Tried to use several different API endpoints as described in the link, but they all return 403 with a cloudflare “Just a moment…” html reply. Even tried copying an existing jwt token from a working logged-in browser but the same thing still happens.

Any idea what I could be doing wrong?

curl -v --request POST \
     --url https://programming.dev/api/v3/user/login \
     --header 'accept: application/json' \
     --header 'content-type: application/json' \
     --data '{"username_or_email": "redacted", "password": "redacted"}'
...
< HTTP/2 403
...
<!DOCTYPE html><html lang="en-US"><head><title>Just a moment...</title>
...
  • themoonisacheese@sh.itjust.works
    link
    fedilink
    arrow-up
    6
    arrow-down
    1
    ·
    7 months ago

    You’re not passing cloudflares anti bot challenge. This is known to be a hard problem, as obviously CF is highly motivated to stop bots

    • refaloOP
      link
      fedilink
      arrow-up
      4
      arrow-down
      1
      ·
      7 months ago

      then what is the point of allowing bots on lemmy if they can’t work?

      • pe1uca@lemmy.pe1uca.dev
        link
        fedilink
        arrow-up
        2
        arrow-down
        1
        ·
        7 months ago

        Bots on Lemmy are allowed, that’s why the API exists.
        Bots on programming.dev seems are not allowed since all endpoints require to pass CF.