OnlyFans Authentication
The process
Using OFAuth's Account Linking Service is quite simple, although there are a few steps to follow.
In order to use the Account Linking Service, you will need to do the following:
- Generate an access key with Account Linking permissions ( Go here to generate an access key)
- Set a webhook URL to receive the users' session data when a successful login occurs ( Go here to set the webhook URL)
The process
- Create an endpoint to generate a session key to start the login process
- Embed the login component into your app
- Create an endpoint to receive the webhook event
1. Generating a session key
Using your API key, make a POST request to auth.ofauth.com/api/init
.
Headers:
Content-Type: application/json
apiKey: your_api_key_here
Body:
metadata
is used to store any information that you want to pass along in the webhook event. Use this to store the user's ID, username, or any other information you want to identify the user and connect the session to them.proxy
is optional, and can be used to specify a custom proxy URL to be used for the request. If you do not specify a proxy, OFAuth will use a dedicated or shared proxy based on your plan.
Response:
2. Embed the login component
Embed the JavaScript login component into your app. This can be done in a popup, or inline. Just make sure to pass the sessionKey
from the previous step to the init
function.
3. Create an endpoint to receive the webhook event
Set the webhook URL in your OFAuth dashboard, and make sure to create an endpoint on your server that can receive the webhook event.
When a user successfully logs in, OFAuth will make a POST request to the webhook URL with the following body:
- Verify the
secret
is correct - Use the metadata to identify which user this session belongs to
- Save the
session
object to your database, so that you can use it to make requests to the OnlyFans API
Managing Active Accounts
On your OFAuth dashboard, you can view and manage your active accounts. (Accounts that have been authenticated, and are currently active.) You'll be able to see the session data and terminate sessions (log out).