Help us translate

This document is translated by the community. You can contribute on Crowdin. We appreciate your cooperation 🙏.

Obtain an access token

To get started with the API, you first need to get an access token tied to the account you want to use. This document describes the steps to get an access token and then the basic API usage.

Generally, API requests require an access token. An access token is authentication information linked to a user, which identifies the user utilizing the API and manages the permissions associated with each access token.

Tips

A user and their associated access tokens have a one-to-many relationship, meaning multiple access tokens can be issued for a single user.

You can easily obtain your own access token, and you can also obtain access tokens for users who will be using your application.

  • For the former: proceed to "Manually Issuing Your Own Access Token" section
  • For the latter: proceed to "Requesting Access Tokens for Application Users" section

Manually Issuing Your Own Access Token

You can issue your access token in Misskey Web under "Settings > API".

Danger

Make sure to keep your access token confidential and do not share it with others.

Requesting Access Tokens for Application Users

To obtain access tokens for users who will be using your application (hereinafter simply referred to as "users"), use one of the following methods:

Using the API

Once you have obtained an access token, you can use the API by making requests to various endpoints.

Tips
  • All HTTP API requests are POST, and both requests and responses are in JSON format (except for drive/files/create).
  • Specify Content-Type: application/json in the request header.
  • Include the access token in the request body JSON with the parameter name i.
  • The base URL is https://{server domain}/api.

Using the Authorization Header

Instead of using i, you can specify the Authorization field in the header as follows:

fetch("https://misskey.example/api/notes/create", {
    method: 'POST',
    body: JSON.stringify({
            text: "Hello Misskey API World with My Application!"
    }),
    headers: {
        Authorization: `Bearer ${accessToken}`,
        'Content-Type': 'application/json',
    },
    credentials: 'omit',
});

Using the i Parameter

Example of a request body with an access token (for meta):

{
    "i": "HogEFugA1341",
    "detail": false
}

For more details of each endpoints, refer to the API reference.

Warning

Misskey API does not follow REST practices.

In addition to the HTTP API, Misskey also offers a streaming API. For details on the streaming API, refer to this document.