1. OnlyFans Authentication
  2. Integrating OFAuth into Your Website

OnlyFans Authentication

Integrating OFAuth into Your Website

This guide will walk you through the process of implementing OnlyFans authentication using OFAuth's Account Linking Service. Please note that this is a beta feature and is subject to change.

Prerequisites

Before you begin, make sure you have:

  1. Generated an access key with Account Linking permissions
  2. Set up a webhook URL to receive users' session data

Implementation Steps

Step 1: Generate a Session Key

Create an endpoint in your application to generate a session key:

  1. Make a POST request to https://auth-api.ofauth.com/init
  2. Include the following headers:
    • Content-Type: application/json
    • apiKey: your_api_key_here
  3. Send this JSON body:
        {
	"metadata": { "user_id": "123" }, // anything to identify the user who the OF account belongs to (used in step 3)
	"proxy": "http://your_custom_proxy_url_here.com", // Optional
	"successUrl": "https://your-app.com/success", // Optional - redirect to this URL after successful login, if not embedding the login component
	"returnUrl": "https://your-app.com/cancel" // Optional - redirect to this URL after cancelled login, if not embedding the login component
}
  1. You'll receive a response with a clientSecret, url, and expiresAt timestamp.

Step 2: Capture login credentials

At this point, you have two options for implementing the login flow:

You can integrate OFAuth's login directly into your website using our embed library. There are two ways to implement this:

Simple Implementation (Code Snippet)

Add this HTML snippet to your website:

        <a href="__LOGIN_LINK__" data-ofauth-login data-ofauth-login-theme="light"> Link Account </a>
<script
	src="https://unpkg.com/@ofauth/login-embed@^1.0.0/dist/embed.global.js"
	defer
	data-auto-init
></script>

This will create a "Link Account" button that opens an inline login popup when clicked.

Advanced Implementation (JavaScript Library)

For more advanced projects (like React applications), install our library:

        npm install @ofauth/login-embed

Then implement it in your code:

        import { OFAuthEmbedLogin } from '@ofauth/login-embed';
import { useEffect } from 'react';

const LinkAccount = () => {
	useEffect(() => {
		OFAuthEmbedLogin.init();
	}, []);

	return (
		<a href="__LOGIN_LINK__" data-ofauth-login data-ofauth-login-theme="light">
			Link Account
		</a>
	);
};

export default LinkAccount;
TIP

You can style the trigger element any way you want, just make sure to keep the data-ofauth-login attribute.

Option 2: Direct Redirect

Alternatively, you can redirect users directly to the authentication URL received in Step 1.

Step 3: Handle Webhook Events

  1. Create an endpoint in your backend to receive webhook events
  2. OFAuth will send a POST request to your webhook URL with this structure:
        {
	"metadata": { "user_id": "123", "username": "example_user" },
	"secret": "whsec_DKkdOfafsdASrBFIDxrPZbKDagGF",
	"session": {
		"x-bc": "c38dcvfvf5l111plph1ed52r5k0ql9gr",
		"user-agent": "Mozilla/5.0 ...",
		"cookie": "sess=qpr5vf070i4edsfcdrihi4jnck;",
		"user-id": "144857123"
	}
}
  1. In your webhook handler:
    • Verify the secret matches your webhook secret
    • Use the metadata to identify the user
    • Save the session data securely for future API requests

Managing Active Accounts

You can view and manage authenticated accounts from your OFAuth dashboard:

  • See active sessions
  • View session data
  • Terminate sessions (log out users)

Access your dashboard here

Need Help?

If you encounter any issues or have questions, please contact our support team.

Previous <- Signing algorithm
Next Frontend components ->