19 KiB
19 KiB
AuthenticationApi
All URIs are relative to https://api.vrchat.cloud/api/1
| Method | HTTP request | Description |
|---|---|---|
| cancelPending2FA | DELETE /auth/twofactorauth/totp/pending | Cancel pending enabling of time-based 2FA codes |
| checkUserExists | GET /auth/exists | Check User Exists |
| confirmEmail | GET /auth/confirmEmail | Confirm Email |
| createGlobalAvatarModeration | POST /auth/user/avatarmoderations | Create Global Avatar Moderation |
| deleteGlobalAvatarModeration | DELETE /auth/user/avatarmoderations | Delete Global Avatar Moderation |
| deleteModerationReport | DELETE /moderationReports/{moderationReportId} | Delete Moderation Report |
| deleteUser | PUT /users/{userId}/delete | Delete User |
| disable2FA | DELETE /auth/twofactorauth | Disable 2FA |
| enable2FA | POST /auth/twofactorauth/totp/pending | Enable time-based 2FA codes |
| getCurrentUser | GET /auth/user | Login and/or Get Current User Info |
| getGlobalAvatarModerations | GET /auth/user/avatarmoderations | Get Global Avatar Moderations |
| getModerationReports | GET /moderationReports | Get Moderation Reports |
| getRecoveryCodes | GET /auth/user/twofactorauth/otp | Get 2FA Recovery codes |
| logout | PUT /logout | Logout |
| registerUserAccount | POST /auth/register | Register User Account |
| resendEmailConfirmation | POST /auth/user/resendEmail | Resend Email Confirmation |
| submitModerationReport | POST /moderationReports | Submit Moderation Report |
| verify2FA | POST /auth/twofactorauth/totp/verify | Verify 2FA code |
| verify2FAEmailCode | POST /auth/twofactorauth/emailotp/verify | Verify 2FA email code |
| verifyAuthToken | GET /auth | Verify Auth Token |
| verifyLoginPlace | GET /auth/verifyLoginPlace | Verify Login Place |
| verifyPending2FA | POST /auth/twofactorauth/totp/pending/verify | Verify Pending 2FA code |
| verifyRecoveryCode | POST /auth/twofactorauth/otp/verify | Verify 2FA code with Recovery code |
cancelPending2FA
Disable2FAResult cancelPending2FA()
Cancel pending enabling of time-based 2FA codes
Cancels the sequence for enabling time-based 2FA.
Parameters
This endpoint does not need any parameter.
Return type
Authorization
HTTP request headers
- Content-Type: Not defined
- Accept: application/json
checkUserExists
UserExists checkUserExists(email, displayName, username, excludeUserId)
Check User Exists
Checks if a user by a given `username`, `displayName` or `email` exist. This is used during registration to check if a username has already been taken, during change of displayName to check if a displayName is available, and during change of email to check if the email is already used. In the later two cases the `excludeUserId` is used to exclude oneself, otherwise the result would always be true. It is **REQUIRED** to include **AT LEAST** `username`, `displayName` **or** `email` query parameter. Although they can be combined - in addition with `excludeUserId` (generally to exclude yourself) - to further fine-tune the search.
Parameters
| Name | Type | Description | Notes |
|---|---|---|---|
| String | Filter by email. | [optional] [default to null] | |
| displayName | String | Filter by displayName. | [optional] [default to null] |
| username | String | Filter by Username. | [optional] [default to null] |
| excludeUserId | String | Exclude by UserID. | [optional] [default to null] |
Return type
Authorization
No authorization required
HTTP request headers
- Content-Type: Not defined
- Accept: application/json
confirmEmail
confirmEmail(id, verify_email)
Confirm Email
Confirms the email address for a user
Parameters
| Name | Type | Description | Notes |
|---|---|---|---|
| id | String | Target user for which to verify email. | [default to null] |
| verify_email | String | Token to verify email. | [default to null] |
Return type
null (empty response body)
Authorization
No authorization required
HTTP request headers
- Content-Type: Not defined
- Accept: Not defined
createGlobalAvatarModeration
AvatarModerationCreated createGlobalAvatarModeration(CreateAvatarModerationRequest)
Create Global Avatar Moderation
Globally moderates an avatar.
Parameters
| Name | Type | Description | Notes |
|---|---|---|---|
| CreateAvatarModerationRequest | CreateAvatarModerationRequest |
Return type
Authorization
HTTP request headers
- Content-Type: application/json
- Accept: application/json
deleteGlobalAvatarModeration
OkStatus2 deleteGlobalAvatarModeration(targetAvatarId, avatarModerationType)
Delete Global Avatar Moderation
Globally unmoderates an avatar.
Parameters
| Name | Type | Description | Notes |
|---|---|---|---|
| targetAvatarId | String | Must be a valid avatar ID. | [default to null] |
| avatarModerationType | String | The avatar moderation type associated with the avatar. | [default to null] [enum: block] |
Return type
Authorization
HTTP request headers
- Content-Type: Not defined
- Accept: application/json
deleteModerationReport
SuccessFlag deleteModerationReport(moderationReportId)
Delete Moderation Report
Delete a moderation report
Parameters
| Name | Type | Description | Notes |
|---|---|---|---|
| moderationReportId | String | The moderation report id. | [default to null] |
Return type
Authorization
HTTP request headers
- Content-Type: Not defined
- Accept: application/json
deleteUser
CurrentUser deleteUser(userId)
Delete User
Deletes the account with given ID. Normal users only have permission to delete their own account. Account deletion is 14 days from this request, and will be cancelled if you do an authenticated request with the account afterwards. **VRC+ NOTE:** Despite the 14-days cooldown, any VRC+ subscription will be cancelled **immediately**. **METHOD NOTE:** Despite this being a Delete action, the method type required is PUT.
Parameters
| Name | Type | Description | Notes |
|---|---|---|---|
| userId | String | Must be a valid user ID. | [default to null] |
Return type
Authorization
HTTP request headers
- Content-Type: Not defined
- Accept: application/json
disable2FA
Disable2FAResult disable2FA()
Disable 2FA
Disables 2FA for the currently logged in account
Parameters
This endpoint does not need any parameter.
Return type
Authorization
HTTP request headers
- Content-Type: Not defined
- Accept: application/json
enable2FA
Pending2FAResult enable2FA()
Enable time-based 2FA codes
Begins the sequence for enabling time-based 2FA.
Parameters
This endpoint does not need any parameter.
Return type
Authorization
HTTP request headers
- Content-Type: Not defined
- Accept: application/json
getCurrentUser
oas_any_type_not_mapped getCurrentUser()
Login and/or Get Current User Info
This endpoint does the following two operations: 1) Checks if you are already logged in by looking for a valid `auth` cookie. If you are have a valid auth cookie then no additional auth-related actions are taken. If you are **not** logged in then it will log you in with the `Authorization` header and set the `auth` cookie. The `auth` cookie will only be sent once. 2) If logged in, this function will also return the CurrentUser object containing detailed information about the currently logged in user. The auth string after `Authorization: Basic {string}` is a base64-encoded string of the username and password, both individually url-encoded, and then joined with a colon. > base64(urlencode(username):urlencode(password)) **WARNING: Session Limit:** Each authentication with login credentials counts as a separate session, out of which you have a limited amount. Make sure to save and reuse the `auth` cookie if you are often restarting the program. The provided API libraries automatically save cookies during runtime, but does not persist during restart. While it can be fine to use username/password during development, expect in production to very fast run into the rate-limit and be temporarily blocked from making new sessions until older ones expire. The exact number of simultaneous sessions is unknown/undisclosed.
Parameters
This endpoint does not need any parameter.
Return type
Authorization
authHeader, twoFactorAuthCookie, authCookie
HTTP request headers
- Content-Type: Not defined
- Accept: application/json
getGlobalAvatarModerations
List getGlobalAvatarModerations()
Get Global Avatar Moderations
Returns list of globally moderated avatars.
Parameters
This endpoint does not need any parameter.
Return type
Authorization
HTTP request headers
- Content-Type: Not defined
- Accept: application/json
getModerationReports
PaginatedModerationReportList getModerationReports(offset, n, reportingUserId, status, type)
Get Moderation Reports
Get submitted moderation reports
Parameters
| Name | Type | Description | Notes |
|---|---|---|---|
| offset | Integer | A zero-based offset from the default object sorting from where search results start. | [optional] [default to null] |
| n | Integer | The number of objects to return. | [optional] [default to 60] |
| reportingUserId | String | Filter for moderation reports. | [optional] [default to null] |
| status | String | Filter for moderation reports. One of: `closed`... | [optional] [default to null] |
| type | String | Filter for moderation reports. One of: `avatar`, `group`, `user`, `world`... | [optional] [default to null] |
Return type
Authorization
HTTP request headers
- Content-Type: Not defined
- Accept: application/json
getRecoveryCodes
TwoFactorRecoveryCodes getRecoveryCodes()
Get 2FA Recovery codes
Gets the OTP (One Time Password) recovery codes for accounts with 2FA-protection enabled.
Parameters
This endpoint does not need any parameter.
Return type
Authorization
HTTP request headers
- Content-Type: Not defined
- Accept: application/json
logout
Success logout()
Logout
Invalidates the login session.
Parameters
This endpoint does not need any parameter.
Return type
Authorization
HTTP request headers
- Content-Type: Not defined
- Accept: application/json
registerUserAccount
oas_any_type_not_mapped registerUserAccount(RegisterUserAccountRequest)
Register User Account
~~Register a new user account.~~ **DEPRECATED:** Automated creation of accounts has no legitimate public third-party use case, and would be in violation of ToS ยง13.2: *By using the Platform, you agree not to: i. [...] use the Platform in a manner inconsistent with individual human usage* This endpoint is documented in the interest of completeness
Parameters
| Name | Type | Description | Notes |
|---|---|---|---|
| RegisterUserAccountRequest | RegisterUserAccountRequest |
Return type
Authorization
No authorization required
HTTP request headers
- Content-Type: application/json
- Accept: application/json
resendEmailConfirmation
Success resendEmailConfirmation()
Resend Email Confirmation
Requests a resend of pending email address confirmation email
Parameters
This endpoint does not need any parameter.
Return type
Authorization
HTTP request headers
- Content-Type: Not defined
- Accept: application/json
submitModerationReport
ModerationReport submitModerationReport(SubmitModerationReportRequest)
Submit Moderation Report
Submit a moderation report
Parameters
| Name | Type | Description | Notes |
|---|---|---|---|
| SubmitModerationReportRequest | SubmitModerationReportRequest |
Return type
Authorization
HTTP request headers
- Content-Type: application/json
- Accept: application/json
verify2FA
Verify2FAResult verify2FA(TwoFactorAuthCode)
Verify 2FA code
Finishes the login sequence with a normal 2FA-generated code for accounts with 2FA-protection enabled.
Parameters
| Name | Type | Description | Notes |
|---|---|---|---|
| TwoFactorAuthCode | TwoFactorAuthCode |
Return type
Authorization
HTTP request headers
- Content-Type: application/json
- Accept: application/json
verify2FAEmailCode
Verify2FAEmailCodeResult verify2FAEmailCode(TwoFactorEmailCode)
Verify 2FA email code
Finishes the login sequence with an 2FA email code.
Parameters
| Name | Type | Description | Notes |
|---|---|---|---|
| TwoFactorEmailCode | TwoFactorEmailCode |
Return type
Authorization
HTTP request headers
- Content-Type: application/json
- Accept: application/json
verifyAuthToken
VerifyAuthTokenResult verifyAuthToken()
Verify Auth Token
Verify whether the currently provided Auth Token is valid.
Parameters
This endpoint does not need any parameter.
Return type
Authorization
HTTP request headers
- Content-Type: Not defined
- Accept: application/json
verifyLoginPlace
verifyLoginPlace(token, userId)
Verify Login Place
Verifies a login attempt for a user
Parameters
| Name | Type | Description | Notes |
|---|---|---|---|
| token | String | Token to verify login attempt. | [default to null] |
| userId | String | Filter by UserID. | [optional] [default to null] |
Return type
null (empty response body)
Authorization
No authorization required
HTTP request headers
- Content-Type: Not defined
- Accept: Not defined
verifyPending2FA
Verify2FAResult verifyPending2FA(TwoFactorAuthCode)
Verify Pending 2FA code
Finishes sequence for enabling time-based 2FA.
Parameters
| Name | Type | Description | Notes |
|---|---|---|---|
| TwoFactorAuthCode | TwoFactorAuthCode |
Return type
Authorization
HTTP request headers
- Content-Type: application/json
- Accept: application/json
verifyRecoveryCode
Verify2FAResult verifyRecoveryCode(TwoFactorAuthCode)
Verify 2FA code with Recovery code
Finishes the login sequence with an OTP (One Time Password) recovery code for accounts with 2FA-protection enabled.
Parameters
| Name | Type | Description | Notes |
|---|---|---|---|
| TwoFactorAuthCode | TwoFactorAuthCode |
Return type
Authorization
HTTP request headers
- Content-Type: application/json
- Accept: application/json