Developers are encountering hCaptcha challenges when running Playwright automation tests for custom Shopify apps, specifically during admin login on staging environments. The tests pass locally but fail in staging due to captcha verification.
Key Issue:
While captcha can be disabled for online storefronts, no equivalent option exists for admin login pages
The problem affects automated testing workflows for custom apps built with Shopify’s Remix template
Official Response:
Shopify Support confirmed that hCaptcha is a mandatory security protocol triggered by automated/unusual login activity. They explicitly stated:
No method exists to disable or bypass hCaptcha, even for development/test stores
Suggested workaround: slow down automated tests or add intervals between login attempts (though effectiveness uncertain)
Status: Unresolved. Multiple developers report the same issue with no working solution identified. The discussion remains open as participants seek alternative approaches or workarounds.
Summarized with AI on October 28.
AI used: claude-sonnet-4-5-20250929.
I have built a custom Shopify app (using remix template) and have written automation tests using playwright.
I am currently testing 2 things here:
Testing online store
Testing custom app by signing as admin
These test run without any issues in local environment but fails on staging because of captcha check on admin login page. We can disable captcha for online store but I didn’t find any thing that helps with admin login.
I would really appreciate your suggestions or experiences on tackling this captacha issue. Thanks!
Having the same issue with our Playwright automation tests. No suggestions as I just started looking into it, but I was curious if you were able to solve this?
They answered this to me recently (nothing worked):
"Hi Andre,
Thank you for reaching out and for your patience while we looked into this further.
After carefully reviewing the issue, we confirmed that the appearance of hCaptcha in your store is part of Shopify’s standard security protocol. hCaptcha is automatically triggered when unusual or automated login activity is detected, even in a testing environment, as a security measure to safeguard accounts and prevent unauthorized access.
Unfortunately, there’s no available method or workaround to fully disable or bypass hCaptcha, even for test or development stores. This default measure ensures the overall security and reliability of the platform for all merchants and customers.
We understand this might cause some inconvenience during testing scenarios. To mitigate or reduce the appearance of hCaptcha, slowing down automated tests or implementing intervals between login attempts may help; however, complete removal isn’t possible.
Please let us know if you have any further questions. We’re always happy to help.