Extension API Overview

The Extension API provides endpoints for integrating the OnlyAutomator Chrome Extension with the web application and backend services. These APIs enable account connection, data synchronization, and fan relationship management directly within the OnlyFans interface.

Base URL

https://onlyautomator.com/api/v2
For local development: 
http://localhost:3000/api/v2

Authentication

All Extension API endpoints require authentication using a JWT token. The token should be included in the Authorization header with the Bearer prefix. 
Authorization: Bearer YOUR_JWT_TOKEN
The JWT token is obtained when a user logs into OnlyAutomator or connects their OnlyFans account.

API Endpoints

MethodEndpointDescription
POST/account-connectConnect an OnlyFans account
GET/get-accountGet account status and information
GET/get-profileGet user profile information
GET/account/allowed-featuresGet features allowed by user’s plan
GET/fan/Get details for a specific fan
GET/emojisGet user’s custom emoji settings
POST/emojiCreate or update user’s emoji setting
GET/scriptsGet all scripts for the user
POST/scriptCreate a new script
POST/update-noteUpdate notes for a subscriber
POST/update-of-noteUpdate notes from OnlyFans
POST/update-preferenceUpdate subscriber preferences
POST/sync-notesSynchronize notes with backend
POST/update-countryUpdate subscriber country information
GET/get-ppv-statisticsGet pay-per-view message statistics
GET/get-preferencesGet subscriber preferences
GET/get-transactionsGet transaction history for a subscriber

Response Format

All API responses follow a standard format: 
{
  "status": "success" | "error",
  "data": {
    // Response data specific to each endpoint
  },
  "message": "Optional message"
}
For error responses: 
{
  "status": "error",
  "error": {
    "code": "error_code",
    "message": "Human-readable error message"
  }
}

Error Codes

CodeDescription
authentication_requiredNo valid authentication token provided
invalid_tokenThe provided token is invalid or expired
permission_deniedToken lacks required permissions
resource_not_foundRequested resource not found
validation_errorRequest validation failed
service_unavailableService temporarily unavailable
rate_limit_exceededToo many requests in a given time period

CORS

The API endpoints support Cross-Origin Resource Sharing (CORS) from the following origins:
  • chrome-extension://[extension-id]
  • https://onlyfans.com
  • https://onlyautomator.com
  • http://localhost:3000 (development only)