OnlyFans Authentication

Integrating OFAuth into your application

This guide will walk you through the process of implementing OnlyFans authentication using OFAuth's Account Linking Service. Please note that this is a beta feature and is subject to change.

# Prerequisites

Before you begin, make sure you have:

1. Generated an access key with Account Linking permissions
   • Generate an access key here
2. Set up a webhook URL to receive users' session data
   • Set the webhook URL here

# Implementation Steps

# Step 1: Generate a Client Session

Create an endpoint in your application to generate a client session:

1. Make a POST request to https://auth-api.ofauth.com/init
2. Include the following headers:
   • Content-Type: application/json
   • apiKey: your_api_key_here
3. Send this JSON body:

        {
	"metadata": { "user_id": "123" }, // anything to identify the user who the OF account belongs to (used in step 3)
	"proxy": "http://your_custom_proxy_url_here.com", // Optional
	"successUrl": "https://your-app.com/success", // Optional - redirect to this URL after successful login, if not embedding Link directly
	"returnUrl": "https://your-app.com/cancel" // Optional - redirect to this URL after cancelled login, if not embedding Link directly
}

      

4. You'll receive a response with a clientSecret, url, and expiresAt timestamp.

# Step 2: Capture login credentials

At this point, you have two options for implementing the login flow:

# Option 1: Using the Embed Library (Recommended)

You can integrate OFAuth's login directly into your website using our embed library. There are two ways to implement this:

# Simple Implementation (Code Snippet)

Add this HTML snippet to your website:

        <a href="CLIENT_SESSION_URL" data-ofauth-link data-ofauth-theme="light">
	Link account using OFAuth
</a>
<script
	src="https://unpkg.com/@ofauth/link-embed/dist/embed.global.js"
	defer
	data-auto-init
></script>

      

This will create a "Link Account" button that opens an inline login popup when clicked.

# Advanced Implementation (JavaScript Library)

For more advanced projects (like React applications), install the Link embed library:

        npm install @ofauth/link-embed

      

Then implement it in your code:

        import { OFAuthLinkEmbed } from '@ofauth/link-embed';
import { useEffect } from 'react';

const LinkAccount = () => {
	useEffect(() => {
		OFAuthLinkEmbed.init();
	}, []);

	return (
		<a href="CLIENT_SESSION_URL" data-ofauth-link data-ofauth-theme="light">
			Link account using OFAuth
		</a>
	);
};

export default LinkAccount;

      

# Option 2: Redirect to a hosted Link form

Alternatively, you can redirect users directly to the authentication URL received in Step 1. Just make sure to include the successUrl and returnUrl parameters when creating the client session.

# Step 3: Handle Webhook Events

1. Create an endpoint in your backend to receive webhook events
2. OFAuth will send a POST request to your webhook URL with this structure:

        {
	"metadata": { "user_id": "123" }, // what you provided in Step 1
	"secret": "whsec_DKkdOfafsdASrBFIDxrPZbKDagGF", // your webhook secret, to verify the request
	"session": {
		"x-bc": "c38dcvfvf5l111plph1ed52r5k0ql9gr",
		"user-agent": "Mozilla/5.0 ...",
		"cookie": "sess=qpr5vf070i4edsfcdrihi4jnck;",
		"user-id": "144857123"
	}
}

      

3. In your webhook handler:
   • Verify the secret matches your webhook secret
   • Use the metadata to identify the user
   • Save the session data securely for future API requests

# Managing Active Accounts

You can view and manage authenticated accounts from your OFAuth dashboard:

• See active sessions
• View session data
• Terminate sessions (log out users)

Access your dashboard here

# Need Help?

If you encounter any issues or have questions, please contact our support team.