logo

pleroma

My custom branche(s) on git.pleroma.social/pleroma/pleroma git clone https://anongit.hacktivis.me/git/pleroma.git/

differences_in_mastoapi_responses.md (24150B)


  1. # Differences in Mastodon API responses from vanilla Mastodon
  2. A Pleroma instance can be identified by "<Mastodon version> (compatible; Pleroma <version>)" present in `version` field in response from `/api/v1/instance` and `/api/v2/instance`
  3. ## Flake IDs
  4. Pleroma uses 128-bit ids as opposed to Mastodon's 64 bits. However, just like Mastodon's ids, they are lexically sortable strings
  5. ## Timelines
  6. Adding the parameter `with_muted=true` to the timeline queries will also return activities by muted (not by blocked!) users.
  7. Adding the parameter `exclude_visibilities` to the timeline queries will exclude the statuses with the given visibilities. The parameter accepts an array of visibility types (`public`, `unlisted`, `private`, `direct`), e.g., `exclude_visibilities[]=direct&exclude_visibilities[]=private`.
  8. Adding the parameter `reply_visibility` to the public and home timelines queries will filter replies. Possible values: without parameter (default) shows all replies, `following` - replies directed to you or users you follow, `self` - replies directed to you.
  9. Adding the parameter `instance=lain.com` to the public timeline will show only statuses originating from `lain.com` (or any remote instance).
  10. Home, public, hashtag & list timelines accept these parameters:
  11. - `only_media`: show only statuses with media attached
  12. - `local`: show only local statuses
  13. - `remote`: show only remote statuses
  14. ## Statuses
  15. - `visibility`: has additional possible values `list` and `local` (for local-only statuses)
  16. Has these additional fields under the `pleroma` object:
  17. - `local`: true if the post was made on the local instance
  18. - `conversation_id`: the ID of the AP context the status is associated with (if any)
  19. - `direct_conversation_id`: the ID of the Mastodon direct message conversation the status is associated with (if any)
  20. - `in_reply_to_account_acct`: the `acct` property of User entity for replied user (if any)
  21. - `content`: a map consisting of alternate representations of the `content` property with the key being its mimetype. Currently, the only alternate representation supported is `text/plain`
  22. - `spoiler_text`: a map consisting of alternate representations of the `spoiler_text` property with the key being its mimetype. Currently, the only alternate representation supported is `text/plain`
  23. - `expires_at`: a datetime (iso8601) that states when the post will expire (be deleted automatically), or empty if the post won't expire
  24. - `thread_muted`: true if the thread the post belongs to is muted
  25. - `emoji_reactions`: A list with emoji / reaction maps. The format is `{name: "☕", count: 1, me: true}`. Contains no information about the reacting users, for that use the `/statuses/:id/reactions` endpoint.
  26. - `parent_visible`: If the parent of this post is visible to the user or not.
  27. - `pinned_at`: a datetime (iso8601) when status was pinned, `null` otherwise.
  28. - `quotes_count`: the count of status quotes.
  29. - `non_anonymous`: true if the source post specifies the poll results are not anonymous. Currently only implemented by Smithereen.
  30. - `bookmark_folder`: the ID of the folder bookmark is stored within (if any).
  31. - `list_id`: the ID of the list the post is addressed to (if any, only returned to author).
  32. The `GET /api/v1/statuses/:id/source` endpoint additionally has the following attributes:
  33. - `content_type`: The content type of the status source.
  34. ## Scheduled statuses
  35. Has these additional fields in `params`:
  36. - `expires_in`: the number of seconds the posted activity should expire in.
  37. ## Media Attachments
  38. Has these additional fields under the `pleroma` object:
  39. - `mime_type`: mime type of the attachment.
  40. ### Attachment cap
  41. Some apps operate under the assumption that no more than 4 attachments can be returned or uploaded. Pleroma however does not enforce any limits on attachment count neither when returning the status object nor when posting.
  42. ### Limitations
  43. Pleroma does not process remote images and therefore cannot include fields such as `meta` and `blurhash`. It does not support focal points or aspect ratios. The frontend is expected to handle it.
  44. ## Bookmarks
  45. The `GET /api/v1/bookmarks` endpoint accepts optional parameter `folder_id` for bookmark folder ID.
  46. The `POST /api/v1/statuses/:id/bookmark` endpoint accepts optional parameter `folder_id` for bookmark folder ID.
  47. ## Accounts
  48. The `id` parameter can also be the `nickname` of the user. This only works in these endpoints, not the deeper nested ones for following etc.
  49. - `/api/v1/accounts/:id`
  50. - `/api/v1/accounts/:id/statuses`
  51. `/api/v1/accounts/:id/statuses` endpoint accepts these parameters:
  52. - `pinned`: include only pinned statuses
  53. - `tagged`: with tag
  54. - `only_media`: include only statuses with media attached
  55. - `with_muted`: include statuses/reactions from muted accounts
  56. - `exclude_reblogs`: exclude reblogs
  57. - `exclude_replies`: exclude replies
  58. - `exclude_visibilities`: exclude visibilities
  59. Endpoints which accept `with_relationships` parameter:
  60. - `/api/v1/accounts/:id`
  61. - `/api/v1/accounts/:id/followers`
  62. - `/api/v1/accounts/:id/following`
  63. - `/api/v1/mutes`
  64. Has these additional fields under the `pleroma` object:
  65. - `ap_id`: nullable URL string, ActivityPub id of the user
  66. - `background_image`: nullable URL string, background image of the user
  67. - `tags`: Lists an array of tags for the user
  68. - `relationship` (object): Includes fields as documented for Mastodon API https://docs.joinmastodon.org/entities/relationship/
  69. - `is_moderator`: boolean, nullable, true if user is a moderator
  70. - `is_admin`: boolean, nullable, true if user is an admin
  71. - `confirmation_pending`: boolean, true if a new user account is waiting on email confirmation to be activated
  72. - `hide_favorites`: boolean, true when the user has hiding favorites enabled
  73. - `hide_followers`: boolean, true when the user has follower hiding enabled
  74. - `hide_follows`: boolean, true when the user has follow hiding enabled
  75. - `hide_followers_count`: boolean, true when the user has follower stat hiding enabled
  76. - `hide_follows_count`: boolean, true when the user has follow stat hiding enabled
  77. - `settings_store`: A generic map of settings for frontends. Opaque to the backend. Only returned in `/api/v1/accounts/verify_credentials` and `/api/v1/accounts/update_credentials`
  78. - `chat_token`: The token needed for Pleroma shoutbox. Only returned in `/api/v1/accounts/verify_credentials`
  79. - `deactivated`: boolean, true when the user is deactivated
  80. - `allow_following_move`: boolean, true when the user allows automatically follow moved following accounts
  81. - `unread_conversation_count`: The count of unread conversations. Only returned to the account owner.
  82. - `unread_notifications_count`: The count of unread notifications. Only returned to the account owner.
  83. - `notification_settings`: object, can be absent. See `/api/v1/pleroma/notification_settings` for the parameters/keys returned.
  84. - `accepts_chat_messages`: boolean, but can be null if we don't have that information about a user
  85. - `favicon`: nullable URL string, Favicon image of the user's instance
  86. - `avatar_description`: string, image description for user avatar, defaults to empty string
  87. - `header_description`: string, image description for user banner, defaults to empty string
  88. ### Source
  89. Has these additional fields under the `pleroma` object:
  90. - `show_role`: boolean, nullable, true when the user wants his role (e.g admin, moderator) to be shown
  91. - `no_rich_text` - boolean, nullable, true when html tags are stripped from all statuses requested from the API
  92. - `discoverable`: boolean, true when the user allows external services (search bots) etc. to index / list the account (regardless of this setting, user will still appear in regular search results)
  93. - `actor_type`: string, the type of this account.
  94. ## Conversations
  95. Has an additional field under the `pleroma` object:
  96. - `recipients`: The list of the recipients of this Conversation. These will be addressed when replying to this conversation.
  97. ## GET `/api/v1/conversations`
  98. Accepts additional parameters:
  99. - `recipients`: Only return conversations with the given recipients (a list of user ids). Usage example: `GET /api/v1/conversations?recipients[]=1&recipients[]=2`
  100. ## Account Search
  101. Behavior has changed:
  102. - `/api/v1/accounts/search`: Does not require authentication
  103. ## Search (global)
  104. Unlisted posts are available in search results, they are considered to be public posts that shouldn't be shown in local/federated timeline.
  105. ## Notifications
  106. Has these additional fields under the `pleroma` object:
  107. - `is_seen`: true if the notification was read by the user
  108. ### Move Notification
  109. The `type` value is `move`. Has an additional field:
  110. - `target`: new account
  111. ### EmojiReact Notification
  112. The `type` value is `pleroma:emoji_reaction`. Has these fields:
  113. - `emoji`: The used emoji
  114. - `account`: The account of the user who reacted
  115. - `status`: The status that was reacted on
  116. ### ChatMention Notification (not default)
  117. This notification has to be requested explicitly.
  118. The `type` value is `pleroma:chat_mention`
  119. - `account`: The account who sent the message
  120. - `chat_message`: The chat message
  121. ### Report Notification (not default)
  122. This notification has to be requested explicitly.
  123. The `type` value is `pleroma:report`
  124. - `account`: The account who reported
  125. - `report`: The report
  126. ## GET `/api/v1/notifications`
  127. Accepts additional parameters:
  128. - `exclude_visibilities`: will exclude the notifications for activities with the given visibilities. The parameter accepts an array of visibility types (`public`, `unlisted`, `private`, `direct`). Usage example: `GET /api/v1/notifications?exclude_visibilities[]=direct&exclude_visibilities[]=private`.
  129. - `include_types`: will include the notifications for activities with the given types. The parameter accepts an array of types (`mention`, `follow`, `reblog`, `favourite`, `move`, `pleroma:emoji_reaction`, `pleroma:chat_mention`, `pleroma:report`). Usage example: `GET /api/v1/notifications?include_types[]=mention&include_types[]=reblog`.
  130. ## DELETE `/api/v1/notifications/destroy_multiple`
  131. An endpoint to delete multiple statuses by IDs.
  132. Required parameters:
  133. - `ids`: array of activity ids
  134. Usage example: `DELETE /api/v1/notifications/destroy_multiple/?ids[]=1&ids[]=2`.
  135. Returns on success: 200 OK `{}`
  136. ## POST `/api/v1/statuses`
  137. Additional parameters can be added to the JSON body/Form data:
  138. - `preview`: boolean, if set to `true` the post won't be actually posted, but the status entity would still be rendered back. This could be useful for previewing rich text/custom emoji, for example.
  139. - `content_type`: string, contain the MIME type of the status, it is transformed into HTML by the backend. You can get the list of the supported MIME types with the nodeinfo endpoint.
  140. - `to`: A list of nicknames (like `lain@soykaf.club` or `lain` on the local server) that will be used to determine who is going to be addressed by this post. Using this will disable the implicit addressing by mentioned names in the `status` body, only the people in the `to` list will be addressed. The normal rules for post visibility are not affected by this and will still apply.
  141. - `visibility`: string, besides standard MastoAPI values (`direct`, `private`, `unlisted`, `local` or `public`) it can be used to address a List by setting it to `list:LIST_ID`.
  142. - `expires_in`: The number of seconds the posted activity should expire in. When a posted activity expires it will be deleted from the server, and a delete request for it will be federated. This needs to be longer than an hour.
  143. - `in_reply_to_conversation_id`: Will reply to a given conversation, addressing only the people who are part of the recipient set of that conversation. Sets the visibility to `direct`.
  144. ## GET `/api/v1/statuses`
  145. An endpoint to get multiple statuses by IDs.
  146. Required parameters:
  147. - `ids`: array of activity ids
  148. Usage example: `GET /api/v1/statuses/?ids[]=1&ids[]=2`.
  149. Returns: array of Status.
  150. The maximum number of statuses is limited to 100 per request.
  151. ## PATCH `/api/v1/accounts/update_credentials`
  152. Additional parameters can be added to the JSON body/Form data:
  153. - `no_rich_text` - if true, html tags are stripped from all statuses requested from the API
  154. - `hide_followers` - if true, user's followers will be hidden
  155. - `hide_follows` - if true, user's follows will be hidden
  156. - `hide_followers_count` - if true, user's follower count will be hidden
  157. - `hide_follows_count` - if true, user's follow count will be hidden
  158. - `hide_favorites` - if true, user's favorites timeline will be hidden
  159. - `show_role` - if true, user's role (e.g admin, moderator) will be exposed to anyone in the API
  160. - `default_scope` - the scope returned under `privacy` key in Source subentity
  161. - `pleroma_settings_store` - Opaque user settings to be saved on the backend.
  162. - `skip_thread_containment` - if true, skip filtering out broken threads
  163. - `allow_following_move` - if true, allows automatically follow moved following accounts
  164. - `also_known_as` - array of ActivityPub IDs, needed for following move
  165. - `pleroma_background_image` - sets the background image of the user. Can be set to "" (an empty string) to reset.
  166. - `discoverable` - if true, external services (search bots) etc. are allowed to index / list the account (regardless of this setting, user will still appear in regular search results).
  167. - `actor_type` - the type of this account.
  168. - `accepts_chat_messages` - if false, this account will reject all chat messages.
  169. - `language` - user's preferred language for receiving emails (digest, confirmation, etc.)
  170. - `avatar_description` - image description for user avatar
  171. - `header_description` - image description for user banner
  172. All images (avatar, banner and background) can be reset to the default by sending an empty string ("") instead of a file.
  173. ### Pleroma Settings Store
  174. Pleroma has mechanism that allows frontends to save blobs of json for each user on the backend. This can be used to save frontend-specific settings for a user that the backend does not need to know about.
  175. The parameter should have a form of `{frontend_name: {...}}`, with `frontend_name` identifying your type of client, e.g. `pleroma_fe`. It will overwrite everything under this property, but will not overwrite other frontend's settings.
  176. This information is returned in the `/api/v1/accounts/verify_credentials` endpoint.
  177. ## Authentication
  178. *Pleroma supports refreshing tokens.*
  179. ### POST `/oauth/token`
  180. You can obtain access tokens for a user in a few additional ways.
  181. #### Refreshing a token
  182. To obtain a new access token from a refresh token, pass `grant_type=refresh_token` with the following extra parameters:
  183. - `refresh_token`: The refresh token.
  184. #### Getting a token with a password
  185. To obtain a token from a user's password, pass `grant_type=password` with the following extra parameters:
  186. - `username`: Username to authenticate.
  187. - `password`: The user's password.
  188. #### Response body
  189. Additional fields are returned in the response:
  190. - `id`: The primary key of this token in Pleroma's database.
  191. - `me` (user tokens only): The ActivityPub ID of the user who owns the token.
  192. ## Account Registration
  193. `POST /api/v1/accounts`
  194. Has these additional parameters (which are the same as in Pleroma-API):
  195. - `fullname`: optional
  196. - `bio`: optional
  197. - `captcha_solution`: optional, contains provider-specific captcha solution,
  198. - `captcha_token`: optional, contains provider-specific captcha token
  199. - `captcha_answer_data`: optional, contains provider-specific captcha data
  200. - `token`: invite token required when the registrations aren't public.
  201. - `language`: optional, user's preferred language for receiving emails (digest, confirmation, etc.), default to the language set in the `userLanguage` cookies or `Accept-Language` header.
  202. ## Instance
  203. `GET /api/v1/instance` has additional fields
  204. - `max_toot_chars`: The maximum characters per post
  205. - `max_media_attachments`: Maximum number of post media attachments
  206. - `chat_limit`: The maximum characters per chat message
  207. - `description_limit`: The maximum characters per image description
  208. - `poll_limits`: The limits of polls
  209. - `shout_limit`: The maximum characters per Shoutbox message
  210. - `upload_limit`: The maximum upload file size
  211. - `avatar_upload_limit`: The same for avatars
  212. - `background_upload_limit`: The same for backgrounds
  213. - `banner_upload_limit`: The same for banners
  214. - `background_image`: A background image that frontends can use
  215. - `pleroma.metadata.account_activation_required`: Whether users are required to confirm their emails before signing in
  216. - `pleroma.metadata.birthday_required`: Whether users are required to provide their birth day when signing in
  217. - `pleroma.metadata.birthday_min_age`: The minimum user age (in days)
  218. - `pleroma.metadata.features`: A list of supported features
  219. - `pleroma.metadata.federation`: The federation restrictions of this instance
  220. - `pleroma.metadata.fields_limits`: A list of values detailing the length and count limitation for various instance-configurable fields.
  221. - `pleroma.metadata.post_formats`: A list of the allowed post format types
  222. - `pleroma.stats.mau`: Monthly active user count
  223. - `pleroma.vapid_public_key`: The public key needed for push messages
  224. In, `GET /api/v2/instance` Pleroma-specific fields are all moved into `pleroma` object. `max_toot_chars`, `poll_limits` and `upload_limit` are replaced with their MastoAPI counterparts.
  225. ## Push Subscription
  226. `POST /api/v1/push/subscription`
  227. `PUT /api/v1/push/subscription`
  228. Permits these additional alert types:
  229. - pleroma:chat_mention
  230. - pleroma:emoji_reaction
  231. ## Markers
  232. Has these additional fields under the `pleroma` object:
  233. - `unread_count`: contains number unread notifications
  234. ## Streaming
  235. ### Chats
  236. There is an additional `user:pleroma_chat` stream. Incoming chat messages will make the current chat be sent to this `user` stream. The `event` of an incoming chat message is `pleroma:chat_update`. The payload is the updated chat with the incoming chat message in the `last_message` field.
  237. ### Remote timelines
  238. For viewing remote server timelines, there are `public:remote` and `public:remote:media` streams. Each of these accept a parameter like `?instance=lain.com`.
  239. ### Follow relationships updates
  240. Pleroma streams follow relationships updates as `pleroma:follow_relationships_update` events to the `user` stream.
  241. The message payload consist of:
  242. - `state`: a relationship state, one of `follow_pending`, `follow_accept` or `follow_reject`.
  243. - `follower` and `following` maps with following fields:
  244. - `id`: user ID
  245. - `follower_count`: follower count
  246. - `following_count`: following count
  247. ### Authenticating via `sec-websocket-protocol` header
  248. Pleroma allows to authenticate via the `sec-websocket-protocol` header, for example, if your access token is `your-access-token`, you can authenticate using the following:
  249. ```
  250. sec-websocket-protocol: your-access-token
  251. ```
  252. ### Authenticating after connection via `pleroma:authenticate` event
  253. Pleroma allows to authenticate after connection is established, via the `pleroma:authenticate` event. For example, if your access token is `your-access-token`, you can send the following after the connection is established:
  254. ```
  255. {"type": "pleroma:authenticate", "token": "your-access-token"}
  256. ```
  257. ### Response to client-sent events
  258. Pleroma will respond to client-sent events that it recognizes. Supported event types are:
  259. - `subscribe`
  260. - `unsubscribe`
  261. - `pleroma:authenticate`
  262. The reply will be in the following format:
  263. ```
  264. {
  265. "event": "pleroma:respond",
  266. "payload": "{\"type\": \"<type of the client-sent event>\", \"result\": \"<result of the action>\", \"error\": \"<error code>\"}"
  267. }
  268. ```
  269. Result of the action can be either `success`, `ignored` or `error`. If it is `error`, the `error` property will contain the error code. Otherwise, the `error` property will not be present. Below are some examples:
  270. ```
  271. {
  272. "event": "pleroma:respond",
  273. "payload": "{\"type\": \"pleroma:authenticate\", \"result\": \"success\"}"
  274. }
  275. {
  276. "event": "pleroma:respond",
  277. "payload": "{\"type\": \"subscribe\", \"result\": \"ignored\"}"
  278. }
  279. {
  280. "event": "pleroma:respond",
  281. "payload": "{\"type\": \"unsubscribe\", \"result\": \"error\", \"error\": \"bad_topic\"}"
  282. }
  283. ```
  284. If the sent event is not of a type that Pleroma supports, it will not reply.
  285. ### The `stream` attribute of a server-sent event
  286. Technically, this is in Mastodon, but its documentation does nothing to specify its format.
  287. This attribute appears on every event type except `pleroma:respond` and `delete`. It helps clients determine where they should display the new statuses.
  288. The value of the attribute is an array containing one or two elements. The first element is the type of the stream. The second is the identifier related to that specific stream, if applicable.
  289. For the following stream types, there is a second element in the array:
  290. - `list`: The second element is the id of the list, as a string.
  291. - `hashtag`: The second element is the name of the hashtag.
  292. - `public:remote:media` and `public:remote`: The second element is the domain of the corresponding instance.
  293. For all other stream types, there is no second element.
  294. Some examples of valid `stream` values:
  295. - `["list", "1"]`: List of id 1.
  296. - `["hashtag", "mew"]`: The hashtag #mew.
  297. - `["user:notifications"]`: Notifications for the current user.
  298. - `["user"]`: Home timeline.
  299. - `["public:remote", "mew.moe"]`: Public posts from the instance mew.moe .
  300. ### The unified streaming endpoint
  301. If you do not specify a stream to connect to when requesting `/api/v1/streaming`, you will enter a connection that subscribes to no streams. After the connection is established, you can authenticate and then subscribe to different streams.
  302. ### List of supported streams
  303. Below is a list of supported streams by Pleroma. To make a single-stream WebSocket connection, append the string specified in "Query style" to the streaming endpoint url.
  304. To subscribe to a stream after the connection is established, merge the JSON object specified in "Subscribe style" with `{"type": "subscribe"}`. To unsubscribe, merge it with `{"type": "unsubscribe"}`.
  305. For example, to receive updates on the list 1, you can connect to `/api/v1/streaming/?stream=list&list=1`, or send
  306. ```
  307. {"type": "subscribe", "stream": "list", "list": "1"}
  308. ```
  309. upon establishing the websocket connection.
  310. To unsubscribe to list 1, send
  311. ```
  312. {"type": "unsubscribe", "stream": "list", "list": "1"}
  313. ```
  314. Note that if you specify a stream that requires a logged-in user in the query string (for example, `user` or `list`), you have to specify the access token when you are trying to establish the connection, i.e. in the query string or via the `sec-websocket-protocol` header.
  315. - `list`
  316. - Query style: `?stream=list&list=<id>`
  317. - Subscribe style: `{"stream": "list", "list": "<id>"}`
  318. - `public`, `public:local`, `public:media`, `public:local:media`, `user`, `user:pleroma_chat`, `user:notifications`, `direct`
  319. - Query style: `?stream=<stream name>`
  320. - Subscribe style: `{"stream": "<stream name>"}`
  321. - `hashtag`
  322. - Query style: `?stream=hashtag&tag=<name>`
  323. - Subscribe style: `{"stream": "hashtag", "tag": "<name>"}`
  324. - `public:remote`, `public:remote:media`
  325. - Query style: `?stream=<stream name>&instance=<instance domain>`
  326. - Subscribe style: `{"stream": "<stream name>", "instance": "<instance domain>"}`
  327. ## User muting and thread muting
  328. Both user muting and thread muting can be done for only a certain time by adding an `expires_in` parameter to the API calls and giving the expiration time in seconds.
  329. ## Not implemented
  330. Pleroma is generally compatible with the Mastodon 2.7.2 API, but some newer features and non-essential features are omitted. These features usually return an HTTP 200 status code, but with an empty response. While they may be added in the future, they are considered low priority.
  331. ### Suggestions
  332. *Added in Mastodon 2.4.3*
  333. - `GET /api/v1/suggestions`: Returns an empty array, `[]`
  334. ### Trends
  335. *Added in Mastodon 3.0.0*
  336. - `GET /api/v1/trends`: Returns an empty array, `[]`
  337. ### Featured tags
  338. *Added in Mastodon 3.0.0*
  339. - `GET /api/v1/featured_tags`: Returns HTTP 404