POST
/
api
/
v2
/
account-connect
Connect Account
curl --request POST \
  --url https://onlyautomator.com/api/v2/account-connect \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --header 'bcTokenSha: <bctokensha>' \
  --header 'sess: <sess>' \
  --header 'userAgent: <useragent>' \
  --data '{
  "localStorage": {},
  "sessionStorage": {},
  "cookies": {},
  "other_data": {}
}'
{
  "status": "success",
  "data": {
    "accountId": "acc_f7a12b39-1234-5678-abcd-0123456789ab",
    "status": "connected",
    "syncTimestamp": "2023-03-15T14:23:45Z"
  }
}
Connects an OnlyFans account to the OnlyAutomator platform by sending authenticated session data from the Chrome extension.

Endpoint

POST /api/v2/account-connect

Authentication

This endpoint requires authentication with a valid JWT token in the Authorization header.
This endpoint requires authentication via bearer token representing a valid user session managed by Supabase Auth (cookies).Testing Note: Due to the requirement for a live user session, this endpoint cannot be successfully tested directly using the ‘Send’ button in this documentation with a static token.To test:
  1. Call this endpoint from your web application after logging in.
  2. Use curl or a similar tool with a valid, current user JWT obtained from your browser’s session after logging in.
Retrieving JWT Token for Testing: To test endpoints requiring a user session with tools like curl, you need the JWT access token stored by Supabase Auth in your browser.
  1. Log in to your application normally in your browser.
  2. Open Developer Tools (usually F12).
  3. Go to the Application tab (it might be called Storage in Firefox).
  4. Under the Storage section, find Cookies and select your application’s domain (e.g., http://localhost:3000 or https://onlyautomator.com).
  5. Look for a cookie named similar to sb-access-token (the exact name might vary slightly based on Supabase configuration).
  6. Copy the entire value of this cookie. This is your Bearer token.
  7. Use this copied value in the Authorization: Bearer <your_copied_token> header for your curl or other API tool requests.
Note: This token has a limited lifetime and you’ll need to copy a fresh one after it expires. 
# Available URLs:
# - Local development: http://localhost:3000/api/v2/account-connect
# - Production: https://onlyautomator.com/api/v2/account-connect

# Example with curl:
curl -X POST "https://onlyautomator.com/api/v2/account-connect" \
  -H "Authorization: Bearer YOUR_JWT_TOKEN" \
  -H "Content-Type: application/json" \
  -H "sess: SESSION_VALUE" \
  -H "bcTokenSha: BCTOKEN_SHA_VALUE" \
  -H "userAgent: USER_AGENT_VALUE" \
  -d '{
    "localStorage": {...},
    "sessionStorage": {...},
    "cookies": {...},
    "other_data": "value"
  }'

Request Headers

Authorization
string
required
Bearer token for authentication. Format: Bearer YOUR_JWT_TOKEN
Content-Type
string
required
Must be set to application/json
sess
string
required
Session identifier from Chrome storage
bcTokenSha
string
required
Blockchain token SHA value for verification
userAgent
string
required
Browser’s user agent string

Request Body

localStorage
object
required
OnlyFans localStorage data captured from the browser
sessionStorage
object
required
OnlyFans sessionStorage data captured from the browser
cookies
object
required
OnlyFans cookies data captured from the browser
other_data
any
Any additional data needed for account connection

Response

status
string
Status of the request (success or error)
data
object
Object containing account connection information
data.accountId
string
Unique identifier for the connected account
data.status
string
Status of the connection (connected, pending, or error)
data.syncTimestamp
string
ISO timestamp of when the data was last synchronized

200 Success

{
  "status": "success",
  "data": {
    "accountId": "acc_f7a12b39-1234-5678-abcd-0123456789ab",
    "status": "connected",
    "syncTimestamp": "2023-03-15T14:23:45Z"
  }
}

400 Bad Request

{
  "status": "error",
  "error": {
    "code": "validation_error",
    "message": "Required session data is missing"
  }
}

401 Unauthorized

{
  "status": "error",
  "error": {
    "code": "authentication_required",
    "message": "Authentication is required to access this resource"
  }
}

403 Forbidden

{
  "status": "error",
  "error": {
    "code": "permission_denied",
    "message": "Your token does not have permission to access this resource"
  }
}

Error Codes

Error CodeDescription
validation_errorA required parameter is missing or invalid
authentication_requiredNo valid authentication token provided
permission_deniedToken lacks required permissions

Authorizations

Authorization
string
header
required

Bearer authentication header of the form Bearer <token>, where <token> is your auth token.

Headers

Authorization
string
required

Bearer token for authentication

sess
string
required

Session identifier from Chrome storage

bcTokenSha
string
required

Blockchain token SHA value for verification

userAgent
string
required

Browser's user agent string

Body

application/json
localStorage
object
required

OnlyFans localStorage data captured from the browser

sessionStorage
object
required

OnlyFans sessionStorage data captured from the browser

cookies
object
required

OnlyFans cookies data captured from the browser

other_data
object

Any additional data needed for account connection

Response

Account connected successfully

status
string
Example:

"success"

data
object