);

      // Wait for user confirmation
      const solved = await askUser("Have you solved the CAPTCHA?");

      // Resume
      await sendMessage(sessionId, {
        actionType: "guardrail",
        taskDetails: "CAPTCHA solved, continue",
        newState: "resume"
      });
    }
  }
};
3. Avoid CAPTCHA-Heavy Sites 
// Some sites are known for heavy CAPTCHA usage
const session = await fetch("https://connect.enigma.click/start/start-session", {
  method: "POST",
  headers: {
    "Content-Type": "application/json",
    "Authorization": `Bearer ${apiKey}`
  },
  body: JSON.stringify({
    taskDetails: "Research topic",
    avoidDomains: [
      "heavily-protected-site.com"
    ]
  })
});
Prevention:
  • Rate limit your requests
  • Don’t hammer the same site repeatedly
  • Use residential proxies (Enterprise feature)
  • Rotate sessions
Related:

Can Enigma access sites behind login?

Yes, but with some considerations: Approach 1: Provide Credentials Directly 
const session = await fetch("https://connect.enigma.click/start/start-session", {
  method: "POST",
  headers: {
    "Content-Type": "application/json",
    "Authorization": `Bearer ${apiKey}`
  },
  body: JSON.stringify({
    taskDetails: `
      1. Navigate to example.com/login
      2. Enter username: user@example.com
      3. Enter password: myPassword123
      4. Click submit
      5. Once logged in, go to /dashboard and extract data
    `,
    startingUrl: "https://example.com/login"
  })
});
Approach 2: Handle via Guardrails 
// Agent will ask for credentials when needed
ws.onmessage = async (event) => {
  const data = JSON.parse(event.data);

  if (data.type === "guardrail_trigger") {
    if (data.data.value.includes("login") || data.data.value.includes("username")) {
      await sendMessage(sessionId, {
        actionType: "guardrail",
        taskDetails: "Username: user@example.com, Password: myPassword123",
        newState: "resume"
      });
    }
  }
};
Limitations:
  • 2FA/MFA: Requires manual intervention or external automation
  • OAuth: Complex flows may need manual takeover
  • Session Persistence: Cookies don’t persist across different sessions
  • CAPTCHA: May be triggered on login
Security Best Practices:
  • Don’t hardcode credentials
  • Use environment variables
  • Consider using test/sandbox accounts
  • Rotate credentials regularly
Alternatives:
  • Use public pages when possible
  • Check if site has an API
  • Consider scraping logged-out content
Related:

What’s the resolution of the browser?

Default Resolution:
  • Width: 1920 pixels
  • Height: 1080 pixels
  • Viewport: Full HD (1080p)
Device Emulation: Currently, Enigma does not support:
  • Custom viewport sizes
  • Mobile device emulation
  • Different screen resolutions
  • Responsive mode testing
What This Means:
  • All sessions use desktop resolution
  • Mobile sites will show desktop version (unless responsive)
  • Testing mobile layouts requires the desktop-responsive version
Workarounds for Mobile: 
// Some sites switch to mobile based on user agent
// This is not currently supported in Enigma
Future Features:
  • Mobile device emulation (coming soon)
  • Custom viewport dimensions
  • Device profiles (iPhone, iPad, etc.)
Related:

Can I use proxies?

Standard Plans: No proxy support Enterprise Plans: Yes, custom proxy configuration available Enterprise Features:
  • Residential proxy pools
  • Geographic targeting (US, EU, Asia, etc.)
  • Rotating IPs
  • Custom proxy servers
Why Use Proxies:
  • Access geo-restricted content
  • Avoid IP-based rate limits
  • Appear as different users
  • Reduce CAPTCHA frequency
Contact: Email sales@enigma.click for Enterprise pricing Alternatives for Standard Plans:
  • Use rate limiting to avoid blocks
  • Rotate between multiple API keys
  • Space out requests over time
Related:

Can I access the browser’s console logs?

Not directly, but you can access page errors and warnings through the task result. What You Get: 
const result = await pollForResult(sessionId, taskId, apiKey);

console.log("Task result:", result.data.result);
// May include error messages encountered

// Errors are also surfaced in events
ws.onmessage = (event) => {
  const data = JSON.parse(event.data);

  if (data.type === "error") {
    console.error("Browser error:", data.data);
  }
};
Console Access Limitations:
  • No real-time console.log() output
  • Critical errors are captured
  • JavaScript errors may be included in result
Debugging Tips:
  1. Use guardrails to get information: 
    taskDetails: "Navigate to page and tell me if there are any JavaScript errors visible"
  2. Check page content: 
    taskDetails: "Get the error message displayed on the page"
  3. Enable verbose logging in your code: 
    const result = await pollForResult(sessionId, taskId, apiKey);
console.log("Full result:", JSON.stringify(result, null, 2));
Related:

What User-Agent does Enigma use?

Enigma uses a standard Chrome User-Agent that matches the Chrome version. Example: 
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36
Characteristics:
  • Appears as Windows 10, 64-bit Chrome browser
  • Latest stable Chrome version
  • Standard desktop user agent
  • Not marked as headless or automated
Cannot Currently Customize:
  • User agent string
  • Platform (always Windows)
  • Browser version
  • Device type
Detection:
  • Some sophisticated bot detection may still identify automation
  • Enigma works on most sites
  • CAPTCHAs may still appear on high-security sites
Related:

Support & Resources

Where can I find code examples?

Official Resources: GitHub: Example: Complete Task Flow 
const ENIGMA_API_KEY = process.env.ENIGMA_API_KEY;

async function automateTask(taskDetails) {
  let sessionId;

  try {
    // 1. Create session
    const sessionResponse = await fetch(
      "https://connect.enigma.click/start/start-session",
      {
        method: "POST",
        headers: {
          "Content-Type": "application/json",
          "Authorization": `Bearer ${ENIGMA_API_KEY}`
        },
        body: JSON.stringify({
          taskDetails,
          maxDuration: 120000
        })
      }
    );

    const session = await sessionResponse.json();
    sessionId = session.sessionId;

    // 2. Monitor via WebSocket
    const ws = new WebSocket(
      `wss://connect.enigma.click/ws?sessionId=${sessionId}&apiKey=${ENIGMA_API_KEY}`
    );

    return new Promise((resolve, reject) => {
      ws.onmessage = (event) => {
        const data = JSON.parse(event.data);

        if (data.type === "task_completed") {
          ws.close();
          resolve(data.data);
        }

        if (data.type === "error") {
          ws.close();
          reject(new Error(data.data.message));
        }
      };
    });

  } catch (error) {
    console.error("Error:", error);
    throw error;
  } finally {
    // 3. Clean up
    if (sessionId) {
      await fetch("https://connect.enigma.click/start/send-message", {
        method: "POST",
        headers: {
          "Content-Type": "application/json",
          "Authorization": `Bearer ${ENIGMA_API_KEY}`
        },
        body: JSON.stringify({
          sessionId,
          message: { actionType: "state", newState: "terminate" }
        })
      });
    }
  }
}

// Usage
const result = await automateTask("Navigate to example.com and get the page title");
console.log("Result:", result);

How do I get support?

Support Channels by Plan: Free Tier:
  • Documentation (you’re reading it!)
  • Community Discord
  • Email support (48-hour response)
Pro Tier:
  • Priority email support (24-hour response)
  • Live chat during business hours
  • Video call support (by appointment)
Enterprise:
  • Dedicated account manager
  • 24/7 phone support
  • SLA guarantees
  • Custom integrations support
Contact Information: Before Contacting Support:
  1. Check this documentation
  2. Review Common Issues
  3. Check Error Reference
  4. Look at system status page
What to Include:
  • Session ID and task ID
  • Full error message/response
  • Code snippet (redact API keys!)
  • Timestamp of occurrence
  • What you’ve already tried

Error Codes Reference

Complete error code documentation

Common Issues

Solutions for frequent problems

Quickstart Guide

Get started in 5 minutes

API Reference

Complete API documentation