Ability to create message using the API but not as a bot

[cheshire137]

Hi! I've got a Discord application where I authenticated via OAuth2 with a redirect URI, got a bearer token, and can make API requests. However, it's hard to tell which API requests require a bot versus just the regular bearer token I have. I'm specifically trying to send a direct message via the API to a particular server I belong to, which is something I can do personally in the Discord app, but which I can't seem to do programmatically via the Discord API. Here's an example request that gives me a 401 response:

curl -X 'POST' -d '{"content":"hello world","tts":false}' \
  -H 'Accept: application/json' \
  -H 'Authorization: Bearer my_access_token' \
  -H 'Content-Type: application/json' \
  -H 'User-Agent: my_app' 'https://discord.com/api/v10/channels/some_channel_or_recipient_id/messages'

I've been referencing https://discord.com/developers/docs/resources/channel#create-message.

Even just doing a simple 'get channel' request for a channel on a server I belong to, or for a DM I'm in, fails with a 401 response. I can't turn my app into a bot because I don't admin the server I'm trying to interact with, I just want a way to programmatically take the same actions as I can personally.

Some API endpoints such as https://discord.com/developers/docs/resources/user#get-current-user-guild-member work fine with my bearer token.

• Can the API docs be improved to show which ones will work with a non-bot application versus working only with bot applications?
• Can the API be extended to allow non-bots to have more capabilities? I'd love to be able to do everything via the API that I can personally in the official Discord app.

[AlmostSuspense]

All endpoints that can be used with oauth are listed in the oauth table and have a "requires x scope" in the endpoint description. Pretry much all other endpoints require a bot token

What you're asking is basically selfbotting (automating your user account) which is against the tos

[cheshire137]

Thank you!

[Crazyday69]

@cheshire137 Did you find how to do this ?

[Jupith]

It's assumed that all endpoints are bot only unless they are listed/linked on the oauth2 scopes list.

[SagarTS]

@cheshire137 is there any update on this now? Or still we cannot do it? Please let me know if you have any information regarding this.
Thank you

[kkrypt0nn]

Support for that hasn't been added (and probably never will) and self-botting is still against ToS 👍

[RealAlphabet]

Would it be possible for discord to allow a bot to respond to an interaction with a message that it wishes to send instead of the user, and the user has to confirm whether he authorizes the bot to write this message for him?

This could be very useful when using pre-defined responses in tickets.

Example:

1. /impersonate
2. The bot responds to the interaction with a new type "Impersonate" and a reply message such as "Hello world!".
3. The Discord client displays a modal "Do you authorize the bot "Bot name" to send a message for you?" *Display a preview of what it would look like in chat with the current user's name and the content of the message".
4. The user authorizes.
5. Discord sends the message as if the user had written it himself.

To reduce friction, we could imagine that the member could give temporary or definitive consent via a "Always authorize this bot" box. This would authorize the bot to send a single message as the user, when performing future interactions.

[kkrypt0nn]

That has not really something to do with the initial question in the discussion - open a new discussion for a feature request.

And you can pretty much handle your workflow with normal response with buttons etc. May not look elegant, but works. Discord probably won't waste time on that