Protection Bypass for Automation

gomesdigital · December 12, 2025, 12:01pm

Hi all! I’m facing unexpected behavior regarding Protection Bypass for Automation.

According to the docs - Protection Bypass for Automation - this feature should:

Generate a secret
Last on all deployments until revoked
Be automatically added to deployments as a system environment variable (VERCEL_AUTOMATION_BYPASS_SECRET)

In my use case, NONE of the above is happening, which leads me to believe the documentation has gone stale. I see:

A prompt to insert my own secret, not generated
Immediately revoked after first use - this is the big problem. I can run my e2e tests once, after which my secret disappears from the UI.
Not added to system environment variables whatsoever

I’ve carried out the steps manually to add the env myself and redeploy, but to no avail. The result is that running my tests for a second time are blocked by the Vercel SSO page.

Context

Use case: e2e tests with playwright
Target environment: preview
Vercel Plan: Pro

I’ve also noticed that the screenshots in the docs differ from what I’m seeing, so the docs are definitely stale (attached). Note the “Enabled” toggle missing.

Can anyone clarify what’s going on here? Anyone else have this issue?

system · December 12, 2025, 12:01pm

The domain troubleshooting guide can help with most custom domain configuration issues. You might be able to use that guide to solve it before a human is available to help you. Then you can come back here and share the answer for bonus points.

You can also use v0 to narrow down the possibilities.

gomesdigital · December 12, 2025, 12:30pm

In addition, I am using the advanced configuration instructions.

await page.route('**/*', async (route) => {
  await route.continue({
    headers: {
      ...route.request().headers(),
      'x-vercel-protection-bypass': vercelBypassSecret,
      'x-vercel-set-bypass-cookie': 'samesitenone',  // <-- here
    },
  });
});

In a single e2e test, multiple requests are made and they succeed.

If I run the suite a second time, its as if the bypass secret never existed. Not visible in the UI either.

Topic		Replies	Views
Github + Vercel + Playwright e2e + using Automation Bypass Secret Help	2	309	October 26, 2024
Issue with protection bypass for automation Discussions firewall	2	25	December 31, 2025
Automatic deployment is broken after upgrading to Pro plan Help	6	104	August 6, 2024
Authentication required to call my API Help nextjs	2	241	March 14, 2025
Deployment protection not applying to Preview Deployments Help nextjs , domains	8	134	November 21, 2024

Protection Bypass for Automation

Context

Related topics