Auth

Setting up authorization

The best way to solve authentication issues is to join the discord, as this will allow you to confirm if may be a wide spread issue

Example

values are randomized, but should be somewhat similar in style to the example

An example of what an auth file should typically look like

{
    "auth": {
        "user_agent": "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36",
        "x-bc": "fncx03r1ygvh26ezq4pe830l49xtj1a146e1x2av",
        "auth_id": "400000",
        "sess": "5pb18tyng144dqyzevbgfddnrz",
        "auth_uid_": "400000"
    }
}

Auto methods

You have various options for fetching authentication info. If possible, I'd suggest going for the cookie helper option—it demands the least effort once it's set up.

Please follow the instructions provided here to install it in your browser

GitHub - M-rcus/OnlyFans-Cookie-Helper: An extension made to make it easier to copy the correct `auth.json` values when using https://github.com/datawhores/OF-ScraperGitHub

With the helper, all you need to do is copy and paste the output from the program.

Browser Extraction

This method is probably the second simplest. However, not all information can be automatically extracted.

You'll still need to manually locate and provide the x-bc header and the User-Agent as demonstrated below.

For more details, check out the manual section below.

You won't need to worry about extracting any cookie information with this choice

Manual methods

You can also manually edit auth information in script

With this option, you'll need to manually input all the required information

{
    "auth": {
        "sess": "",
        "auth_id": "",
        "auth_uniq_": "",
        "user_agent": "",
        "x-bc": ""
    }
}

It's not too terrible. I'll walk you through how to get this info in the next parts.

Step One: Creating the 'auth.json' File

You first need to run the program in order for the auth.json file to be created. To run it, simply type ofscraper in your terminal and hit enter. Because you don't have an auth.json file, the program will create one for you and then ask you to enter some information. Now we need to get that information.

Step Two: Getting Your Auth Info

If you've already used DIGITALCRIMINAL's OnlyFans script, you can simply copy and paste the auth information from there to here.

Go to your notification area on OnlyFans. Once you're there, open your browser's developer tools. If you don't know how to do that, consult the following chart:

Operating System

Keys

macOS

cmd + opt + I

Windows

ctrl+shift+I

Linux

ctrl+shift+I

1. Getting a valid requests

Once you have your browser's developer tools open, your screen should look like the following:

Click on the Network tab at the top of the browser tools:

Then click on XHR sub-tab inside of the Network tab:

Once you're inside of the XHR sub-tab, refresh the page while you have your browser's developer tools open. After the page reloads, you should see a section titled init appear:

When you click on init, you should see a large sidebar appear. Make sure you're in the Headers section:

Skip to step 2 if you have found init successfully otherwise read the next section

If init does not appear use any entry with the domain onlyfans.com

Examples

You may need to right click the header field to enable the domain column

2. Getting data from requests

After that, scroll down until you see a subsection called Request Headers. You should then see three important fields inside of the Request Headers subsection: Cookie, User-Agent, and x-bc

Inside of the Cookie field, you will see a couple of important bits:

sess=
auth_id=
auth_uid_=

Your auth_uid_ will only appear if you have 2FA (two-factor authentication) enabled. Also, keep in mind that your auth_uid_ will have numbers after the final underscore and before the equal sign (that's your auth_id).

You need everything after the equal sign and everything before the semi-colon for all of those bits.

Once you've copied the value for your sess cookie, go back to the program, paste it in, and hit enter. Now go back to your browser, copy the auth_id value, and paste it into the program and hit enter. Then go back to your browser, copy the auth_uid_ value, and paste it into the program and hit enter (leave this blank if you don't use 2FA!!!).

Once you do that, the program will ask for your user agent. You should be able to find your user agent in a field called User-Agent below the Cookie field. Copy it and paste it into the program and hit enter.

After it asks for your user agent, it will ask for your x-bc token. You should also be able to find this in the Request Headers section.

You're all set and you can now use ofscraper.

PreviousAdvanced config options NextControlling Output/Logs

Last updated 1 year ago

hashtag

hashtagExample

hashtagAuto methods

hashtagM-rcus Cookie Helper

hashtagBrowser Extraction

hashtagManual methods

hashtagStep One: Creating the 'auth.json' File

hashtagStep Two: Getting Your Auth Info

hashtag1. Getting a valid requests

hashtagExamples

hashtag2. Getting data from requests