funquail/api/Readme.md

# FunQuail API

This is the FunQuail API. Check out our [API explorer](https://funquail.laidback.moe/docs/swagger/) for interactive documentation.

## OAuth Authentication

FunQuail uses the OAuth [authorization grant flow](https://tools.ietf.org/html/rfc6749#section-4.1) for external apps. This flow is a secure way to authenticate apps that requires a user's explicit consent to perform actions. You can use our demo server at <https://demo.funkwhale.audio> for testing purposes.

To authenticate with the FunQuail API:

1. Create an application by sending a `POST` request to `api/v1/oauth/apps`. Include your scopes and redirect URI (use `urn:ietf:wg:oauth:2.0:oob`
   to get an authorization code you can copy)
2. Send an [authorization request](https://www.rfc-editor.org/rfc/rfc6749#section-4.1.2) to the `/authorize` endpoint to receive an authorization code
3. [Request an access token](https://www.rfc-editor.org/rfc/rfc6749#section-4.1.3) from `/api/v1/oauth/token`
4. Use your access token to authenticate your calls with the following format: `Authorization: Bearer <token>`
5. Refresh your access token by sending a refresh request to `/api/v1/oauth/token`

For more detailed instructions, see [our API authentication documentation](https://funquail.laidback.moe/docs/developers/authentication.html).

## Application token authentication

If you have an account on your target pod, you can create an application at `/settings/applications/new`. Once you authorize the application you can retrieve an access token. Use your access token to authenticate your calls with the following format: `Authorization: Bearer <token>`

## Rate limiting

FunQuail supports rate-limiting as of version 0.2.0. Pod admins can choose to rate limit specific endpoints to prevent abuse and improve the stability of the service. If the server drops a request due to rate-limiting, it returns a `429` status code.

Each API call returns HTTP headers to pass the following information:

- What was the scope of the request (`X-RateLimit-Scope`)
- What is the rate-limit associated with the request scope (`X-RateLimit-Limit`)
- How many more requests in the scope can be made within the rate-limit timeframe (`X-RateLimit-Remaining`)
- How much time does the client need to wait to send another request (`Retry-After`)

For more information, check our [rate limit documentation](https://funquail.laidback.moe/docs/developer/api/rate-limit.html)

## Resources

For more information about API usage, refer to [our API documentation](https://funquail.laidback.moe/docs/api.html).
音楽で楽しみましょう！-Let's have fun with music!- Signed-off-by: Shin'ya Minazuki <shinyoukai@laidback.moe> 2026-01-24 16:16:49 -03:00			`# FunQuail API`
Update API readme 2022-10-27 11:59:27 +02:00
音楽で楽しみましょう！-Let's have fun with music!- Signed-off-by: Shin'ya Minazuki <shinyoukai@laidback.moe> 2026-01-24 16:16:49 -03:00			`This is the FunQuail API. Check out our [API explorer](https://funquail.laidback.moe/docs/swagger/) for interactive documentation.`
Update API readme 2022-10-27 11:59:27 +02:00
			`## OAuth Authentication`

音楽で楽しみましょう！-Let's have fun with music!- Signed-off-by: Shin'ya Minazuki <shinyoukai@laidback.moe> 2026-01-24 16:16:49 -03:00			`FunQuail uses the OAuth [authorization grant flow](https://tools.ietf.org/html/rfc6749#section-4.1) for external apps. This flow is a secure way to authenticate apps that requires a user's explicit consent to perform actions. You can use our demo server at <https://demo.funkwhale.audio> for testing purposes.`
Update API readme 2022-10-27 11:59:27 +02:00
音楽で楽しみましょう！-Let's have fun with music!- Signed-off-by: Shin'ya Minazuki <shinyoukai@laidback.moe> 2026-01-24 16:16:49 -03:00			`To authenticate with the FunQuail API:`
Update API readme 2022-10-27 11:59:27 +02:00
			1. Create an application by sending a `POST` request to `api/v1/oauth/apps`. Include your scopes and redirect URI (use `urn:ietf:wg:oauth:2.0:oob`
ci: scan for broken links 2022-11-22 20:52:06 +00:00			`to get an authorization code you can copy)`
			2. Send an [authorization request](https://www.rfc-editor.org/rfc/rfc6749#section-4.1.2) to the `/authorize` endpoint to receive an authorization code
Update API readme 2022-10-27 11:59:27 +02:00			3. [Request an access token](https://www.rfc-editor.org/rfc/rfc6749#section-4.1.3) from `/api/v1/oauth/token`
			4. Use your access token to authenticate your calls with the following format: `Authorization: Bearer <token>`
			5. Refresh your access token by sending a refresh request to `/api/v1/oauth/token`

音楽で楽しみましょう！-Let's have fun with music!- Signed-off-by: Shin'ya Minazuki <shinyoukai@laidback.moe> 2026-01-24 16:16:49 -03:00			`For more detailed instructions, see [our API authentication documentation](https://funquail.laidback.moe/docs/developers/authentication.html).`
Update API readme 2022-10-27 11:59:27 +02:00
			`## Application token authentication`

			If you have an account on your target pod, you can create an application at `/settings/applications/new`. Once you authorize the application you can retrieve an access token. Use your access token to authenticate your calls with the following format: `Authorization: Bearer <token>`

			`## Rate limiting`

音楽で楽しみましょう！-Let's have fun with music!- Signed-off-by: Shin'ya Minazuki <shinyoukai@laidback.moe> 2026-01-24 16:16:49 -03:00			FunQuail supports rate-limiting as of version 0.2.0. Pod admins can choose to rate limit specific endpoints to prevent abuse and improve the stability of the service. If the server drops a request due to rate-limiting, it returns a `429` status code.
Update API readme 2022-10-27 11:59:27 +02:00
			`Each API call returns HTTP headers to pass the following information:`

			- What was the scope of the request (`X-RateLimit-Scope`)
			- What is the rate-limit associated with the request scope (`X-RateLimit-Limit`)
			- How many more requests in the scope can be made within the rate-limit timeframe (`X-RateLimit-Remaining`)
			- How much time does the client need to wait to send another request (`Retry-After`)

音楽で楽しみましょう！-Let's have fun with music!- Signed-off-by: Shin'ya Minazuki <shinyoukai@laidback.moe> 2026-01-24 16:16:49 -03:00			`For more information, check our [rate limit documentation](https://funquail.laidback.moe/docs/developer/api/rate-limit.html)`
Update API readme 2022-10-27 11:59:27 +02:00
			`## Resources`

音楽で楽しみましょう！-Let's have fun with music!- Signed-off-by: Shin'ya Minazuki <shinyoukai@laidback.moe> 2026-01-24 16:16:49 -03:00			`For more information about API usage, refer to [our API documentation](https://funquail.laidback.moe/docs/api.html).`