The issue with saying TypeScript only for Deno is that people might assume that the other JS libs don't support TS.

I do agree with you guys that specifying runtime, may not be necessary but I feel it would be inaccurate to label this as a JS lib. Although people can confuse it at times because TS is built on top of JS, TS is its own language, that transpiles to JS which could one day transpile to WASM or anything else. To a TS developer, a project that's built with TS is very different to a project built in JS with typings.

Having typings is not the same as properly supporting TS as a library built wi...

Http headers are case insensitive. Doesn't really matter what case we decide to in the docs - the choice is to make them camel cased to show each word (this is technically what we emit in our code - but there is varying levels of proxying that down-cases headers. Either way, basically every http client implementation treats them as case insensitive. Which means it's really irrelevant which casing they have in the docs. For now, we will keep them as they are.

Por favor, este não é o canal para resolver problemas relacionados ao desenvolvimento de bots em si. Também não é o local para se falar português.

O melhor que eu posso fazer é te apontar para a guilda mas, deixo a nota de que você ainda não vai conseguir resolver seus problemas em português na guilda, aqui fica o convite: discord.gg/discord-api. Boa sorte.

Please, this is not the channel to solve problems related to the development of bots themselves. It is also not the pl...

I'm not entirely sure this is necessary. All endpoints which result in an audit log entry support the header.

Yeah but the clients do not show reasons on some actions, even though a reason is attached.. I'e deleting invites and channels.

This is a recurring question in DAPI because "All endpoints which result in an audit log entry" is somewhat awkward to discover, relative to having an explicit list that links to the relevant endpoint for the given audit log event.

You're left to infer which endpoints are responsible for each event - something like this would improve that learning step.

well the bot has it and doesn't have it, like the owner has it but the bot itself doesn't have a 2fa auth seed linked so that's probably throwing it off?

GitHub is being dumb and not loading the comment dialog; should content be a type ?string, since you can null it to remove the content iirc?

It's not shown in the diff, but above the table it says

All parameters to this endpoint are optional and nullable.

link

ah, my bad.

I'm not entirely sure this is necessary. All endpoints which result in an audit log entry support the header

@jhgg

It is generally useful to have the information about the headers and body needed in the place that describes that endpoint... otherwise you have to jump between several places just to find out the functionality of an endpoint. As a developer, that is confusing and consumes more time, especially if you are only just starting with using this API rather than already knowing ...

Wait, so the limit isn't just one every five seconds? Is this new behaviour?

Is this new behaviour?

No, this has been a feature for years. They just now added a field which allows us to find out which concurrency limit a bot is eligible for. Only large bot owners are eligible, so this feature was rather niche and unknown until now.

@MinnDevelopment cheers for clarifying

Idea: A more future-proof solution instead of adding a message box to every endpoint would be adding icon tags next to endpoints that describe specific features. So the endpoints that support X-Audit-Log-Reason would get a little icon next to them which on hover shows that this header is supported and on click takes the user to a more detailed description about the header. It would also allow an endpoint to be tagged with multiple icons at the same time, in case new features arrive in the fut...

How can i get member count of my server in bot and send it to my website?

https://discord.com/developers/docs/resources/guild#get-guild

In the future, use https://discord.gg/discord-api (in #api) to ask these kind of questions. 👍

i can't access discord website, can u write it for me?

Request this with the appropriate authorization header and you should be good to go..

GET https://discordapp.com/api/guilds/:id?with_counts=true

```httpspec
GET https://discordapp.com/api/guilds/:id?with_counts=true

where? how?

There's been similar feature requests for labeling which endpoints are used by oauth2/bots. While it would be cool, I don't see Discord spending time building that feature out anytime soon.

Adding links to the endpoints in the Audit Log Events table is a much smaller diff, is easily understood, and will work today. It may not be the most discoverable place, but it is the Audit Log page, a...

They could always consider delegating some power to a small handful of trusted people that contribute to this documentation, while still requiring PR reviews.

Would enable the community to shape the documentation into a format that we find useful and helpful, rather than one that Discord thinks we will find useful and helpful, as having direct access to the source code does introduce a tincy amount of bias towards how understandable some slabs of text and some tables would be.

Would also po...

Rather than an infobox after the description, might I suggest simply adding "Creates an audit log entry" to the descriptions? Many endpoints that fire off a gateway event will describe that within their description, i.e. "Fires a Channel Update gateway event". Perhaps we could do the same for audit logs, i.e. "Fires a Channel Update gateway event, and creates an audit log entry" (or simply "Creates an audit log entry" where the endpoint does not fire off a gateway event).

Just because something makes an audit log entry, doesn't mean you can specify this header unfortunately.

EMOJI DELETE didnt pay attention to the audit log header when I tried it a few days ago, despite being audit loggable.

While that is likely a bug, it would rely on the devs actively addressing every case that this occurs in (not sure if others exist), for this to be useful.

Then I would suggest marking those bugged endpoints as being bugged. There's no point in making a distinction since the endpoints that don't support the header yet make an entry are exceptions, not the rule, according to what was said above:

All endpoints which result in an audit log entry support the header.

I doubt the devs will let us merge a change that says "this endpoint is broken"... so until we get some form of response or resolution on that specific case, it would prevent being able to make any progress with improving the clarity of this aspect, I fear.

We intentionally made it harder to obtain full member list data, as at scale it is has become impractical to sync massive lists of members and there are privacy concerns with sharing full lists of guild members. You can still obtain members via chunking via REQUEST_GUILD_MEMBERS if you have guild members intent.

Thanks for the feedback. We do have plans to feed the concept of non-verified vs verified bots into our anti-abuse platform as it spins up, which is our optimal approach for dealing with these scam/spam bots. In an ideal world we're looking to stop these without introducing additional complexity into our products just for these kinds of bots.

should be fixed in the next api deploy

In general, if it's in our documentation it is meant to be supported/usable by bots. If you see something in our docs which isn't, I would recommend opening up an issue for that specifically as perhaps it was accidentally documented.

Thanks for looking into this.

In the current state of the API you have to chunk every single guild if you don't have the GUILD_PRESENCES intent set because it doesn't send the entire member list, regardless of the size of the guild. Even if the guild only has 10 members you have to chunk them which becomes a painful process when you are limited to a 120/60 rate limit. As far as I know the vast majority of guilds have less than 100 members, yet the same limits apply.

Privacy concerns make sense but some bots do require ...

Fixes #1635

please familiarise yourself with how HTTP functions and how to work with an HTTP API before attempting to do this; Discord's API isn't the best place to start if you haven't used a RESTful web API before. If you are using a library to interact with the Discord API rather than making RESTful web requests directly, please consult the documentation for that library and/or chat with the maintainers of said library for advice on how to tackle this :)

Some documented properties are only accessible via OAuth2/Get Current User instead of the Get User endpoint, which is what I believe Andre is asking about.

I can agree to what MinnDevelopment said.

My bot is in almost 14k Discord server now and chunking Members without access to the GUILD_PRESENCES intent is a near-impossible thing to do as the bot more than once hits the rate limit, causing delays and artificially increase the loading time of what was more or less 40+ seconds to well over 1 minute if not even 2 or more.

I can understand your concerns with privacy, but the near fact that almost 90% of all bots (Rough estimate but I'm quite...

Yeah, mostly.

Some specific features within the documentation require elevated OAuth2 scopes that usually aren't asked for when inviting a bot (And often also require separate handling by the bot itself)

And I'm also pretty sure that most of the things listed under "Game and Server Management", "Rich Presence", "Game SDK" and "Dispatch" aren't meant for bots so the excuse of "If it's documented, then it's available for bots" doesn't really work here.

I'm pretty sure Discord does not want you to fetch all users for those use cases.

• for user info, you should just fetch that specific member if they arent cached from a previous event
• for welcoming users, fetching users on start wouldn't help at all, and the member info is sent in the event
• for anything triggered by a message, the member object is sent in the event

By being used by bots, I think they meant just "programmatic access for developers"
This excludes user client only endpoints but includes these things and tools.
Although I'm not 100% sure about the whole "Game and Server Management" thing on this.. the documentation is also for game developers and it wouldn't really be bad if that stuff was in the docs imo

for user info, you should just fetch that specific member if they arent cached from a previous event

I would like to quote myself:

[...] some bots do require the members to be present in cache, for example to track changes of nicknames or roles. The API is built in a way that only tells you that an entity is updated, but doesn't tell you what has been updated.

On another note:

for anything triggered by a message, the member object is sent in the event

I don't understand ...

I personally just find it odd that the members aren't sent in GUILD_CREATE with the GUILD_MEMBERS intent. It's unintuitive to say the least, but I understand that I don't know the infrastructural / business logic reasons for it. If the bot is verified for the GUILD_MEMBERS intent, it would be implied that it's use-case is approved for knowing of (all) members in a guild and hence a candidate for the field in the GUILD_CREATE event.

There are also cases such as the one I made a feature request for earlier, #1612, which would really help reduce the requirement for keeping entire caches loaded for some bots.

Sleepy Discord is a library with the main feature being that it's modular and low level when needed but not when using the defaults. The library is almost 4 years old and has users using it for it’s modularity and also because they just want to use c++. As such, the library is made to fit both wants or needs. Right now the fixes are all in the develop branch but I plan to pull when no one here finds any issues with the rate limiter or any other bugs.

Last time, I made a request. There were...

Webhook usernames are identical to User usernames, so they cannot contain custom emoji in them. You can use normal emoji though..

3d0a0d5 fixes #1566 - night

More likely we will just set a static timestamp :)

@andersfylling do you have a specific host we can repro with? it's possibly a side-effect of some recent upgrades we've deployed

We split off characters after the last / to query metadata from the wiki api, so that's likely the culprit .. I'm actually a bit surprised wikipedia doesn't urlencode that forward slash.

We have no current plans to expose presence data without the intent due to privacy concerns. You can access a single member's presence via REQUEST_GUILD_MEMBERS using presences: true and passing the user's id when using the presences intent.

45a56d9 Fix markdown (#1682) - MinnDevelopment

The issue is that if you have a use case such as userinfo where you only need to get one user's presence, you get denied the intent because that doesn't justify getting all presence updates. Maybe allow bots to get whitelisted to only get a single user's presence? however that would be more work for Discord

Bot created group DMs are intentionally temporary and will be automatically deleted after a time period. They were created for the use case of supporting temporary voice chat for games back in Gamebridge times. I would consider usage of this deprecated, and it may ultimately be removed in the future. We are not adding additional functionality to this as a result.

72dd31c Update Guild.md (#1637) - Jump-Suit

Wait, why is this closed? What about part two?

It looks to be filling those values normally. perhaps there was a bug which has now been fixed?

to jake's point, if the action results in an audit log entry being created then the header should work (the code as written pulls the header during record creation, if it's available). please open an issue if that's not the case with a reproducible test case.

This is probably a regression, since this used to work.

df82b4c Fixes #1662 (#1667) - nekokatt

This isn't really a bug, per-se. Successful response here means the member, if one existed, has been kicked. We do similar behavior on many endpoints, though it is not consistent across them all since it doesn't really matter. You will see similar behavior on PUT requests too, where PUTing the same resource may result in a 204.

We most likely will not tear this into different permissions, since embeds and links are one in the same functionality wise. It is possible we may explore better permission acquisition for bots in the future, which may improve the flow of bots obtaining permissions they require for functionality.

It looks like we are not handling bots properly in a couple application level mfa checks. Bot/application owned guilds are a hack we created for Gamebridge back in the day. We may remove this functionality in the future so I wouldn't rely on it for new integrations. In the meantime you can probably transfer the owner of the server to yourself to set mfa on it.

We will be doing a pass to update the documentation in the future once this becomes inaccurate.

If the user is consistently sending invalid codes back, then it is likely you are receiving invalid or duplicate codes.

I've looked into the many times at this point, but it's not likely a bug on our end apart from potential redis drops during an outage.

this should be fixed

This seems to work just fine for me:

curl https://discord.com/api/v6/guilds/redacted/emojis/redacted -X DELETE -H 'X-Audit-Log-Reason: test' -H 'Authorization: Bot redacted'

@night I'm able to reproduce this relatively easily with a small number of users. It seems to be a per user issue, so I was thinking it had something to do with how their data is stored or a flag on their account. I'm happy to provide user ids, timestamps, etc, but I don't know where to send them.

Delete webhook with token doesn't seem to accept the audit log reason header despite being an endpoint that will "result in an audit log entry". This is shown with the following request.

> DELETE /api/webhooks/715052263395164192/QlJXN6hBvYOxgY-JIylpxieYx7UnRcT8q-NExnQ0tPsKnEDmRgg2ZRHCTFUDoG_7NeSy HTTP/1.1
> Host: canary.discordapp.com
> User-Agent: insomnia/7.1.1
> X-Audit-Log-Reason: Hi Hi
> Accept: */*

< HTTP/1.1 204 No Content
< Date: Wed, 27 May 2020 04:03:45 GMT
< Co...

Thank you very much! :)

Not quite sure if it got fixed, but I recently found API Communication issues from Discord & Spotify, giving my discord a lot of errors in console.

Are you talking about the 401's in console? That's just Spotify oauth tokens expiring, they're only valid for an hour ish and the client refreshes the token whenever it receives that error.

You don't need to worry about it, also in the future if you find an actual bug, it should be reported in Discord Testers (https://discord.gg/discord-testers). This repository is reserved for Discord API issues.

An endpoint similar to Get Current Application Information but for fetching info about any application with its id (without fields that need to be private of course). This would be useful for a few reasons:

• programmatically getting a bot's (estimated) server count, which can already be done manually via the OAuth page (expands on #1628)
• seeing the true owner(s) of a bot, to prevent another user clai...

@night It seems slightly disappointing that the clarity and ease of understanding for documentation that is being aimed at the community is being decided by developers that most likely know the internal code base. Regardless of internal opinions, several people expressed the same kinds of opinion for this. Closing this without further discussion seems a little bit of a shame, given it is a discussion towards making this API more accessible to people...

I honestly would urge stuff like thi...

On https://github.com/yourWaifu/sleepy-discord/blob/61d9c6f7f4021a417df7c33ac4640b1d0d345059/sleepy_discord/client.cpp#L161, you seem to only apply backoff logic in the case that you appear to be ratelimited, but do not get a ratelimited response.

Surely the only time that would happen is if you were making an unauthorized request in the first place? Otherwise you can assume that if the remaining bucket capacity was zero, you'd receive the 429... and you probably shouldn't be spamming unau...

The documentation for opcode 4 on the gateway (voice state update) is marked as being sendable only.

The voice documentation then says the complete opposite, by telling us we should wait for the gateway to send opcode 4 to us after we send it to them.

On the BaseDiscordClient::getTheGateway() procedure, you appear to use an undocumented endpoint, as well as using the old API URL that will be deprecated entirely later this year, since you hard code this, no one can use this current release of your library without having to be forced to incorporate at least one bugfix later this year if they want an application to be ...

@mdashlw the documentation suggests the use of /api/v6/gateway, not /api/gateway. That isn't documented anywhere on the link you provided or inferred as being documented from the REST versioning scheme.

discord.py appears to use this as well.

Discord.py does a lot of things that are undocumented, whether all libraries should follow is still questionable, especially since anything undocumented can potentially be changed and break the entire application without notice.

:)

Updated to clarify my actual point, as I realise I worded that terribly. My bad :)

You are talking about 2 different gateways. The voice gateway has its own set of op codes which are not connected to the main gateway op codes in any way.

Voice state update on v6 from the gateway provides a payload like this:

{"token": "guess what", "guild_id": "265828729970753537", "endpoint": "eu-west93.discord.media:80"}

Since this is port 80, I assume we use ws and not wss. Hitting ws://eu-west93.discord.media:80 provides me with a 403 and a cloudflare error

Using wss:// causes my client to issue an "in...

Are you talking about the VOICE_SERVER_UPDATE? The port on the endpoint should always be ignored by the client.

@MinnDevelopment doing this causes the same issues.

Data I could scrape:

{'Date': 'Wed, 27 May 2020 16:13:26 GMT', 'Content-Type': 'text/html; charset=UTF-8', 'Transfer-Encoding': 'chunked', 'Connection': 'keep-alive', 'X-Frame-Options': 'SAMEORIGIN', 'Cache-Control': 'private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0', 'Expires': 'Thu, 01 Jan 1970 00:00:01 GMT', 'Set-Cookie': '__cfduid=d3792e8f9851713415d7c1d38e5260d6d1590596006; expires=Fri, 26-Ju...

Upgrade headers were

{'Upgrade': 'WebSocket', 'Connection': 'Upgrade', 'Sec-WebSocket-Version': '13', 'Sec-WebSocket-Key': 'U8nuLstAPfxu5S6r4hNjuA=='}

if that is of help. Someone has suggested that the Upgrade needs to be in lower case, which is something I cannot control without fundementally rewriting the websockets implementation I am using. If this is the case, this is probably a bug, since [RFC-6455 specifies the token is registered as "WebSocket" explicitly on page 56](htt...

The upgrade header must be lowercase websocket.

See: https://tools.ietf.org/html/rfc6455#section-4

5. The request MUST contain an |Upgrade| header field whose value
   MUST include the "websocket" keyword.

@MinnDevelopment and page 21 says this is case insensitive. Page 56 says it is registered as "WebSocket", which aiohttp complies with :^)

Added a warning to the documentation to specify how clients should sanitise websocket URLs for voice.

Addresses the port confusion from https://github.com/discord/discord-api-docs/issues/1689. This now just needs Discord to make their websocket server RFC-6455-compliant to close that issue.

@mdashlw the gateway uri is not hardcoded. It's an option tho for testing purposes. This is a great place to test for that standard http get request is at least being sent. The hardcoded gateway compile option is for debugging for test if it's this that's stopping a bot from progressing.

I'll take a look when I get back. Another question I have is that; I keep getting random hello packets on the voice connection after thr first heartbeat. Should I ignore it? The docs do not mention that more hello phese packets should come after the first hello.

@taarek I don't understand why you send this. Seems pretty pointless since discord.com is being used in most request so I'm already aware of the base URL change. I just forgot that one somehow during my Ctrl f and replace.

@yourWaifu if it's an option to hardcode the gateway URL (and I can understand why one might want to do that) why not leave the actual value to the user and just provide them with the option to hardcode a gateway URL?

@acw0 not a bad idea, I just haven't thought of it.

You still receive it as an event. Otherwise I wouldn't have found the issue nor the solution to the other issue we are talking on.

I just tested and I only receive an op0 (dispatch) with t "VOICE_STATE_UPDATE":

{
  "op":0,
  "s":9,
  "t":"VOICE_STATE_UPDATE",
  "d":{...}
}

I'm not sure what you're talking about. The OP code used by the voice gateway has nothing to do with VOICE_STATE_UPDATE. They are completely different gateways with completely different OP codes. You will not receive a VOICE_STATE_UPDATE in the voice gateway.

ah, yeah, I see what you mean now. Yep, my mistake!

@nekokatt I would love to verify the http request before it's sent but sadly some http libraries aren't verbose enough to let you take peak before it's sent. This is however a minority but it having a verification step might stop those libraries unless it's skippable and if it is it then many would skip it for performance. The library does a test for the http request with discord at the very start using the get gateway request. I am aware that that doesn't cover the headers or body but Discor...

surely its just a case of validating your inputs. If you cant validate stuff like message length before sending, thats an architectural issue

@nekokatt I'm unsure how night is actually ignoring anything. The reason you wanted to document which endpoints support X-Audit-Log-Reason is because not all of them did in reality (at least, that's what I gathered) -- but twice thus far it's been said that all endpoints that create audit log entries should support it, and that any endpoints that act to the contrary should be reported.

If you'd like to document which endpoints create audit log entries, and maybe along the way figure out ...

@nekokatt I'm unsure how night is actually ignoring anything. The reason you wanted to document which endpoints support X-Audit-Log-Reason is because not all of them did in reality (at least, that's what I gathered) -- but twice thus far it's been said that all endpoints that create audit log entries should support it, and that any endpoints that act to the contrary should be reported.

If you'd like to document which endpoints create audit log entries, and maybe along the way figur...

Sure we can check and make sure that data going into a HTTP library is garbage or not. But that doesn't mean that the output will be valid that the HTTP library is valid.

So the issue is that your HTTP library doesn't send well formed HTTP requests?

The library is modular, we don't know which HTTP library is being used. We have libcpr which uses libcurl as the default. But users are using other HTTP libraries that are more suited for their needs.

@andersfylling have you changed anything on your end (like the version you send) prior to seeing this?

I dug into it a big yesterday and so far haven't seen anything that would explain a change here. I suspect we've always been sending a float for heartbeat_interval for v >= 4 and that either we need to update the docs to say it is a number that might be a float or actually start sending an integer to respect what the docs say.

This sounds more like a bug than something we should document. Can you refrain from opening PRs with changes like this? In general, if we've not said something is working as intended, it's best an issue is created alone.

The intents are listed on the Discord docs as such:

GUILD_MEMBERS (1 << 1)
  - GUILD_MEMBER_ADD
  - GUILD_MEMBER_UPDATE
  - GUILD_MEMBER_REMOVE

https://discord.com/developers/docs/topics/gateway#gateway-intents

To clarify what I mean by "sub-intents", I am referring to the dashed elements under the main intent group "GUILD_MEMBERS" in this example.

The intents are already very beneficial for improving performance, but if it were possible to subscribe to those in...

the voice servers are handling this fine, but we have a firewall on cloudflare which looked to be doing a case sensitive check. i modified this rule, which should have fixed this. can you confirm?

as for the port being locked to 80, that's most likely a bug. our clients rewrite this to port 443, but obviously we do not want you to connect on port 80 and this should return 443. I will see if we can get this updated to the correct port.

Fun fact: this port 80 has been returned by the API for at least 4 years.

Resolves #1510

Bots are able to use those 2 endpoints listed. More information in linked issue

(p.s. this is my first pr on the docs so if I did anything wrong pls let me know ta)

Thanks for the PR! I think we just want to confirm with @jonzlin95 that whatever behavior we may need to change internally before we make it too public is done (that he was referring to in that issue).

I assumed I was fine to make the PR by the label that was applied yesterday

Oh no yeah that PR is totally fine, I just mean before we hit merge and deploy it :)

You're missing a | here at the end of this line and the type of a snowflake id should be snowflake here as well

it would be more consistent to type snowflake ids as snowflake rather than string

Will get to these tomorrow morning

I'm trying to get a token to create a webhook for a user in a React app, using the following flow.

User clicks "create webhook button":

opened = window.open(
        'https://discord.com/api/oauth2/authorize?client_id=715023697244717107&redirect_uri=http%3A%2F%2Flocalhost%3A3000%2Fwebhook&response_type=code&scope=webhook.incoming',
        '_self'
    );

The user chooses a server and channel then is redirected to the endpoint in the Redirect URI

Then the respon...

The documentation is very explicit in the format required for the request, putting the following in a big yellow box that can be seen as soon as going to the OAuth2 page:

In accordance with RFC 6749, the token URL only accepts a content type of x-www-form-urlencoded. JSON content is not permitted and will return an error.

Here, you're sending JSON content, which is exactly what the docs warn against. This repo isn't the best place for general debugging help; feel free to joi...

Currently only requests which are authenticated as a bot can specify this header, so it is ignored if you delete the webhook by its url.

Currently only requests which are authenticated as a bot can specify this header, so it is ignored if you delete the webhook by its url.

Does this not arguably muddle the definition of which endpoints accept the audit log entry reason header a bit in a way that might justify explicitly explicitly documenting which endpoints accept the reason header as these do fall under the rule of any endpoint "that results in an audit log entry" accepts this header while also being an exception to sai...

Closing.

The issue (aside from using the wrong content-type) was Javascript was capping the integer client ID. You must make sure the client ID is a string when using it in javascript.

Also just a question around some odd behavior that I've just discovered around using these endpoints while declaring a bot token as authorization as to whether this is intended behaviour or not.

When declaring a valid bot token in the authorization header these endpoints seem to not totally ignore the bot's authorization, leading to it accepting the reason header and showing the action as being done by the bot in the audit log entry regardless of whether the bot is in the guild the webhook...

the voice servers are handling this fine, but we have a firewall on cloudflare which looked to be doing a case sensitive check. i modified this rule, which should have fixed this. can you confirm?

as for the port being locked to 80, that's most likely a bug. our clients rewrite this to port 443, but obviously we do not want you to connect on port 80 and this should return 443. I will see if we can get this updated to the correct port.

The dev who opened the issue asked me to say t...

Issue related to #1690

The voice server update payload may contain a endpoint with an invalid url on the form: eu-central396.discord.media:80 which is wrong as it should be prepended with wss:// and will fail when connecting.

https://github.com/discord/discord-api-docs/issues/1689#issuecomment-634966280 👀 hopefully it's fixed soon.

I can't run my discord bot online since this morning because any of the tokens I provide work. It had never happened before and I don't know what's the issue.

Currently, a bot is able to use emotes from servers it's part of, as they get Nitro perks for emote usage.
This is super helpful for some things like welcome messages, reaction menus and the like.

However, bots are limited to emotes from servers they are currently in, so these features will break if say a user with Nitro wants a welcome message with emotes from their servers that the bot isn't in for instance.

The current 'solution' for this is to create a dedicated emote server (or mo...

1. This isn't support for d.js
2. This isn't really related to the API
3. Reset your token, and contact support if it continues to not work.

Title summarizes. When you go to server settings and copy the JSON API link it copies as discordapp.com instead of discord.com and it returns [ Widget Disabled | 50004 ]

It shows whatever domain you're using Discord on; if you use the web version it's discord.com.

If it says Widget Disabled, then you probably have the Enable Server Widget option off (or just turned it on, it might take a while)

Yeah, now that you mention it I do believe that I upgraded from v3 to v4. I must have followed the docs and assumed v4 to have the same data type. Causing me to wonder when the data type had changed.

Running endpoint on /guilds/:id/messages/search with invalid IDs for author_id or mentions params returns all messages instead of none. So far I've only been able to check this on canary, I haven't been able to check if this is the same via the api from my bot, though looking at the api response, it does look like it'll respond with the same thing

Bots cannot use the search endpoint.

Ok well it's still an api bug since it shouldn't be returning all the messages

I don't think this can be reproduced from the client? looks like if it can't find the user, it just includes the provided tag in the content

I'm able to reproduce this in the client with any user id that's not in the server. I was under the impression this issue was reported over at Discord Testers however

I did this with guild/channel/emoji IDs and 123456789012345678 as well, so it just seems like any "possible" id

Prepending this in the API with the wss:// would break every existing JDA bot. We prepend it in code and it would result in wss://wss://eu-central396.discord.media/?v=4.

They probably mean that when the user/lib adds wss://, it will break when trying to connect to port 80.

my voice implementation just removes the :80, while that was never instructed or documented it has always worked for me

This would be pretty helpful for me, as I don't ever need to check message updates but they're the 2nd most common type of event I get from the gateway (about 40 per second on my bot)

maybe a system similar to how you can subscribe to events with RPC
or just use bitwise operators like existing intents.. dunno

It looks like Discord doesn't send messages when it receives a Github package webhook.

Ideally, it would look something like this (table represents embed fields):

Package published
{payload.repository.full_name}

Name	Version
{payload.package.name}	{payload.package_version.version}

Published example:

Headers:

Request URL: https://discordapp.com/api/webhooks/***/github
Request method: POST
content-type: application/js...

Kinda it would be really good if it was only available to bots that are verified or have gateway intent privileges...
I've been working literally 3 and a half weeks on my userinfo command and got the normal badges done except for the nitro badges... Which i really want, so i would like to see this feature added to verified bots and bots with gateway intent access

I don't think this should be available outside of the way to get this information already - with the identify oauth scope

As the title says, in the gateway's documentation of the guild members chunk, the chunk_index's description has < instead of <. It can be seen here: https://discord.com/developers/docs/topics/gateway#guild-members-chunk

Not sure what's the desired solution since it looks fine on GitHub (see https://github.com/discord/discord-api-docs/blob/master/docs/topics/Gateway.md#guild-members-chunk). I can make a pull request if you have a solution in mind that I can do (idk if you want to cha...

This was already fixed, which is why GitHub looks fine, in #1682.

That makes sense and explains why I didn't find it while searching. Sorry!

I have an existing Discord OAuth application used purely for creating an account in a 3rd party website.

Everything used to work perfectly fine until today (I think).

All of the sudden, I'm getting "invalid_request" "Missing "code" in request." error every time I try to validate the code for OAuth.

I'm unsure why it's saying "missing" because I'm clearly sending the code in the post url.

This is the API path I'm using:

https://discordapp.com/api/oauth2/token?grant_type=authoriz...

Your OAuth2 implementation is incorrect. As the documentation states in https://discord.com/developers/docs/topics/oauth2#authorization-code-grant, you should be sending a POST request with a content-type of application/x-www-form-urlencoded. You are sending the parameters in the URI instead of in the body (where they should be).

The acceptance of these values in the querystring was a bug, and is now fixed from a library upgrade. Please refer to the RFC specification for more information: https://tools.ietf.org/html/rfc6749#section-4.1.3

Hello, my web app recently stopped working because of the bugfix that allowed values passed in from the URL to work when exchanging for an access token.

I was instructed to pass the parameters into the body, and I did as such

This returns a 400 bad request, with no indication of which field is invalid.

I'm not sure if it matters, but my loginURI is as such:
https://dis...

@night Could you please elaborate for me? Which library do I need to upgrade?

try changing new URLSearchParams(body) to just body.

BTW, to get help, first ask in the official Discord Developers or unofficial Discord API servers.

try changing new URLSearchParams(body) to just body.

BTW, to get help, first ask in the official Discord Developers or unofficial Discord API servers.

I've also asked, and still have not found a working solution. I even copy/pasted the working solutions that some have had using Node, but it seems like I'm missing a step somewhere.

Discord updated a library they use to fix this bug; you need to send the values in the request body instead of as query strings in the URL as Sei4or said.

What does the body say? How old is the code you're testing with?

The code is just a few months old, but since I was passing in the values through the URL, I had to make it so that it passed it in the body instead.

The body has all the fields needed, but for some reason it just gives me a 400 without specification of why it's failing.

I see, thank you.

this will be fixed in the next api deploy

code being the code returned from authorization. codes expire shortly after their generation, so if you're testing with an old code, it will always error.

body being the response body our server gives you, not the request body. the response body will tell you what in your request is incorrect.

Solved it. It appears I was passing in the URL-encoded redirectURI instead of the plain URI.
I forgot I had two variables:

One encoded-redirect URL
and one plain URL.

I feel stupid now.

Thanks for all the help regardless!

If it's available to any user, i don't see why it can't be for bots. It's basically forcing people to use selfbots just for nitro check

This could also possibly be sent as a message through the official Discord account that notified us about bots being eligible for verification.

It shows whatever domain you're using Discord on; if you use the web version it's discord.com.

No sane person uses the web client and instead uses the desktop client, you cannot set which domain you're going to use on the desktop client,at least if it is not modded. It shows the discord.com domain on iframe and discordapp.com on json, if it were to actually use the domain that the person is using it wouldn't act like it has bipolarity.

Discord doesn't take bug reports from testers server,...

For me, both the "json api" and the "premade widget" fields use canary.discordapp.com. The desktop client using the discordapp.com domain isn't really an API issue.

As an aside, if this could be achieved with webhooks as well, that would also be great

Having the same problem here. It's really awkward behavior.
Couldn't you add some flag to the embed to make it at least easier to check against?
Checking for domain isn't that consistent, with the domain change etc.

Yes @aidangoettsch I will document the changes.

They will be minimal for these API docs as v5 was created for a feature for server video.

https://github.com/Rapptz/discord.py/issues/4154

guild api call fetch emoji doesnt return managed emojis ie, twitch subscriber emojis are not returned yet, guild.emoji contains the twitch subscriber emojis

WAYTOODANK

Fetching a specific emoji, or just fetching the guild object? There isn't a separate endpoint to only fetch all guild emojis, there's only the Get Guild endpoint which should include all in the emojis field.

There is an endpoint which the library in question uses: https://discord.com/developers/docs/resources/emoji#list-guild-emojis

@advaith1 fetching all guild emotes.

oh why is that in the emoji page instead of the guild page

why cant you just use Get Guild and check the emojis field? is that missing something you need? you said "yet, guild.emoji contains the twitch subscriber emojis" so that seems to be good?

yes guild.emojis seems to contain the twitch emojis, but when you query it from discord they are not on the force fetch.

Can you compare the direct responses of the List Guild Emojis endpoint and emojis in the Get Guild endpoint? the emoji-specific endpoint might just be there for backward compatibility or for settings in the client, if you can get all of them from the Get Guild endpoint then you can just use that

Currently, the IPC api is in use by the GameSDK, but is not mentioned at all in the API docs. The console messages from the client show that the GameSDK uses the IPC api. On the discord API docs, only the deprecated RPC api is documented. The GameSDK is awesome, but I think letting people interact with the IPC api would be better.

When using the Create Channel Invite endpoint. The documentation (and the endpoint) state that you can only pass 1 to target_user_type.

{
  "code": 50035,
  "errors": {
    "target_user_type": {
      "_errors": [
        {
          "code": "BASE_TYPE_CHOICES",
          "message": "Value must be one of (1,)."
        }
      ]
    }
  },
  "message": "Invalid Form Body"
}

But when I try to use it setting it to 1, this happens:

Target: `https://discord.c...

Nothing is wrong with target_user_type. You get this error, because you do not pass a target_user_id field with it, instead you use target_user.

The docs probably mention that field badly.

the docs say the field is target_user and don't mention a target_user_id anywhere
https://discord.com/developers/docs/resources/channel#create-channel-invite

The docs are wrong.

ola

boa tarde

stop opening random github issues

If it's available to any user, i don't see why it can't be for bots. It's basically forcing people to use selfbots just for nitro check

Although I understand your point here, this simply isn’t true. Yes, it is available to users, and yes it should be available to bots the same way (in my opinion - read my other posts for more detail on my split thoughts), however this does not in any way promote self bots. Rather than using a self bot people Would simply... not use the info. I highly dou...

Fixes: #1705

The REST endpoints to retrieve messages will only provide user information for guilds. This means it requires an additional request only to get the member information such as roles and the nickname. Stateless bots would greatly benefit from the member being included for both the author as well as the mentions. Potentially, this could be done using a query parameter such as include_members=true or similar.

I know bots won't be able to "Go Live" themselves, but would a way to get information about another user's stream be possible?

It would allow bots to get, for example, the amount of users watching the stream, who's watching etc. This could make it easier for bots to reward active streamers in the guild.

The main issue is that there is a bug in the app where in the discord emoji button gets a bit lagged. It follows a particular pattern happens on an occassion of 4-5 times later when the button is used . The thing is whenever I may have used the button it works simply but after using it 4-5 times the discord app gets hanged and then I need to close the app and reopen it after 5-6 minutes

Please submit this issue to https://discord.gg/discord-testers. This repository is reserved for Discord API bugs.

Looks like bots don't have access to create, edit, sync, or delete templates, or get the template from a server id.

Hello 👋

I was hoping to request the ability for bots to be able to enable/disable whether a user's activity or custom status shows in a server. I don't mean modifying or deleting the activity itself but a toggle to just set it so it does not display to users.

Use Case:

On an official game's servers, it's a bit silly to have users promote/advertise a competitor's game/server. Bots can already read and process user activities and custom statuses. They could be run through a filter and...

Boa noite a todos

As it's most likely already known, there's an endpoint which allows you to view which members boosted the guild, and how many times.

• guilds//premium/subscriptions

Sadly, this is a user-only endpoint, however I wonder if it'd be a good idea to open it up to bots;
I, personally, would like to retrieve this sort of data for my bot, but sadly cannot. I'm not entirely sure how many other individuals agree here, or are in the same situation. The only work-around for this would be to use a...

Not really an API related issue.. however that feature was suggested here: https://support.discord.com/hc/en-us/community/posts/360054590271
🤷‍♀️

I think this is a API request because I would want this controlled ideally through a bot which could filter those status/activities. You don't just want to disable everything. You just want to disable certain ones and imo thats best handled by each bot which can be customized per server on which statuses warrant disabling

We have no plans to allow for the individual moderation of custom statuses. Either kick the user, ask them to remove their status or don't hoist them to the top of the member list if you don't like their status.

@jhgg Could you please elaborate on why? I am really curious why this part is not moderated. I don't believe any of the three provided solutions are good.

Kicking the user for playing another game is not a good solution. Just because a user plays another game does not mean they are not a good/active/healthy user of this server. They should not be kicked because they played another game.

Asking a user to remove a status isn't really a valid solution either imo. What's the point of any mo...

My question is, why is it such a big deal that someone can't be shown playing another game? Why are we considering one game to be a competitor to another? I thought games were supposed to be fun, something to enjoy and share with others, not something that you're supposed to compare to one another like you would with sports teams.

And anyways, if you're concerned about games being "advertised" on the server, wouldn't you be better off moderating the text/voice chat, and weeding out adverti...

On servers I moderate, having an invite link in your username, nickname, status, or message (if the message is an advertisement) is all the same - either don't, or you get kicked/banned

I'm not sure why you would want to moderate on individual games, though. Maybe because of NSFW content in the RP?

| source_guild_id         | snowflake                                                        | the ID of the guild this template is based on |

| code                    | string                                                           | the template code (unique ID)                  |

Represents a code that when used, creates a new guild based on the template data.

| serialized_source_guild | partial [guild](#DOCS_RESOURCES_GUILD/guild-object) object       | the guild this template is based on           |

IMO that wording seems to imply that the template is an individual thing with its own separate data, while it's actually just a server's data.

A server template can go out of sync with a server's data. Try creating a template in a server than adding or removing a channel. This means that they do include their own data.

Would it be possible for purge events to be added to the gateway? This would be a way for bots to know when a purge is in progress to temporarily pause some functionality such as audit log based kick detection or leave messages.

Purges on small servers usually do not have a big impact, but if a big server purges thousands and thousands of people over several hours. Being able to reliably know when a purge is happening to disable audit log checks or goodbye messages would be a good way to h...

is there any update on this? having a dedicated kick event would allow bots to rely on that instead of having to poll the audit logs every time someone leaves

@LikeLakers2 Why does any server have rules against having other discord servers invite links? That same logic applies to that as well. Server are supposed to be fun, enjoy and share with others.

When it comes to an official server for a game, it's business. Also, custom statuses/activities is word of mouth marketing.

@Mee42 I don't really want to moderate an individual ...

Just make your game the best one so that everyone plays it.

What a needless conversation to have. The cost it would take Discord to make this 'feature' is way more than it will ever be worth to anyone. If a server has enough members for you to have to scroll down to read them all, 99% of your users will never have their status read. It's silly to even ask for this. People play games, let them play in peace. If someone's on the server enough to even see that someone's playing a specific game a lot, they're already engaged with your content enough that ...

@SinisterRectus That's not really a solution to prevent ads.

@Flamanis Please re-read the messages as this isn't an issue about reading every users status.

Jake didn't say it wasn't possible, he said it wasn't planned. Furthermore, the stern first sentence should be enough of a clue that this is very likely not going to see any traction here. Could have just left it in limbo as well. I'd be glad there was any response at all so that you can plan more effectively for the future.

Also the way I see it, this is only specifically an API feature request after there's already a system in place to do the kind of status hiding that you want, whic...

If you have a big enough server, you could possibly dehoist users with banned games while they play the game.

But again, what's the harm of people playing Minecraft on your Animal Crossing server?

I am occasionally receiving HTTP response code 403 and body error code 50001 when trying to get a single "guild's" member. The following is the request I'm making (via Ruby HTTParty):

res = HTTParty.get(
  "https://discordapp.com/api/guilds/#{server_id}/members/#{user_id}",
  :headers => {
    "Authorization": "Bot "
  }
)

The request happens across multiple server IDs and user IDs, but whenever the error occurrs, it's possible for the same user to perform the same ac...

Requesting the /channels/:id/message endpoint with the query params around or before as an integer will not throw 400.

In this request I can set after to 1 to fetch the first message of the channel:

GET /api/channels/581635926757998613/messages?after=1&limit=1 HTTP/1.1
Authorization: Bot NTUxODI3ODI2MDQzNjUwMDQ4.******.***************************
Host: discord.com

snowflakes are bigints, so this is technically valid.

50001, INVALID_ACCESS, occurs when your bot does not have permission to perform this action. In this case it would seem your bot is not a member of the guild when you get this error. It could be someone joining/removing your bot from the guild

Not completely sure, but shouldn't you be using the api versions? /api/v6/guilds and not /api/guilds. Also, consider moving the api url to discord.com since that's rolling out in the future.

@mr-tech summarized it well. The effort to value ratio here is way off. This is easily a 2-4 week project and I don't think it's worth doing.

Server owners, including the official Discord Developers server, have rules that disallow certain user names and if a user name violates such rule, the moderation will force change their user name.

If that's possible, force changing / removing a custom status should also be possible for moderation purposes. I don't want to have people in my server who use their custom status to harass people, for example.

This issue has been resolved. We independently discovered that our bot was not present in the guild, so @night is correct. Might I request some further documentation for the error codes, such as explanations of how and when 50001 can occur?

I am building an application that uses discord for quick sign up and would like to add a feature to find and sync friends from discord, however, I couldn't find any information about the whitelisting in the documentation, what are the requirements and process for getting whitelisted?

Appreciate the desire to do so! Right now it's in private testing, and while we'd like to roll it out later, we aren't quite ready to do so yet.

Since Bulk delete actions are also logged in the audit log now would it only be logical to allow setting an audit log reason for the action.
That way could moderation bots much easier tell the reason of why messages where deleted and moderators could give a reason as to why they deleted the messages through the bot.

In addition, would it also be beneficial to log bots deleting messages of other members.
The Audit logs right now do only log it, when a normal user (moderator) deletes the m...

Submitting an array of snowflakes IE [ '496291897296551958', '496338713115361289', '717324717555712050' ]
returns a 400 with the error body
{ include_roles: [ '0' ] }

What do we need to include to get this working?

They are passed through an url parameter.

To prune for 30 days with the role IDs you provided it would be:
https://discord.com/api/v7/guilds/<guild_id>/prune?days=30&include_roles=496291897296551958&include_roles=496338713115361289&include_roles=717324717555712050

They are a querystring parameter for GET, but should be passed in the body for POST.

Would be very useful for bots to be able categorize users based on boost count, boost length, etc, etc.

Query params have worked with POST for me. Is this intended?

This seems like a duplicate of #1182. I'd recommend showing your support over there if you have anything to add to that discussion.

See also #1172, which has some other relevant discussion about the booster role.

It is more intuitive to subscribe to specific events rather than these intents. Given the number of events can each reserve a bit position (bit flag) in a 64 bit integer with room to double (?) the number of events, it would be great to see that change in v7.

However, the current set of events does not separate "direct message" related events from "guild related" events. If I were to make a change here, I would simply give the "direct message" events different bit flags from the "guild rel...

Hello,
we are not able to mark images as spoiler on mobile devices (like the desktop feature).
Can someone make this features please ?

This repo is for discord's public API, for client feature suggestions try https://feature.discord.com.

Ah sorry

@msciotti it OK, that now for users locale returning null?

OAuth stopped working May 29th on my site. After investigating I found that the API was returning a error not seen before. Nothing changed on our end as far as I'm aware. I added a screenshot of a POST request that I made and the error the API returned. You can clearly see that the 'code' field that the API says is missing is in the request.

You need to send those in the POST Body, not the querystring params.

Is that a recent change? Did I miss an update?

It was a fixed bug; see #1701

Thanks for your help!

I had this same problem, so I tried to switch all url parameters to the request body and add the header 'Content-Type': 'application/x-www-form-urlencoded'. Now I am getting the following error back:

data: { error: 'invalid_grant' } }

Strange that the same parameters seemed to work in the url, but now that I try to pass them as request body, it doesn't work anymore..

You are probably sending them incorrectly. Make sure you use the http client properly such that you're not sending json by accident. You can use requestbin to test what you're sending. It should be a body that looks identical to the query like redirect_uri=...&code=...

Member Updates don't seem to include joined_at.

If this is intended, it might be worth documenting it.

I was looking at the wrong object, sorry

According to the docs on establishing a voice connection (here), you should receive two events from the gateway, a Voice State Update, and a Voice Server update, both events are needed to establish a voice connection. However, if the current user is using intents and the intent GUILD_VOICE_STATES is not specified, then the Voice State Update containing the needed ses...

The session_id in the voice state is always identical to the session_id you receive with the READY event.

The session_id in the voice state is always identical to the session_id you receive with the READY event.
That is good to know.

The docs say we are supposed to wait for both events before attempting to connect. If I use the session_id from the ready event, is it safe to connect to the voice gateway after only receiving Voice Server Update since I will not receive the Voice State Update.

is it safe to connect to the voice gateway after only receiving Voice Server Update since I will not receive the Voice State Update.

Yes, I think that should be ok. But I agree that the API should send this event regardless of intents, just like member events for the bot.

const Discord = require('discord.js')
const Client = new Discord.Client()
const Constants = require('discord.js/src/util/Constants.js')
Constants.DefaultOptions.ws.properties.$browser = Discord iOS
Client.on("ready", () => {
console.log("Loading status..")
Client.user.setActivity(!help for commands, { type: 3, browser: "DISCORD IOS" });
});

I'm in the process of adding support for the available flag of the Emoji Object to the JDA library.
But for that to work would I need to know, if a GUILD_EMOJIS_UPDATE event is fired when the boost level (boost tier) changes (i.e. from Level 2 to level 1)

Not sure why there is a sentence about contacting discord staff for viewing store page since it's visible by making a store channel. Replaced it with info about making a store channel.

You don't have to make a store channel; if the store page is enabled in the developer portal, then you can just click the "open store page" button and it will open the direct page.

Just to tac onto what Advaith1 inputted, A store page can be viewable externally via Visit Store Page hyperlink in your SKU settings:

Night has made a statement regarding it previously: https://github.com/discord/discord-api-docs/issues/1640#issuecomment-634344176

Thanks for letting me know that. Just added it in the pr.

for example, the VoiceState docs do not reference the VoiceState.self_video? property.

I think this falls under issue #1647. The v5 for voice is mostly for video.

These are inverted

| id    | snowflake | the id of the user this nickname is applied to |
| nick  | string    | the user's nickname                            |

ive been running this bot 718935686941638709 on my pc for a few days, but at which point it started throwing invalid token errors.
I've regenned the token, multiple times and I've tried other code and other bots. It all works apart from this bot app.

I'm not really sure why this is happening and there is no chance of a token leak

Mate your bot just probably banned.

Mate your bot just probably banned.

i have not got an email though? i dont know why it would be it wasnt doing anything when it got banned?

Mate your bot just probably banned.

i have not got an email though? i dont know why it would be it wasnt doing anything when it got banned?

That is just my hunch. Without any details I can't guess any further.

Mate your bot just probably banned.

i have not got an email though? i dont know why it would be it wasnt doing anything when it got banned?

That is just my hunch. Without any details I can't guess any further.

What should i do?

wait for a dev to check and respond

ok thank you, will they be able to tell me why it was banned if it turns out it was banned

Im new to all of this so i dont want to be breaking rules, ive made sure im not spamming the api (i think,,,)

yes

Hello My account has been hacked and the person has activated The two Factor authentification on it. Is there any way to find my account?

Hello My account has been hacked and the person has activated The two Factor authentification on it. Is there any way to find my account?

contact discord support

Hello My account has been hacked and the person has activated The two Factor authentification on it. Is there any way to find my account?

contact discord support
I already contact him but im still waiting
🙂

Hello My account has been hacked and the person has activated The two Factor authentification on it. Is there any way to find my account?

contact discord support
I already contact him but im still waiting
🙂

patience

Hello My account has been hacked and the person has activated The two Factor authentification on it. Is there any way to find my account? The password and the e-mail are the same .

Contact Discord Support, wait, and don't hijack a random issue.

how long does it usually take to hear back from a dev?

And if i were to make a new bot to test on would that get me in trouble?

Will i ever get my bot back?

I'm not sure, shouldn't chanel_id be channel_id?

| Channel Icons          | channel-icons/[channel_id](#DOCS_RESOURCES_CHANNEL/channel-object)/[channel_icon](#DOCS_RESOURCES_CHANNEL/channel-object).png                                                                                                            | PNG, JPEG, WebP      |

?

#1727

I'm not sure if we want to do this quite yet because we don't officially support guild video for bots. I'll check

Apologies in advance for writing so much - I just want to make sure I've noted everything that might be relevant.

I've got a channel where members are denied the "add reaction" permission. A user with the permission has added reactions (paintbrush, clock, and zero in that order - all Unicode emojis) to that message, so that any user is able to add those reactions to that message. The system I have set up on my server is that when a user adds a reaction, my bot removes their reaction from...

I'm not sure if we want to do this quite yet because we don't officially support guild video for bots. I'll check

I just want to point out that self_stream is documented (https://discord.com/developers/docs/resources/voice#voice-state-object-voice-state-structure)
And bots can't stream either.

Hi, if I post my website link in my Discord server, it doesn't show as embedded (it works correctly with other websites). It doesn't embed any of the links of my website http://1up.wtf What could be the problem?
All the options to embed links are enabled in Discord and the website metatags are correctly set with Open Graph. Thanks!

Your host is returning us:

<html>
    <head>
        <meta charset="utf-8">
        <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
        <link rel="stylesheet" href="https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css" integrity="sha384-ggOyR0iXCbMQv3Xipma34MD+dH/1fQ784/j6cY/iJTQUOhcWr7x9JvoRxT2MZw1T" crossorigin="anonymous">
	<script src="https://www.google.com/recaptcha/api.js?render=6LdZXJwUAAAAAE1ERIs8cDyw2wNhHNuM...

yes it should, though there's no guarantee it will occur since it's a side-effect task.

"intended" probably not, but due to the way the endpoint is built it works.. as always, you should implement according to the documentation as it may break if you don't

your bot was actioned by trust and safety, so you will need to reach out to our trust and safety team to appeal this: https://support.discord.com/hc/en-us/requests/new?ticket_form_id=360000029731

you should implement according to the documentation as it may break if you don't

I can't find where the documentation suggests it should be sent in the body, could you point it out? I think the problem of this issue was more that its not clear what "array" means for a query parameter.

my bot removes their reaction from that message and then processes whatever it needs to, so that only one reaction (the bot's) is on that message at any given time.

can you provide the exact API calls you perform for this operation? we have a service we recently deployed which optimizes message + reaction loads, which could be related. it's possible the act of deleting reactions somehow causes some sort of data race

you're right. that's not great, and the docs on these are wrong. will push some improvements + make sure we're allowing comma separated ids on the qs (which is what we do elsewhere).

Doesn’t the gateway drop self_video and self_stream in voice state updates and pretend they are false? Maybe you should add that.

I'm using the Discord.py library so according to this line, I'm running DELETE /channels/:channel_id/messages/:message_id/reactions/:emoji/:member_id, which the bot does every time it receives a reaction event referencing that message. I'll pull up the exact logs for you when it happens again - I don't have them to hand right now.

I don't have a channel/message ID at the moment sinc...

This object is the voice state you receive from other users; there's a separate object for sending the bot's voice state which does not contain self_stream or self_video

Oh, I see what you mean. NVM then, yeah this should be documented as all the voice state events for other users do contain self_video as a property.

I found this bug on Discord, according to the attached image. The bug appears when i open Discord on my cell phone and when i open it, if i try to enter a call, this bug appears. It also appears when i try to enter a call, even if it is not when i started the application.

My device is a Samsung a10.

My Discord is мℓ Fallen Angel 私#0666.

My ID is 611218831670640680
![Screenshot_20200608-224707_Video Player](https://user-images.githubusercontent.com/66654916/84099528-337fbf80-a9e0-...

this repo is only for Discord's API; for client bugs go to Discord Testers

this repo is only for Discord's API; for client bugs go to Discord Testers

Ok

Just wanted to verify:

1. you aren't removing the original reactions. just the ones that are added by users after the initial reactions
2. When did this start happening?

this is fine to document - we officially launched server video. the prior objection when this was tried to PR earlier is that we did not launch server video yet!

57396d6 Document self_video (#1729) - advaith1

I'd rather just attach a purge=true to the guild member remove event tbh.

you aren't removing the original reactions. just the ones that are added by users after the initial reactions

That is correct - the initial reactions from the bot are always present on the message.

When did this start happening?

The earliest date I've had reported to me is on May 26th, though that's just the earliest reported time for a relatively small bot of mine. I'd guess that the earliest time of this happening is the 24th, though my earliest confirmed time is the 26th.

What's the current status on this feature? Is it being implemented any time soon? I currently have a usage for the boost role in my economy plugin, but I do not have a 100% certainty that the retrieved role is the booster role.

Fixed a small spelling error that caught my eye.

Any ideas on how to fix please?
Thanks for your help!

Scarica Outlook per iOShttps://aka.ms/o0ukef

Da: Zack notifications@github.com
Inviato: Tuesday, June 9, 2020 1:49:58 AM
A: discord/discord-api-docs discord-api-docs@noreply.github.com
Cc: Francesco f.foresta86@gmail.com; Author author@noreply.github.com
Oggetto: Re: [discord/discord-api-docs] Unable to embed links of my website (#1731)

Your host is returning us:

<html>
<head>
<met...

You would have to contact your host and ask them to remove the captcha block for Discord to see your site.

Thanks so much guys!

Scarica Outlook per iOShttps://aka.ms/o0ukef

Da: ariel w. notifications@github.com
Inviato: Tuesday, June 9, 2020 8:30:24 AM
A: discord/discord-api-docs discord-api-docs@noreply.github.com
Cc: Francesco f.foresta86@gmail.com; Author author@noreply.github.com
Oggetto: Re: [discord/discord-api-docs] Unable to embed links of my website (#1731)

You would have to contact your host and ask them to remove the captcha block for Discor...

Sorry to bother you again.
We have identified that our host was placing a CAPTCHA in front of our website. This has now been disabled and so traffic from discord.com should no longer be blocked by CAPTCHA.
Could you please check again and let us know if it is still running into stackProtect?
Thanks again for your help :-)

you mention that:

so that only one reaction (the bot's) is on that message at any given time.
Are there then 2 reaction on the message?

• One from the user with permission to add emojis, and
• another from the bot?

Or is the bot the one that adds the emojis?

Sorry to pry but need the get specific this bug is nuanced.

The bot is the only one that adds reactions to the message. Any other reactions, the bot will remove.

No need to apologise - I understand. I'm still yet to have the issue repeat again so I still can't link you to any specific messages, but I expect it to happen again within the next day or so.

@4Kaylum when it does happen could you ask the user:

• what emoji count they see
• try again 3 secs later, if that doesn't work refresh their client and repeat ^?

To add to sam's response, if the refresh their client and the reactions are still on the message and they are unable to react we'd need to have the channel id + message id so we can query the service directly to see why inconsistent data is being retrieved.

Your host is still returning us this same error.

Improper token has been passed.

You're putting your client secret in. You should regenerate that and then go into the bot tab and use the bot token instead. Never share your secret or token online, like this.

Thanks Zack, I'll check again with the host. Is there a way for me to generate the same report in order to see the error so that I avoid bothering you every time?

Along with what Minn said, for support with discord.py (and not discord's raw api itself) you should goto the discord.py support guild at https://discorg.gg/dpy rather than this repo for Discord's raw api.

You're putting your client secret in. You should regenerate that and then go into the bot tab and use the bot token instead. Never share your secret or token online, like this.

You're putting your client secret in. You should regenerate that and then go into the bot tab and use the bot token instead. Never share your secret or token online, like this.

Okay Sorry
But how to solve this problem ?

• Go to https://discord.com/developers/applications and click your application.
• Under the "Client Secret" option, click Regenerate - since it's been posted online, you'll need to reset it.
• Now on the left side of the page, click Bot.
• Find the link that says "Click to reveal token" and click it.
• Use that value to log in to the bot.

• Go to https://discord.com/developers/applications and click your application.
• Under the "Client Secret" option, click Regenerate - since it's been posted online, you should reset it so the old one isn't usable.
• Now on the left side of the page, click Bot.
• Find the link that says "Click to reveal token" and click it.
• Use that value to log in to the bot.

Thank you Sir/Madam problem solve

From our host:

https://ibb.co/pj8BBZG

it would probably be better to whitelist the discord user agent

@advaith1 We asked them and this is the reply. I'm really sorry to bother, but we want just to resolve this :-(

https://ibb.co/BKxnTkF

I had this same problem, so I tried to switch all url parameters to the request body and add the header 'Content-Type': 'application/x-www-form-urlencoded'. Now I am getting the following error back:

data: { error: 'invalid_grant' } }

Strange that the same parameters seemed to work in the url, but now that I try to pass them as request body, it doesn't work anymore..

Hey I had the same issue and here is an easy way to fix:

  let data = {
    'client_id'...

I'm using Java 14 and getting the issue too.
Private bot for 2 guilds only, around 100 users...

Like I get in the call I get in the game and sometimes it comes out that no one excludes from the call or I get out

This repo is only for the API. For other support, go to Discord Support

For the Modify Channel params table, it seems inconsistent to list all guild channel types for nsfw but only list voice for bitrate; iirc bitrate can be technically set for all channel types but they only affect voice channels, and nsfw can also technically be set for all channel types but only affect text and news channels. It would probably be better to only list the channel types which the param actually has an effect on.

The pseudocode for the permission overwrites says that a role has a allow and deny value but i only got one called permission.

Anyone please?
Thanks!

I think i spotted my error. I think that the pseudo code is really hard to read and missed something there.

same here, could someone help?

You can simply send the same presence again in some interval. That will ensure your presence doesn't get removed permanently.

I'm trying to add a bot integration that will allow me to remove users by email addresses, but as far as I can tell, the bot API doesn't provide a way to do this.

E.g. getting the list of members for a guild doesn't include email in the response, so I can't enumerate guild members to map an email address to user ID.

An alternative would simply be an API call to remove a guild user using the email address instead of user ID, so that I don't need to enumerate all guild members.

Such an endpoint would provide a means by which to discover a Discord user's email without their consent; this is a very explicit privacy concern on Discord's end. Retrieving a user's email can be done through OAuth2 with them explicitly authorizing your application to see their email (with the email scope). This requires the user's consent—this is a feature, not a bug.

If have error code 50007 in cmd how i change that to sent embed to that channel?

I know this error because user cloesd dm if cloesd dm how i sent message embed to channel?

reason: DiscordAPIError: Cannot send messages to this user
    at C:\Users\nawap\OneDrive\Desktop\Discord\bot all\emojibot\node_modules\discord.js\src\client\rest\RequestHandlers\Sequential.js:79:15
    at C:\Users\nawap\OneDrive\Desktop\Discord\bot all\emojibot\node_modules\snekfetch\src\index.js:215:21
    at processTicksAndRejections (internal/process/task_queues.js:97:5) {
  name: 'Dis...

Discord.js Verison 11.4.2

I know this error because user dm closed
if dm closed how i sent message embed to channel?

This is an issue for discord.js and not for this repo. You should take this issue to either their github or server.

There is no intention to build this. Leaking someone's email is a serious privacy violation and this provides venue to unintended information disclosure.

@foresta86 I don't believe Discord uses any static range of IPs. As far as I'm aware, Discord creates and destroys servers as they need them, meaning their IPs would always be changing, and any IPs that would always match all of them would probably match all of Google Cloud.

Your best bet would be to whitelist the user agent; then, if the user agent matches, you would return only the OpenGraph tags at the top of the page, which would prevent the rest of the site from bei...

Hello,
A bug report to let you know that between Jun 13, 2020 3:33:43 AM UTC and Jun 13, 2020 3:33:49 AM UTC, I've received 3 VOICE_SERVER_UPDATE with null endpoint which should not be possible.

Example:

{"t":"VOICE_SERVER_UPDATE","s":477069,"op":0,"d":{"token":"f8eb804ee40ebf3d","guild_id":"691022703368601651","endpoint":null}}

This has been an issue for a very long time. The gateway is supposed to send you a second VOICE_SERVER_UPDATE once it established an endpoint. If you get a null endpoint or invalid payload you should simply ignore it.

Endpoint: https://discordapp.com/api/guilds/{guild.id}/widget.png

Working:

(Discord Testers) (Created 6/27/2016)

Not Working:

(Test Server) (Created 6/13/2020)

Did you enable the widget in the server settings?

I was doing a private bot (721369935590326322) and I got banned after it joining my own discord server???

@jhgg can't you help me here, pal?

For support, you should use this form: https://dis.gd/support

and how can I do that, please help?

Hmmm. This hasn't been documented as nullable I guess. But a null means that the voice server you were allocated has gone away and we are trying to reallocate the server on our backend.

Fixes https://github.com/discord/discord-api-docs/issues/1739

why was this changed?

I would drop the "it should be ignored" recommendation and replace with "you should attempt to disconnect from the currently connected voice server, and not attempt to reconnect until a new voice server is allocated" or something to that effect.

Will a new allocated server be notified by a new voice server update event?

Found an interesting behaviour when executing a webhook with wait query parameter as true and with including an avatar_url within it's payload.

The response payload (payload from MESSAGE_CREATE dispatch event as well) will contain payload['author']['avatar'] as the webhook's...

If you're using discord.js, maybe try something like this :
`Client.once('ready', () => {
console.log('Ready!');

setInterval(() => {
    Client.user.setActivity(`${prefix}help`);
}, 60000); // every minute

})`

When making a PATCH request to https://discordapp.com/api/v6/guilds/{guild id}/vanity-url
with the body

{"code": "unclaimed_vanity_code"}

To a guild that does not have vanity invite features, the response is

{
  "message": "Invite code is either invalid or taken.",
  "code": 50020
}

instead of the typical code 50001 Missing access

@Noemai this is not what they are asking for, they are asking for a JDA way.

They never mentioned what lib, but lib support should be in the lib's server, not here

Couldn't you provide an API that returns OK if the email doesn't exist? That would prevent information disclosure, and allow me as an admin allow my automation tools to work. Discord is not my main identity provider, so there is currently no way for me to manage my Discord guild, as there's literally no way to map my membership list to Discord users. I want to be able to remove users removed from my team's membership.

As an alternative, is there a way I can automate a one-time invite to a specific email and get an id back that I can then store in my database, so I can remove users later?

Couldn't you provide an API that returns OK if the email doesn't exist? That would prevent information disclosure, and allow me as an admin allow my automation tools to work. Discord is not my main identity provider, so there is currently no way for me to manage my Discord guild, as there's literally no way to map my membership list to Discord users. I want to be able to remove users removed from my team's membership.

That's exactly information disclosure. You as an admin can see if that i...

As an alternative, is there a way I can automate a one-time invite to a specific email and get an id back that I can then store in my database, so I can remove users later?

you can force users to join the server through OAuth instead of an invite link, and collect their email from it

yeah i use py

what emoji count they see

I see one emoji on the message. When I try adding the paintbrush emoji to the message, it displays 2 briefly until it's removed again. The bot isn't removing this reaction - it doesn't receive the on_reaction_add payload.

try again 3 secs later, if that doesn't work refresh their client and repeat ^?

Trying again and refreshing the client doesn't change the issue.

we'd need to have the channel id + message id

719610039244947519-719610040142659717

not news about this?

Also, the Nitro Booster role IS marked as Managed in the API.

You can narrow it down by checking for roles that are managed, have more than 1 member, and if it does have 1 member, that member isn't a bot user.
This doesn't work all that well on partnered YouTube or Twitch channels with their roles also being marked as managed, however you could check 2 current boosters (with the least amount of roles) for any managed roles in common.

It would be useful to have a thing for this, would s...

Considering it's a spider, you could allow Spiders or allow "Discordbot 2.0" to bypass it

The auto-removal seems to be a result of optimistic writes (we assume the request will succeed, and then revert if we get a bad response). This could happen if the server is busy and the request failed.

Just took a look and it does seem that we have a 3 emojis on the message, with a single count for each. All by the same user.
However the message itself is only aware of 2 reactions on it...

I can't see any recent changes that might've effected this recently, and logic seems to guard co...

There's a couple issues we've found that attribute to this condition:

1. reaction adds/removes can become inconsistent within our database during database availability issues
2. a slight change in how we serialize reactions in messages

The first issue, which leads into the second issue, will be fixed in the next API deploy. In the meantime, you should be able to have your bot unreact or re-react the paintbrush as a fix.

Thanks for the update. Do you have an estimate of when your next API deploy might be, so I can flag this to your attention again if your fix doesn't work as expected?

I wanted to ask how would I be able to differ between permission for roles in a channel in the Discord API.

I also found this cool Website, which can calculate the permissions. So exactly what I want to know. Maybe this helps and somebody can explain how to reverse it: https://discordapi.com/permissions.html

For example:
This is a response Im getting for the permissions in a channel:

[
  {
    "type": "role",
    "id": "548978033365876748",
    "deny": 2048,
    "allow...

https://discord.com/developers/docs/topics/permissions Should help you out. It's a bitwise integer.

I'm unable to see my applications and create applications on [https://discord.com/developers/applications] Can someone help? Thanks,

The API is having issues
It'll get fixed eventually

API Is having so issues rn
https://status.discord.com/

And not show nitro badge
No nitro badge is displayed

Yes it will not just please wait a while and it will be back up :)

api is dead, be patient and wait

^

all you can track on https://status.discord.com/#day

XD

Thanks, everyone for the fast response! I'll keep my eyes peeled on https://status.discord.com. Thanks again!

No reson for XD Btw np ShadowDiscord01

:) @MicroBotDis

Resolved

Is the GUILD_EMOJIS_UPDATE event itself relegated to "not guaranteed"? Or is it just the dispatch of GUILD_EMOJIS_UPDATE due to Boost changes that is considered a side effect, thus not guaranteed to have a dispatch?

Trying to get a concept of how dependable (or lack there of) it is that the even will be dispatched.

When you have a nitro, you can change people without Nitro, first you pick the hashtag of the person who have not a nitro, then the other person pick your own nickname, and then it changes automatically the other person's hashtag.

Fixed!

Intended, not a bug

also this repo is only for the API

I am also having this issue, with v12.2.0 of discord.js.

Currently there is no way to track how many times a user boosts a server. The closest I was able to get is in the message event. When Discord's system generated message sends to the channel, it's missing content, that can be used to potentially parse the number of boosts. I think this would be beneficial information to have to be able to provide rewards to users based on number of boosts and give them an incentive to boost.

type: 'USER_PREMIUM_GUILD_SUBSCRIPTION_TIER_1',
content: '',
...

The details and the screenshot you sent are for 2 different messages; the number will be the message's content if it has more than 1 boost.

https://discord.com/developers/docs/topics/permissions Should help you out. It's a bitwise integer.

Ah yes, that solved it. Thanks!

Hello,

I wanted to ask if its possible to get all Members in a guild (even the offline ones) with a "Client" Account.
I know that you can do this:

{
  "op": 14,
  "d": {
    "guild_id": "GUILD_ID",
    "channels": {
      "CHANNEL_ID": [
        [ 0, 99 ]
      ]
    }
  }
}

But this won't get the offline members. Does anyone have any ideas on this?

I mostly writing this so people who run into the problem I had will google this and see this request. I was using the Authorization Code Grant route and kept getting the errors 'invalid-client' and 'invalid-grant'. The reason why was because I was not sending properly formated form data, which I did not guess from the error messages given.

Solution: Use fetch or axiom, but make sure you set the body to a URL search param string or URLSearchParam object like below. If you do this, both w...

How this could be made simpler? Just make this API route accept JSON data. We aren't posting any large files there no reason for this post to require form-data formate or add errors that specifically tell the user when they sent invalid form data instead of the vague errors that it sends right now.

OAuth2 is an RFC, primarily RFC 6749 (although there are some additional ones we support from the OAuth2 WG, like token revocation and PKCE). The specifications do not permit JSON values, only...

Maybe the note could mention error cause could be titled as authentication errors in the response?

For the fact, using a selfbot is against the discord tos and won't be supported.

b9edace update guild ban + prune endpoint docs - night

Well, I can definitely see the "concern" to the subject of a duplicate issue, but I believe the former (#1182) is mainly focused on providing a single property which is to display the amount of boosts a member has given to a guild.
However, the issue I'm opening up is to mainly focus on completely opening up the mentioned endpoint to bots so bots have access to all relevant data concerning a guild's boost status; each individual [boost] id, for example.

I make the request with this config

$hook_json = json_encode(['message'=>$options['message']],JSON_UNESCAPED_SLASHES | JSON_UNESCAPED_UNICODE);
    $ch = curl_init();

    curl_setopt_array( $ch, [
        CURLOPT_URL => $options['url'],
        CURLOPT_POST => true,
        CURLOPT_POSTFIELDS => $hook_json,
        CURLOPT_HTTPHEADER => [
            "Length" => strlen( $hook_json ),
            "Content-Type" => "application/json"
        ]
    ]);
    
    $response = ...

You're not using curl correctly. Headers should be an array of strings like this:

    curl_setopt_array( $ch, [
        CURLOPT_URL => $options['url'],
        CURLOPT_POST => true,
        CURLOPT_POSTFIELDS => $hook_json,
        CURLOPT_HTTPHEADER => [
            "Length" . strlen( $hook_json ),
            "Content-Type: application/json"
        ]
    ]);

You're also not handling the error code returned by curl_setopt_array. I recommend you [read the docs](h...

Begin Guild Prune (POST /guilds/:guild_id/prune) seems to take a reason for the audit log entry. However, it only seems to accepts reason as a (currently undocumented) body parameter, and seems to ignores the X-Audit-Log-Reason header, unlike other endpoints that accept reasons.

Thnak guy

As an alternative, is there a way I can automate a one-time invite to a specific email and get an id back that I can then store in my database, so I can remove users later?

you can force users to join the server through OAuth instead of an invite link, and collect their email from it

Is there some example documentation of how this is done?

the reason being broken there is probably because prune runs async and the header lookup is out of scope.. we can probably fix that behavior.

imo the standardized header is preferred usage here for bots.

we can probably set the avatar to null in this condition, but since it's an async update it probably will pop no matter what

this isn't quite a bug, but the error returned doesn't make much sense

duplicate of #1182

this fix has been deployed

Because this issue not occurs when wait query parameter is set as false, I am pretty sure it could be fixed easily by looking into what both case does differently.

No, it can’t be "fixed easily." As stated prior, images are fetched async. If you explicitly request wait you are telling our API “hey, give me a synchronous confirmation of this message” .. so we do that with some compromises to achieve performance, and everything else happens as a follow up. Waiting for external data will never happen synchronously, thus not fixable.

Shouldn't it be correct in the MESSAGE_CREATE event though?

No, as a confirmation of a message being sent includes it being dispatched to clients.

No, it can’t be "fixed easily." As stated prior, images are fetched async. If you explicitly request wait you are telling our API “hey, give me a synchronous confirmation of this message”

@night, your answer only gives birth to even more questions:

Can the server answer only synchronously?

If the server can answer asynchronously, and wait causes the response to be answered synchronously, then add an other query parameter instead?

If the server can answer asynchronously, then...

Thank you to everyone who commented and let me know about the issue! The discord community is just amazing :)

• [ ] discord there is a bug that where hackers are creating. We must ban all of the hackers.

This mans thinking millenials ahead! I say he get hired to discord immediately to help ban all the hackers 🙌

Obviously a troll issue, you really shouldn't create troll issues

This issue was created 6 hours ago, the account was also created 6 hours ago

Obviously a troll issue, you really shouldn't create troll issues

https://cdn.discordapp.com/emojis/631219821744357416.png?v=1

Useful, but easily abusable, if you can use emotes from any server (think: people's private servers they don't want their emotes leaked from), someone is bound to find emojis from other servers by complete chance.

TL;DR: Good idea at, but could be used badly

You can already load the image for any emoji with just the id, and you would need the id to send it

Maybe if over 1k members are going to be purged, emit a GUILD_MEMBER_PURGE event with the count of users purged, and maybe the userids of those users (unless over <someNumber> users are being purged)

Ooh, a good one, would this also be implemented on the Desktop/Mobile Clients?

Fair point, I guess it's already abusable

If this is done, do it for webhooks too.

@TapuCosmo It was added for webhooks a few weeks ago