Tried to use several different API endpoints as described in the link, but they all return 403 with a cloudflare “Just a moment…” html reply. Even tried copying an existing jwt token from a working logged-in browser but the same thing still happens.

Any idea what I could be doing wrong?

curl -v --request POST \
     --url https://programming.dev/api/v3/user/login \
     --header 'accept: application/json' \
     --header 'content-type: application/json' \
     --data '{"username_or_email": "redacted", "password": "redacted"}'
...
< HTTP/2 403
...
<!DOCTYPE html><html lang="en-US"><head><title>Just a moment...</title>
...
  • CrolishGrandma@lemmy.world
    link
    fedilink
    arrow-up
    4
    arrow-down
    1
    ·
    6 months ago

    I have no knowledge of this specific issue but 403 means unauthorized and the “Just a moment” response is usually because the server sends a JavaScript challenge to verify that you are a ‘real’ browser/user. It’s an anti bot verification and you’re not passing.

    • refaloOP
      link
      fedilink
      arrow-up
      4
      arrow-down
      1
      ·
      6 months ago

      yes but this defeats the whole point of allowing bots on lemmy in the first place.