funkwhale/api
Renovate Bot a947a16b0f chore(api): update dependency watchdog to v4
Part-of: <https://dev.funkwhale.audio/funkwhale/funkwhale/-/merge_requests/2768>
2024-02-26 14:03:48 +00:00
..
config refactor(api): Make sure CSRF_TRUSTED_ORIGIN always has a protocol prefix 2024-02-26 07:44:18 +00:00
docker fix(api): docker entrypoint use exec 2023-01-25 12:07:00 +00:00
funkwhale_api fix(api): Replace deprecated is_ajax with manual check 2024-02-26 07:44:18 +00:00
tests test(api): Fix order of s3 backend initializartion 2024-02-26 07:44:18 +00:00
.dockerignore fix: Make sure entrypoint script gets copied 2023-01-18 15:15:43 +01:00
Dockerfile chore(api): Update dependency pillow to 10.2.0 2024-01-31 14:15:22 +01:00
Makefile chore: Use make install everywhere instead of poetry install 2023-12-13 13:35:00 +00:00
Readme.md Merge branch stable into develop 2023-09-01 14:24:58 +02:00
install_os_dependencies.sh chore: fix shell scripts lint errors 2022-11-25 19:43:50 +00:00
manage.py fix(api): raise SystemExit in manage.py script 2023-06-12 13:04:58 +00:00
poetry.lock chore(api): update dependency watchdog to v4 2024-02-26 14:03:48 +00:00
pyproject.toml chore(api): update dependency watchdog to v4 2024-02-26 14:03:48 +00:00

Readme.md

Funkwhale API

This is the Funkwhale API. Check out our API explorer for interactive documentation.

OAuth Authentication

Funkwhale uses the OAuth authorization grant flow for external apps. This flow is a secure way to authenticate apps that requires a user's explicit consent to perform actions. You can use our demo server at https://demo.funkwhale.audio for testing purposes.

To authenticate with the Funkwhale API:

  1. Create an application by sending a POST request to api/v1/oauth/apps. Include your scopes and redirect URI (use urn:ietf:wg:oauth:2.0:oob to get an authorization code you can copy)
  2. Send an authorization request to the /authorize endpoint to receive an authorization code
  3. Request an access token from /api/v1/oauth/token
  4. Use your access token to authenticate your calls with the following format: Authorization: Bearer <token>
  5. Refresh your access token by sending a refresh request to /api/v1/oauth/token

For more detailed instructions, see our API authentication documentation.

Application token authentication

If you have an account on your target pod, you can create an application at /settings/applications/new. Once you authorize the application you can retrieve an access token. Use your access token to authenticate your calls with the following format: Authorization: Bearer <token>

Rate limiting

Funkwhale supports rate-limiting as of version 0.2.0. Pod admins can choose to rate limit specific endpoints to prevent abuse and improve the stability of the service. If the server drops a request due to rate-limiting, it returns a 429 status code.

Each API call returns HTTP headers to pass the following information:

  • What was the scope of the request (X-RateLimit-Scope)
  • What is the rate-limit associated with the request scope (X-RateLimit-Limit)
  • How many more requests in the scope can be made within the rate-limit timeframe (X-RateLimit-Remaining)
  • How much time does the client need to wait to send another request (Retry-After)

For more information, check our rate limit documentation

Resources

For more information about API usage, refer to our API documentation.