# Auth
***
##
{% hint style="info" %} **The best way to solve authentication issues is to join the discord, as this will allow you to confirm if may be a wide spread issue**
{% endhint %}
## Example
{% hint style="info" %}
**values are randomized, but should be somewhat similar in style to the example**
{% endhint %}
An example of what an auth file should typically look like
```
{
"auth": {
"user_agent": "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36",
"x-bc": "fncx03r1ygvh26ezq4pe830l49xtj1a146e1x2av",
"auth_id": "400000",
"sess": "5pb18tyng144dqyzevbgfddnrz",
"auth_uid_": "400000"
}
}
```
***
## Auto methods
You have various options for fetching authentication info. If possible, I'd suggest going for the cookie helper option—it demands the least effort once it's set up.
### M-rcus Cookie Helper
Please follow the instructions provided here to install it in your browser
{% embed url="" %}
With the helper, all you need to do is copy and paste the output from the program.
### Browser Extraction
This method is probably the second simplest. However, not all information can be automatically extracted.
You'll still need to manually locate and provide the x-bc header and the User-Agent as demonstrated below.
For more details, check out the manual section below.
You won't need to worry about extracting any cookie information with this choice
***
## Manual methods
{% hint style="info" %}
**You can also manually edit auth information in script**
{% endhint %}
With this option, you'll need to manually input all the required information
```json
{
"auth": {
"sess": "",
"auth_id": "",
"auth_uniq_": "",
"user_agent": "",
"x-bc": ""
}
}
```
It's not too terrible. I'll walk you through how to get this info in the next parts.
#### Step One: Creating the 'auth.json' File
You first need to run the program in order for the `auth.json` file to be created. To run it, simply type `ofscraper` in your terminal and hit enter. Because you don't have an `auth.json` file, the program will create one for you and then ask you to enter some information. Now we need to get that information.
#### Step Two: Getting Your Auth Info
***If you've already used DIGITALCRIMINAL's OnlyFans script, you can simply copy and paste the auth information from there to here.***
Go to your [notification area](https://onlyfans.com/my/notifications) on OnlyFans. Once you're there, open your browser's developer tools. If you don't know how to do that, consult the following chart:
| Operating System | Keys |
| :--------------: | :-----------: |
| macOS | cmd + opt + I |
| Windows | ctrl+shift+I |
| Linux | ctrl+shift+I |
### **1. Getting a valid requests**
Once you have your browser's developer tools open, your screen should look like the following:
Click on the `Network` tab at the top of the browser tools:
Then click on `XHR` sub-tab inside of the `Network` tab:
Once you're inside of the `XHR` sub-tab, refresh the page while you have your browser's developer tools open. After the page reloads, you should see a section titled `init` appear:
When you click on `init`, you should see a large sidebar appear. Make sure you're in the `Headers` section:
Skip to step 2 if you have found init successfully\
otherwise read the next section
***
{% hint style="info" %}
**If init does not appear use any entry with the domain onlyfans.com**
{% endhint %}
#### **Examples**
onlyfans.com
You may need to right click the header field to enable the domain column
***
### 2. Getting data from requests
After that, scroll down until you see a subsection called `Request Headers`. You should then see three important fields inside of the `Request Headers` subsection: `Cookie`, `User-Agent`, and `x-bc`
Inside of the `Cookie` field, you will see a couple of important bits:
* `sess=`
* `auth_id=`
* `auth_uid_=`
*Your* `auth_uid_` *will only appear **if you have 2FA (two-factor authentication) enabled**. Also, keep in mind that your* `auth_uid_` *will have numbers after the final underscore and before the equal sign (that's your auth\_id).*
You need everything ***after*** the equal sign and everything ***before*** the semi-colon for all of those bits.
Once you've copied the value for your `sess` cookie, go back to the program, paste it in, and hit enter. Now go back to your browser, copy the `auth_id` value, and paste it into the program and hit enter. Then go back to your browser, copy the `auth_uid_` value, and paste it into the program and hit enter (**leave this blank if you don't use 2FA!!!**).
Once you do that, the program will ask for your user agent. You should be able to find your user agent in a field called `User-Agent` below the `Cookie` field. Copy it and paste it into the program and hit enter.
After it asks for your user agent, it will ask for your `x-bc` token. You should also be able to find this in the `Request Headers` section.
You're all set and you can now use `ofscraper`.
---
# Agent Instructions: Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.
Perform an HTTP GET request on the current page URL with the `ask` query parameter:
```
GET https://of-scraper.gitbook.io/of-scraper/getting-started/auth.md?ask=
```
The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.
Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.