Vercel Community

[▲ Vercel Community](/) · [Categories](/categories) · [Latest](/latest) · [Top](/top) · [Live](/live)

[Help](/c/help/9)

# Protection Bypass for Automation

92 views · 0 likes · 3 posts


gomesdigital (@gomesdigital) · 2025-12-12

Hi all! I'm facing unexpected behavior regarding Protection Bypass for Automation.

According to the docs - https://vercel.com/docs/deployment-protection/methods-to-bypass-deployment-protection/protection-bypass-automation - this feature should:
1. Generate a secret
2. Last on all deployments until revoked
3. Be automatically added to deployments as a system environment variable (VERCEL_AUTOMATION_BYPASS_SECRET)

In my use case, **NONE** of the above is happening, which leads me to believe the documentation has gone stale. I see:
1. A prompt to insert my own secret, not generated
2. Immediately revoked after first use - this is the big problem. I can run my e2e tests once, after which my secret disappears from the UI.
3. Not added to system environment variables whatsoever

I've carried out the steps manually to add the env myself and redeploy, but to no avail. The result is that running my tests for a second time are blocked by the Vercel SSO page.

### Context
Use case: e2e tests with playwright
Target environment: preview
Vercel Plan: Pro

I've also noticed that the screenshots in the docs differ from what I'm seeing, so the docs are definitely stale (attached). Note the "Enabled" toggle missing. 

Can anyone clarify what's going on here? Anyone else have this issue?

![image|690x249](upload://th4kgsAhGxC0GAMeWUun0mhqGdW.png)

![image|690x274](upload://hY2crOFaalR4ifL7Ve4eogW1Dpp.png)


system (@system) · 2025-12-12

The domain troubleshooting guide can help with most custom domain configuration issues. You might be able to use that guide to solve it before a human is available to help you. Then you can come back here and share the answer for [bonus points](https://community.vercel.com/t/introducing-the-vercel-leaderboard/1358).

https://vercel.com/docs/projects/domains/troubleshooting

You can also use [v0](https://v0.dev/) to narrow down the possibilities.


gomesdigital (@gomesdigital) · 2025-12-12

In addition, I am using the advanced configuration instructions.

```javascript
await page.route('**/*', async (route) => {
  await route.continue({
    headers: {
      ...route.request().headers(),
      'x-vercel-protection-bypass': vercelBypassSecret,
      'x-vercel-set-bypass-cookie': 'samesitenone',  // <-- here
    },
  });
});
```

In a single e2e test, multiple requests are made and they succeed. 

If I run the suite a second time, its as if the bypass secret never existed. Not visible in the UI either.