Hello,
i'm new in api programming so, sorry if this question is stupide.
But is there a way to login with the normal login/password via api?
I've already managed to fav a post using login&api_key but what if i want to fav something from a different account?

sold said:
Hello,
i'm new in api programming so, sorry if this question is stupide.
But is there a way to login with the normal login/password via api?
I've already managed to fav a post using login&api_key but what if i want to fav something from a different account?

Not through the actual API; the entire point is to avoid third party apps from collecting passwords.

That said, since it's possible for regular users to log in that way, it's possible for an app to do so as well. Definitely not recommended, though.

scth said:
Not through the actual API; the entire point is to avoid third party apps from collecting passwords.

That said, since it's possible for regular users to log in that way, it's possible for an app to do so as well. Definitely not recommended, though.

Thanks for the quick awnser!
I kinda expected something like that but now i know for sure.

API requests are stateless, there is no login/logout. You must provide credentials for each request to authenticate.

Simply switch to another pair of username/api key.

kora_viridian said:
I don't think you can do it through the API with the same user name and password you use on the interactive site.

If both accounts have API keys, I think you can switch from one to the other.

In other words, you would first do something like this to log in as Bob

https://e621.net/users/Bob.json?login=Bob&api_key=deadbeef0ddf00d

and then issue whatever other API commands you normally would; the site will consider them as being issued by Bob.

The API docs don't mention a "logout" step, so I think if you log in as a different user, it should log out the first user, maybe. In other words, if you then do

https://e621.net/users/Sally.json?login=Sally&api_key=badc0ffeedabadee

and then issue whatever other API commands you normally would; the site will consider them as being issued by Sally.

User Donovan_DMC has created an unofficial, expanded version of e621's API documentation, available at https://docs.e621.ws/ . Unfortunately, I can't find where it talks about the authentication process.

If you really want to know exactly how it works, use the source, Luke. All of the API-handling code should be in there, somewhere. (Note that Github recently put code search behind a login, so you can't do anonymous interactive searches on their site anymore. You can either log in to Github to search, or download the code and search it locally.)

If you are dead set on using a regular interactive login and password, you can, but you wouldn't do it through the API. You'd use something like Selenium to drive an interactive browser to log in. I've never done this; I just know it exists.

You don't have to use /users/<user>.json to login. Those parameters work on every API endpoint. If you change the parameters, I'm pretty sure it changes the logged in user. If it doesn't, can just create a new session, which certainty would.

I'd also generally recommend using the Authorization header, rather than the url parameters. If you're using C#'s HttpClient, you use (client variable).DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue(username, api key).

Thanks for the help everyone!

scth said:
You don't have to use /users/<user>.json to login. Those parameters work on every API endpoint. If you change the parameters, I'm pretty sure it changes the logged in user. If it doesn't, can just create a new session, which certainty would.

I'd also generally recommend using the Authorization header, rather than the url parameters. If you're using C#'s HttpClient, you use (client variable).DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue(username, api key).

I tried it with the DefaultRequestHeaders before but i couldnt get it to work. Now that i see your code i think i just forgot DefaultRequestHeaders."Authorization" so that helps a lot, thanks :).

That's fair. I changed that section to be more clear and remove mentions of logging in