Signing Requests
How to sign requests
Using the signing API, you can sign requests to the OnlyFans API. This is necessary to authenticate your requests and ensure that they are valid.
There's two ways to integrate the signing API into your application:
Sign Request Endpoint
Using the Sign Request endpoint is the easiest way to integrate the signing API into your application. You can use the endpoint to sign requests for any of the OnlyFans API endpoints.
To get started, you'll need an access key with rules
permissions. You can create an access key here.
Making a Sign Request
Make a POST request to https://api.ofauth.com/v2/dynamic-rules/sign
with:
Headers
Content-Type: application/json
apiKey: your_api_key_here
Request Body
The user_id
is only required if you include the user-id
header in your OF API request.
If timestamp
is not provided, the current server time will be used.
Response
Using the Signed Values
Add the values from the response as headers in your OnlyFans API request:
Rate Limits
The signing API has the following rate limits:
/v2/dynamic-rules/sign
)
Sign Endpoint (- 30 requests per minute
- Headers will include remaining requests and reset time
/v2/dynamic-rules
)
Rules Endpoint (- 1 request per minute
- Headers will include remaining requests and reset time
- We recommend caching the rules locally
When you exceed the rate limit, you'll receive a 429 response with headers:
To avoid rate limits:
- Cache the rules locally and update them periodically
- For high-volume needs, consider self-signing requests
- Monitor the X-RateLimit headers to stay within limits
Self-sign Requests
For high-volume applications, you can self-sign requests to avoid the API rate limits:
- Get the latest dynamic rules from the Rules Endpoint:
Implement the signing algorithm in your application.
Use the generated values in your OF API requests:
The rules change periodically. You should:
- Cache the rules locally
- Update them every few hours
- Have fallback logic if signatures fail
Examples
Check out the examples on the public Github repository.