Auth
Setting up authorization
The best way to solve authentication issues is to join the discord, as this will allow you to confirm if may be a wide spread issue
Example
values are randomized, but should be somewhat similar in style to the example
An example of what an auth file should typically look like
Auto methods
You have various options for fetching authentication info. If possible, I'd suggest going for the cookie helper option—it demands the least effort once it's set up.
M-rcus Cookie Helper
Please follow the instructions provided here to install it in your browser
With the helper, all you need to do is copy and paste the output from the program.
Browser Extraction
This method is probably the second simplest. However, not all information can be automatically extracted.
You'll still need to manually locate and provide the x-bc header and the User-Agent as demonstrated below.
For more details, check out the manual section below.
You won't need to worry about extracting any cookie information with this choice
Manual methods
You can also manually edit auth information in script
With this option, you'll need to manually input all the required information
It's not too terrible. I'll walk you through how to get this info in the next parts.
Step One: Creating the 'auth.json' File
You first need to run the program in order for the auth.json file to be created. To run it, simply type ofscraper in your terminal and hit enter. Because you don't have an auth.json file, the program will create one for you and then ask you to enter some information. Now we need to get that information.
Step Two: Getting Your Auth Info
If you've already used DIGITALCRIMINAL's OnlyFans script, you can simply copy and paste the auth information from there to here.
Go to your notification area on OnlyFans. Once you're there, open your browser's developer tools. If you don't know how to do that, consult the following chart:
1. Getting a valid requests
Once you have your browser's developer tools open, your screen should look like the following:
Click on the Network tab at the top of the browser tools:
Then click on XHR sub-tab inside of the Network tab:
Once you're inside of the XHR sub-tab, refresh the page while you have your browser's developer tools open. After the page reloads, you should see a section titled init appear:
When you click on init, you should see a large sidebar appear. Make sure you're in the Headers section:
Skip to step 2 if you have found init successfully otherwise read the next section
If init does not appear use any entry with the domain onlyfans.com
Examples
You may need to right click the header field to enable the domain column
2. Getting data from requests
After that, scroll down until you see a subsection called Request Headers. You should then see three important fields inside of the Request Headers subsection: Cookie, User-Agent, and x-bc
Inside of the Cookie field, you will see a couple of important bits:
sess=auth_id=auth_uid_=
Your auth_uid_ will only appear if you have 2FA (two-factor authentication) enabled. Also, keep in mind that your auth_uid_ will have numbers after the final underscore and before the equal sign (that's your auth_id).
You need everything after the equal sign and everything before the semi-colon for all of those bits.
Once you've copied the value for your sess cookie, go back to the program, paste it in, and hit enter. Now go back to your browser, copy the auth_id value, and paste it into the program and hit enter. Then go back to your browser, copy the auth_uid_ value, and paste it into the program and hit enter (leave this blank if you don't use 2FA!!!).
Once you do that, the program will ask for your user agent. You should be able to find your user agent in a field called User-Agent below the Cookie field. Copy it and paste it into the program and hit enter.
After it asks for your user agent, it will ask for your x-bc token. You should also be able to find this in the Request Headers section.
You're all set and you can now use ofscraper.
Last updated
