VRoid Hub API reference

English

日本語

English

日本語

Appearance

OAuth API

For information on OAuth client settings, please refer to the section below, "Set provider that can be used in NextAuth"

Set provider that can be used in NextAuth

For v3

jsx
{
  id: "vroid",
  name: "VRoid Hub",
  type: "oauth",
  version: "2.0",
  scope: "default",
  params: { grant_type: "authorization_code" },
  accessTokenUrl: "https://hub.vroid.com/oauth/token",
  requestTokenUrl: "https://hub.vroid.com/oauth/token",
  authorizationUrl: "https://hub.vroid.com/oauth/authorize?response_type=code",
  profileUrl: "https://hub.vroid.com/api/account",
  async profile(profile, tokens) {
    return {
      id: profile.data.user_detail.user.id,
      name: profile.data.user_detail.user.name,
      image: profile.data.user_detail.user.icon.sq170.url
    }
  },
  protection: ["state", "pkce"],
  headers:{
    "X-Api-Version":11 //VRoid Hub proprietary parameter
  },
  clientId: "",
  clientSecret: ""
}

Request to initiate authorization

GET: /oauth/authorize

X-Api-Version

Required: YES

  • This is the VRoid Hub API version. The current version is version 11.

Request parameters

response_type

Required: Yes
Type: string

  • For this parameter, you must input code

client_id

Required: Yes
Type: string

redirect_uri

Required: Yes
Type: string

scope

Required: Yes
Type: string

state

Required: YES
Type: string

  • A string used to prevent CSRF (Cross-Site Request Forgery) attacks.
  • Generate a random string dynamically when sending the authentication request.
  • Verify that the state value received at the callback URL matches the value sent here.

code_challenge

Required: YES
Type: string

  • The PKCE (Proof Key for Code Exchange) challenge code.
  • Enter the value obtained by hashing code_verifier with SHA256 and Base64 URL, encoding the result.

code_challenge_method

Required: YES
Type: string

  • The method used to generate code_challenge.
  • Only S256 (SHA256) is supported.

Response

302

  • After the user authenticates on VRoid Hub, they will be redirected to the URL specified in redirect_uri, along with the code and state parameters.

400

  • Return error based on OAuth 2.0

Request access token

POST: /oauth/token

Header

X-Api-Version

Required: YES

  • This is the VRoid Hub API version. The current version is version 11.

Request parameters

client_id

Required: Yes
Type: string

client_secret

Required: Yes
Type: string

redirect_uri

Required: Yes
Type: string

grant_type

Required: Yes
Type: string

  • Please input the authorization_code. When using refresh tokens, please input refresh_token.

code

Required: Yes
Type: string

  • When "request to initiate authorization" is made, please input the code received from the redirect_uri.

code_verifier

Required: YES
Type: string

  • The PKCE (Proof Key for Code Exchange) verification code.
  • Enter the random string that was generated and stored on the client side when initiating authorization (the original value used to generate code_challenge).
  • The value must conform to RFC7636.
    • Allowed characters: [A-Z] / [a-z] / [0-9] / - / . / _ / ~
    • Length must be between 43 and 128 characters.

refresh_token

Required: No
Type: string

  • When grant_type = refresh_token, please input refresh token.

Response

200

{
  "access_token": string,
  "token_type": string,
  "expires_in": number,
  "refresh_token": string
}
  • To use accsess_token, please add Authorization: Bearer ${access_token} to the header when making an API request.

400

  • Return error based on OAuth 2.0

Revoke access token

POST: /oauth/revoke

Header

X-Api-Version

Required: YES

  • This is the VRoid Hub API version. The current version is version 11.

Request parameters

client_id

Required: Yes
Type: string

client_secret

Required: Yes
Type: string

token

Required: YES
Type: string

  • Specify accsess_token you have already obtained and add Authorization: Bearer ${access_token} to the header.

Response

200

  • Return error based on OAuth 2.0

400

  • Return error based on OAuth 2.0

Copyright © pixiv