This document is translated by the community. You can contribute on Crowdin. We appreciate your cooperation 🙏.
Obtain an access token
To get started with the API, you first need to get an access token tied to the account you want to use. This document describes the steps to get an access token and then the basic API usage.
Generally, API requests require an access token. An access token is authentication information linked to a user, which identifies the user utilizing the API and manages the permissions associated with each access token.
A user and their associated access tokens have a one-to-many relationship, meaning multiple access tokens can be issued for a single user.
You can easily obtain your own access token, and you can also obtain access tokens for users who will be using your application.
- For the former: proceed to "Manually Issuing Your Own Access Token" section
- For the latter: proceed to "Requesting Access Tokens for Application Users" section
Manually Issuing Your Own Access Token
You can issue your access token in Misskey Web under "Settings > API".
Make sure to keep your access token confidential and do not share it with others.
Requesting Access Tokens for Application Users
To obtain access tokens for users who will be using your application (hereinafter simply referred to as "users"), use one of the following methods:
Obtaining an Access Token via MiAuth
This document explains a simple authentication method unique to Misskey, available from v12.27.0 onwards.
Obtaining an Access Token via OAuth
This document explains how to authenticate using the OAuth2.0 method, available from v2023.9.0 onwards.
Obtaining an Access Token by Creating an App (Legacy)
This document explains how to obtain an access token in versions of Misskey prior to the introduction of MiAuth (before v12.27.0)
Using the API
Once you have obtained an access token, you can use the API by making requests to various endpoints.
- All HTTP API requests are POST, and both requests and responses are in JSON format (except for drive/files/create).
- Specify
Content-Type: application/json
in the request header. - Include the access token in the request body JSON with the parameter name
i
. - The base URL is
https://{server domain}/api
.
Using the Authorization Header
Instead of using i
, you can specify the Authorization
field in the header as follows:
fetch("https://misskey.example/api/notes/create", {
method: 'POST',
body: JSON.stringify({
text: "Hello Misskey API World with My Application!"
}),
headers: {
Authorization: `Bearer ${accessToken}`,
'Content-Type': 'application/json',
},
credentials: 'omit',
});
Using the i
Parameter
Example of a request body with an access token (for meta
):
{
"i": "HogEFugA1341",
"detail": false
}
For more details of each endpoints, refer to the API reference.
Misskey API does not follow REST practices.
In addition to the HTTP API, Misskey also offers a streaming API. For details on the streaming API, refer to this document.