Skip to content
Mastodon API Client for node
Branch: master
Clone or download
Pull request Compare This branch is 34 commits ahead, 59 commits behind ttezel:master.
hayley 1.2.2
Latest commit 3971ccd Mar 17, 2018


Mastodon API Client for node


npm install mastodon


var Masto = require('mastodon')

var M = new Masto({
  access_token: '...',
  timeout_ms: 60*1000,  // optional HTTP request timeout to apply to all requests.
  api_url: '', // optional, defaults to

node-mastodon API:

var M = new Masto(config)

Create a Mastodon instance that can be used to make requests to Mastodon's APIs. Currently only supports oauth2 access tokens (no username/password auth) for security reasons.

I advise that you use the oauth package to get the user's access_token. More information about how to do that is on the wiki.
You'll need to register your app on Mastodon first as well.

If authenticating with user context, config should be an object of the form:

  access_token: '...'

M.get(path, [params], callback)

GET any of the REST API endpoints.


The endpoint to hit.


(Optional) parameters for the request.


function (err, data, response)

  • data is the parsed data received from Mastodon.
  • response is the http.IncomingMessage received from Mastodon., [params], callback)

POST any of the REST API endpoints. Same usage as T.get().


Get the client's authentication tokens.


Update the client's authentication tokens.


Reading the home timeline

M.get('timelines/home', {}).then(resp => console.log(

Upload an image and attach it to a tweet

var id;'media', { file: fs.createReadStream('path/to/image.png') }).then(resp => {
  id =;'statuses', { status: '#selfie', media_ids: [id] })


You may specify an array of trusted certificate fingerprints if you want to only trust a specific set of certificates. When an HTTP response is received, it is verified that the certificate was signed, and the peer certificate's fingerprint must be one of the values you specified. By default, the node.js trusted "root" CAs will be used.


var M = new Masto({
  access_token:         '...',
  trusted_cert_fingerprints: [
You can’t perform that action at this time.