Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.onlyfanskit.dev/llms.txt

Use this file to discover all available pages before exploring further.

The REST API authenticates with a bearer API key. 
curl https://api.onlyfanskit.dev/v1/me \
  -H "Authorization: Bearer $OFK_KEY"
Create and manage keys in the dashboard, or mint additional keys programmatically: 
curl -X POST https://api.onlyfanskit.dev/v1/me/keys \
  -H "Authorization: Bearer $OFK_KEY" \
  -H "Content-Type: application/json" \
  -d '{ "label": "ci", "scopes": ["accounts:read", "sdk:call"] }'
The plaintext key is shown once, on creation. Store it securely. A key can never be issued with more scopes than the caller that mints it.

Identity

GET /v1/me returns who you are — your org, plan, scopes, and resolved limits. Use it to confirm a key works and to discover what it can do.

Scopes

Every key carries a set of scopes. The everyday set (accounts:read, accounts:write, sdk:call, webhooks:read, webhooks:write, me:read, me:write, usage:read) is granted by default; mint narrower keys for least-privilege automations. Full list in Scopes.

SDK credentials

The SDK does not use an onlyfanskit API key. It authenticates directly to OnlyFans with a session you supply — cookie, xBc, userId, and a matching userAgent. See Constructing the client.

Connecting vs. calling

Two distinct steps:
  1. Connect an OnlyFans account once — this captures and securely stores the creator session. See Connect an account.
  2. Call methods or stream events against the connected account using your API key.