MirrorMirror
/
funkwhale
mirror of https://dev.funkwhale.audio/funkwhale/funkwhale.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
funkwhale/api
History
Georg Krause dcf970d0c6 fix(api): Fix password reset via email 
The original serializes assumes if allauth is installed, its also used
for the token generation. Thats not the case for us, so we need to
overwrite this behavior
 		2023-08-31 19:47:52 +02:00
..
config fix(api): Fix password reset via email 2023-08-31 19:47:52 +02:00
docker fix(api): docker entrypoint use exec 2023-01-25 12:07:00 +00:00
funkwhale_api fix(api): Fix password reset via email 2023-08-31 19:47:52 +02:00
tests test: Make sure blocking of some management commands actually works 2023-06-12 09:36:52 +00:00
.dockerignore fix: Make sure entrypoint script gets copied 2023-01-18 15:15:43 +01:00
Dockerfile lint 2023-07-20 15:06:52 +02:00
Makefile test(api): lint code using pylint 2023-01-29 12:47:02 +00:00
Readme.md ci: scan for broken links 2022-11-22 20:52:06 +00:00
install_os_dependencies.sh chore: fix shell scripts lint errors 2022-11-25 19:43:50 +00:00
manage.py fix(api): raise SystemExit in manage.py script 2023-06-12 13:04:58 +00:00
poetry.lock feat(dev): Add and enable django-extensions for debugging 2023-07-27 11:26:49 +00:00
pyproject.toml feat(dev): Add and enable django-extensions for debugging 2023-07-27 11:26:49 +00:00

Readme.md

Funkwhale API

This is the Funkwhale API. Check out our API explorer for interactive documentation.

OAuth Authentication

Funkwhale uses the OAuth authorization grant flow for external apps. This flow is a secure way to authenticate apps that requires a user's explicit consent to perform actions. You can use our demo server at https://demo.funkwhale.audio for testing purposes.

To authenticate with the Funkwhale API:

  1. Create an application by sending a POST request to api/v1/oauth/apps. Include your scopes and redirect URI (use urn:ietf:wg:oauth:2.0:oob to get an authorization code you can copy)
  2. Send an authorization request to the /authorize endpoint to receive an authorization code
  3. Request an access token from /api/v1/oauth/token
  4. Use your access token to authenticate your calls with the following format: Authorization: Bearer <token>
  5. Refresh your access token by sending a refresh request to /api/v1/oauth/token

For more detailed instructions, see our API authentication documentation.

Application token authentication

If you have an account on your target pod, you can create an application at /settings/applications/new. Once you authorize the application you can retrieve an access token. Use your access token to authenticate your calls with the following format: Authorization: Bearer <token>

Rate limiting

Funkwhale supports rate-limiting as of version 0.2.0. Pod admins can choose to rate limit specific endpoints to prevent abuse and improve the stability of the service. If the server drops a request due to rate-limiting, it returns a 429 status code.

Each API call returns HTTP headers to pass the following information:

  • What was the scope of the request (X-RateLimit-Scope)
  • What is the rate-limit associated with the request scope (X-RateLimit-Limit)
  • How many more requests in the scope can be made within the rate-limit timeframe (X-RateLimit-Remaining)
  • How much time does the client need to wait to send another request (Retry-After)

For more information, check our rate limit documentation

Resources

For more information about API usage, refer to our API documentation.