370bfe9 Update automod trigger types section (#5063) - advaith1

@hemu Will there be an audit log event for automatic timeouts? Right now the audit log does not mention that the user was timed out at all, and no event is created if the only action taken is timing out the user.

Yes, support for the timeout action will be added to the audit log

That's true. I have a log system for my bot and it flags actions like removing a nickname too as a time-out. I tried to check for the timeout variable, but that doesn't help.

There is as far as I can tell no efficient way to retrieve a users boost time & badge.
It's possible to calculate it manually, but that is very inefficient in my opinion.
Is it possible to add a users boost time to the user badge flags?

Today the new AutoMod feature is rolling out across Discord. Along with it comes new API changes that allow you to use and extend AutoMod features in your Discord apps.

👉 You can find the official changelog and new documentation for AutoMod APIs on the documentation site (and than...

This would be awesome to have for many reasons.
My use cases are having a channel dedicated to instruction on how to use specific command(s) and being able to use them there (with ephemeral responses) so the channel doesn't get flooded with responses.

Another case is having a specific channel used for displaying user inputted data in a specific format. This requires another channel to be designated as a "submission" channel.

I'd love it if this was revisited.

Why? Just why? Bots have already automod and anyways, why do we need a bot to add it?

Not everyone needs a moderation bot, or even wants one. Just because bots already have a feature doesn't mean a native discord solution can't exist, then server owners can make up their own mind if they want to use the native feature or use a bot.

Maybe change the wording to "Under the minimum age requirement defined in Discord's Terms of Service"

This isn't what this error code means, it means the user isn't old enough to join a server according to the NSFW values

Unrelated, although the error message could be improved

Maybe add Tiktok?

Feature requests -> https://dis.gd/feedback

This changes some words up, as some stuff can be confusing to understand, especially for new bot developers of discord.

| 20024  | Under minimum age                                                                                                             |

Or if you don't like it, I mean you can change it to "Under NSFW minimum age requirement defined in Discord's Community Guidelines"

redundant and also grammatically incorrect

Maybe add Tiktok?

Feature requests -> https://dis.gd/feedback

It was a mistake, sorry

Thanks for the input @ajsharda17, but I don't think these edits really improve the readme.

version: 2
updates:
  - package-ecosystem: "github-actions"
    directory: "/"
    schedule:
      interval: "weekly"

If i'm right, this should be the correct indentation.

version: 2
updates:
  - package-ecosystem: "github-actions"
    directory: "/"
    schedule:
      interval: "weekly"

57780a8 Updated identify connection fields to match dep... - DV8FromTheWorld

It is expected that these field names will be supported for a while, but it is recommended to all consumers to update to unprefixed fields.

> These fields originally were $ prefixed (i.e: $browser) but this syntax is deprecated. While they currently still work, it is recommended to move to non-prefixed fields.

20cc568 Update docs/topics/Gateway.md - DV8FromTheWorld

#5058

Would a deprecation like this not be deserving of a changelog entry?

Ability to pin messages for text channel within VC

It looks like the POST, PATCH, and DELETE methods for Auto-Moderation all support the X-Audit-Log-Reason header. This PR adds the missing bubbles to align with the rest of the documentation. Thanks!

cc @Jiralite

It looks like the POST /guilds/{guild_id}/mfa route supports the X-Audit-Log-Reason header. This PR adds the missing bubble to align with the rest of the documentation. Thanks!

cc @Jiralite

It looks like the POST /guilds/{guild_id}/mfa route supports the X-Audit-Log-Reason header. This PR adds the missing bubble to align with the rest of the documentation. Thanks!

cc @Jiralite

I like the Discord's Automoderation module but I don't use it on my servers where I'm administrator because it is not really mature yet and what is with the bots with automod and mod? I think they are useless then.

Also, existing bot automod implementations cannot block a message before it gets sent; Discord's can.

Same issues here too, Ubuntu system

Would a deprecation like this not be deserving of a changelog entry?
Yes, it deserved a changelog entry. I'm planning to include one in this PR.
Good callout though!

Didn't realize this PR was open when I opened https://github.com/discord/discord-api-docs/pull/5067

Going to close this one in favor of 5067 as we're going to write a changelog entry in that one too.

That's a great point you've made, thanks 😄

There was an extra backslash, I removed it.

7ae469f Remove extra backslash (#5074) - TheUntraceable

Thanks

There was a link of message create to guild create. I changed that and then changed the wording a little more. This is because there isn't a point in the Gateway Events and Commands being a link to Message Create...

27a7d91 Add Automod documentation (#4860) - Mateo-tem
38b7fd0 Update automod trigger types section (#5063) - advaith1
beb0cf9 Remove extra backslash (#5074) - TheUntraceable
5d9fc35 added tutorial md - jcheonsa
456137f rearrange and add comments to heroku tutorial - shaydewael

Compare changes

d3d478c Add Automod documentation (#4860) - Mateo-tem
370bfe9 Update automod trigger types section (#5063) - advaith1
7ae469f Remove extra backslash (#5074) - TheUntraceable
f8c4ae2 Merge branch 'main' into docs/update-identify-f... - shaydewael

01319bc ayyy explicit api versions - shaydewael

Description

The nonce field was removed from the Channel -> Create Message endpoint without any notice in following PR: #2859
The PR was not even closely related to thr nonce field at all.

Confusing is that most libraries are still providing access to this field even it is not documented anymore.

As well does the Message object still contain the nonce field.

Thereby I ask for clarification if the nonce field has been deprecated or was removed from the documentation ...

The nonce field is used for deduplication of messages by the client and has no effect on bot messages.

Columns aren't aligned

| Field   | Type   | Description           |
| ------- | ------ | --------------------- |
| os      | string | your operating system |
| browser | string | your library name     |
| device  | string | your library name     |

I mean there could still be a use casenfor bots.
I am just asking for a proper clarification why the field is not documented any more on the Channels -> Create Message endpoint.

For example discordjs is still listing it in their API types library:
https://github.com/discordjs/discord-api-types/blob/main/rest/v10/channel.ts#L215

the field is not part of our bot api. it is ignored for bots.

I think it should also be used for deduplicating messages for bots, since the same problem happens with bots. When the request results in a bad gateway error, you have no way to know whether the message went through or not and have to retry or just hope. Why would this not be done for bots?

Hello, first time posting here. In the past months of using slash commands I've found myself wanting to remove the amazingly persistent and annoying built-in slash commands (/ban, /tableflip (honestly how old are we), /shrug etc etc). I have a personal ban command that logs the ban to a channel in a personal format, but with the built in command being named the same I am unable to expect my /ban to be tabbed to the right command and have to consciously pay attention to not use the built in co...

the field is not part of our bot api. it is ignored for bots.

No it isn't.

This field is relatively useful for pairing a message received with a message sent for things like ping calculations or just other use cases where you'd want to do the pairing.

ah i meant ignored for message send deduplication, which is the reason it exists in our api. if you just want it for identifying messages that could maybe be valid but its worth noting that the send message endpoint returns the created message with its id already.

Closes #5076

3214fa1 Update docs/topics/Gateway.md - shaydewael

6755c35 Updated identify connection fields to match dep... - DV8FromTheWorld

| nonce?                | integer or string                                                                                 | a nonce that can be used for message roundtrips with the gateway (up to 25 characters)                                                                                      |

0436db0 Add Hosting on Heroku Tutorial (#5046) - jcheonsa

6f848c2 Add message content intent requirements - hemu

Add message intent requirement with a breaking change warning.

Does this only apply to v10+?

It contains trailing comma

5cc1d21 Fix: Fix Auto moderation example json (#5080) - sevenc-nanashi

nice,

#### Breaking Changes

The `MESSAGE_CONTENT` (`1 << 15`) intent is now required to receive non-empty values for the `content` field in [AUTO_MODERATION_ACTION_EXECUTION](#DOCS_TOPICS_GATEWAY/auto-moderation-action-execution) gateway events. This matches the intended behavior for message content across the API.

\*\*\* `MESSAGE_CONTENT` (`1 << 15`) [gateway intent](#DOCS_TOPICS_GATEWAY/gateway-intents) is required to receive non-empty values for the `content` field

cc4e3fd Update docs/topics/Gateway.md - shaydewael

a1b4c17 Update docs/Change_Log.md - shaydewael

3817a7e Update docs/topics/Gateway.md - shaydewael

d9f424a Update docs/Change_Log.md - shaydewael

45383e8 Update docs/topics/Gateway.md - shaydewael

238e96c Update docs/topics/Gateway.md - shaydewael

i should have just pushed to branch lol

@shaydewael you can shift-click line numbers while reviewing to select multiple lines and make comments (and suggestions) against all these lines at once :)

@shaydewael you can shift-click line numbers while reviewing to select multiple lines and make comments (and suggestions) against all these lines at once :)

thank you. i was trying so hard to make it happen but just got frustrated and went aggressive

dd4ed50 Add message content intent requirements for aut... - hemu

Can confirm the website is broken on anything older than iOS 15. To reproduce all you have to do is go to https://discord.com/login on an iOS device on iOS 14. This issue started popping up for us around the time this issue was created.

I am also able to reproduce this on iOS 14 when using Safari to login to Discord

Documents auto_moderation_message Embed Type and an example

https://github.com/discord/discord-api-docs/pull/4860#discussion_r877075154

Considering that the rendering of automod embeds highly relies on the embed type, maybe this sentence could now be considered inaccurate and be removed?

Why was this merged? This has got nothing to do with the Discord API or Discord itself. Also Heroku isnt meant for hosting Discord bots.

I got the same issue on an iPad Pro on iOS 13.7

Same issue on iOS 14.3 when trying to open an invite link in browser

same issue on 12.3.1, 13.3.1, and 14.4

b6b91e3 Update Change_Log.md - shaydewael

same issue on my iPad mini 3 iOS 12.5.5

6f848c2 Add message content intent requirements - hemu
cc4e3fd Update docs/topics/Gateway.md - shaydewael
a1b4c17 Update docs/Change_Log.md - shaydewael
3817a7e Update docs/topics/Gateway.md - shaydewael
d9f424a Update docs/Change_Log.md - shaydewael

sry waiting on some details before making this an official changelog

0e0f195 Revert message content changelog (#5082) - shaydewael

Just #5079 again, but we're waiting on some details before merging this changelog in

57ed32c Update Change_Log.md - shaydewael

this embed type will be removed soon and the automod messages will stop abusing embeds, but yeah that text about embed types being "considered deprecated" should probably be removed

if you just want it for identifying messages that could maybe be valid

can nonce support be added to webhooks for this? #3396

# Channels Resource

Thx! probably moved the cursor wrong

I think you should also mention the cons of using heroku as your host. Just an opinion.

capitalizing the info breaks styling

also a word is missing here so I put "note"; hopefully that's right and doesn't break anything

Description

The mfa_level requirement of a guild can be set to true or false, when it should be restricted to 0 or 1. This breaks api clients which expect the level to be 0 or 1, and not a boolean.

Steps to Reproduce

curl -X POST 'https://discord.com/api/v10/guilds/:id/mfa' \
  -H 'authorization: Bot ' \
  -H 'content-type: application/json' \
  -d '{"level": true}'

This will set the level to true for that guild, when it should be 1 or 0.

Expected Behavio...

The new commit https://github.com/discord/discord-api-docs/commit/0436db025f7a552df36d48243330cd4b878d57b5 regarding a tutorial on using Heroku for hosting is a very bad idea.

These are some points that were sourced from communities of developers:

• Bots are not what the platform is designed for. Heroku is designed to provide web servers (like Django, Flask, etc). This is why they give you a domain name and open a port on their local emulator.

• Heroku's environment is heavily contai...

Im not experincing this on 14.8

Same problem here, iPad mini retina on 12.5.4 and iPhone 12 on iOS 14.3.

As usual, if this has been duped, my search-fu has failed me again.

What

As it stands right now, when requesting guild members, you submit a command to the gateway, and receive the members and you receive GUILD_MEMBER_CHUNK in 1K chunks. This is great, you know all the members on that server, and you can go about your day.

The issue here is that this does not scale well, rather, it doesn't scale well for bots.
When you request members, chunking isn't handled like normal ev...

There was an official announcement, will you be reverting the revert now?

Hey,
i am the lead-developer on a 75k member discord server (704715447764779178) and we thought about rebuilding our support ticket system that is currently using private threads with the new forum channels when they gonna get released.

Sadly in the docs it's stated that forum channels will only contain public threads so such a rebuild wouldn't be possible.
In our ticket system we got multiple categories of ticket types you can select from a dropdown menu.
We thought about merging all...

You're right

As the Action Metadata fields of channel_id and duration_seconds are only relevant to their associated action types, these fields are not required if neither associated action type is used.

There are even inconsistencies with this system as well. Even if I chose TIMEOUT as my action type, as long as a specify a channel_id without specifying duration_seconds, then the response will succeed and set the duration_seconds to 0. I'm not sure why it does this and is out of the scope o...

Description

When you post a Discord Bot token to a public gist, you don't get a SYSTEM DM and the token is also not invalidated.

Steps to Reproduce

Go to https://gist.github.com, create a public gist and paste a valid bot token in

Expected Behavior

The token is invalidated and you get a system dm and an email

Current Behavior

nothing happens

Screenshots/Videos

Client and System Information

Windows 11 Home 22H2 22621.105

dupe of #5049

Corrected wrong description for Action Metadata channel_id field

It says user content, but it is the message content that should be send in the channel. So i updated this.
(also a user does not have a content)

its phrased user content as to be future proof

its phrased user content as to be future proof

Um ok 🤔

"user content" means "content written by a user", not "a content field in a user object"

"user content" means "content written by a user", not "a content field in a user object"

Yes, get it ^^. Must have misunderstood it 🤦‍♂️.

So I'll close this again 😅, thanks for the clarification.

Don't think this is a dupe, but a more specific definition of #5049

I'll update the original one to mention its only gists

same here - iOS 14.3 & iPad7,3 (10.5" pro)

These message types were renamed at some point but docs weren't updated

The Ukrainian language uses an apostrophe. Omitting it may change the meaning of the word. Currently the apostrophe can't be used in command names. I request to include it in the name validator.

• Fix "Gateway documentation" link to point to more relevant area

Updated description for Rule Description guild_id field

In the description it says the guild which this rule belongs to, wich sounds like it is a Guild Object.

So i replaced this with the id of the guild which this rule belongs to

![image](https://user-images.githubusercontent.com/8039...

Currently when a user has the Send Message perm disabled and Use Application Commands enabled slash commands can't be used.

Allowing application command use in channels where you can't send messages can be helpful for a variety of reasons, including:

• bot command-only channels
• "looking for…" channels that have a specific template to follow
• contact channels where you use a command to send a message to guild admins

It already shows the type to be a snowflake

It already shows the type to be a snowflake

Yes, but the description is misleading.

In other description it also ways guild id 🤷‍♂️

I would personally only be interested in the metadata around users Discord live streaming instead of trying to have my bot itself go live:

• Game/Application
• Started streaming datetime
• Thumbnail
• Number of people watching

Which would allow me to make custom posts something like the following:

In other descriptions it also says "guild id"

IMHO then the other descriptions should be changed. Restating the type in the description feels redundant.

As far as I can see for now, clients can send an "afk" with its status to update. Why can't bots receive that?

General use-cases for now:

• bots can manage afk users per-voicechannel again instead of having one setting in the server settings. There was a bot before that was able to manage it before the setting was added iirc. it would also be possible to make channels not move members to afk if the user goes afk. it would also be possible to move a user to audience in stage channel...

| referenced_message?\*\* | ?partial [message object](#DOCS_RESOURCES_CHANNEL/message-object)                                                                  | the message associated with the message_reference                                                                                                |

For consistency

I don't think it is confusing. It says guild, the field name is guild_id, and the type is Snowflake. At least from my perspective, the fact that the docs are referring to the ID is obvious.

I don't think it is confusing. It says guild, the field name is guild_id, and the type is Snowflake. At least from my perspective, the fact that the docs are referring to the ID is obvious.

Yes, for me it's to, bot it may not be for some other. 🤷‍♂️

| guild_id         | snowflake                                                                                | the id of the guild which this rule belongs to                                                            |

table spacing

This is also relevant for invite links from a browser.

Duplicate of #3870

Description

When creating message containing a file using webhook with wait query param set to false, 200 status code is returned instead of 204.

Steps to Reproduce

Send a message containing a file using webhook with wait query param set to false.

Expected Behavior

204 status code

Current Behavior

200 status code

Screenshots/Videos

No response

Client and System Information

Own library

Still no news on ARM64 support for the GameSDK? Not that the SDK has even been updated, so not sure what the plan with that is, or if there's already a replacement or what.

The SDK hasn't been updated in quite a while, at least according to the version number/link in the docs, and there's still no ARM64 support. Seems pretty abandoned to me.

Form Improvements

Forms should be able to take dropdown inputs and other kinds of inputs available in slash command options. Additionally, they should also have date picker options too. These would upgrade forms a significant amount.

Some of test.yaml's versions are outdated and should be updated. This pull request updates them.

Can confirm, iOS 13.5 (iPhone 6S).

The last update was in 2020 and it didn't have ARM64 support. I think it's safe to assume the GameSDK has been effectively abandonned. I've already ripped it out of my codebase because of issues which haven't been fixed.

4025fb5 Fix infoboxes in heroku tutorial (#5085) - advaith1

e21bb96 add matched_content (#5102) - shaydewael

2b6aa7e Fix message structure notes (#5084) - Lulalaby

4d23130 Update Change_Log.md - shaydewael

36b9f2e AutoMod message intent updates (#5083) - shaydewael

note isn't a keyword for infoboxes

8460270 Update Change_Log.md - shaydewael

b53a118 Update Change_Log.md - shaydewael

The entry for this change is in the documentation: https://discord.com/developers/docs/change-log#updated-connection-property-field-names

⚠️ Breaking Change to AUTO_MODERATION_ACTION_EXECUTION

As you probably know, in API v10+, the MESSAGE_CONTENT (1 << 15) intent is required for your app to receive message content. In alignment with this we're making a breaking change to [A...

4e5e607 Update Gateway.md - shaydewael

a7b7a7a fix infobox in application commands page (#5103) - vvito7

@hampuskraft just FYI i was fixing merge conflict, so touched Gateway.md

cc @shaydewael

Description

When I add name_localizations for a command name that contains subcommands, the name entered in the name_localization does not make any of the subcommand appear. Works fine in commands without subcommands.

Steps to Reproduce

Used the following example JSON, set user account at Discord to language English, US and entered /lookup and it does not show /find or /lookup subcommands.

` {
"name": "find",
"name_localizations": {
"en-US": "lookup"
},
...

discord please add this so we can change colours of the bot names 🙏

Additionally it would make sense to expand this to the resolved channels as well. Its all fine and gravy to check if a member has permission to do something in that channel, but it makes no difference if the bot can't do that too.

Making the request to check immediately can work in some circumstances, but in many it won't.

Example: logging channel

• User executes /config logging channel:<chanId>
• The bot can check the members permissions to access said channel (doesn't even reall...

The last update was in 2020 and it didn't have ARM64 support. I think it's safe to assume the GameSDK has been effectively abandonned. I've already ripped it out of my codebase because of issues which haven't been fixed.

Actually, it turns out that there is in fact ARM support and the SDK is still bring updated.
It seems like it's the documentation/links that haven't been updated, however the "latest version" points to the correct one.

Where I can find this? Sorry i don't know what you mean by latest version. Can you provide a link? Thank you!

the last version was in 2020 https://discord.pyrrha.dev/#/versions

version 3.2.1 is available, which includes aarch64 artifacts

While the zip at https://dl-game-sdk.discordapp.net/latest/discord_game_sdk.zip does have ARM64 builds, they are only for macOS, not Windows, which still makes this unsuitable for my use case (I'm making a Windows app and want to make a native ARM64 build) and also doesn't fill the initial feature request.

Description

Hi,
I am trying to implement OAuth2 for my iOS app.
I have defined one urlscheme "lokapp" in my mobile app, and have updated in Redirects in /oauth2/general.
So when I launch my app by adding my custom url scheme in browser "lokapp://", its working as expected and launc my app. Now when I open authUrl it open Authorize page correctly and when I click on Authrize it shows 'Redirect URI is not supported by client'. I am not sure how to fix these. Images for reference

##...

Same here, ios 14 ipad 7

Hi, as @sylveon replied on another post above, you can find an ARM64 of the Game SDK for macOS here: https://dl-game-sdk.discordapp.net/latest/discord_game_sdk.zip . Posting it here for the people who want to support Apple Silicon on their apps or games.

Still missing Windows ARM64 :(

Description

My bot is written using DSharpPlus.

Intermittently Slash commands start giving "Interaction Failed" after 3 seconds. BUT :

Once it starts it keeps happening BUT :

Appears to primarily (only?) affect mobile clients.
same mobile client, same bot, same user, on a different server works. (shard issue?)
same mobile client, same bot, same user, sending via DM works
same bot, same server, same user, electron client works

Steps to Reproduce

try to use slashcomma...

I have created a slash command editor I like to share with other developers.

There's a system/app that I've been desiring for many years that doesn't exist yet, and I only recently realized how easy it would be to make. I wanted to message you before reaching out to local developers because it should be simple to integrate into Discord as you already have many supporting features in place.

The few gamers I talked to agree that the idea is gold. If you have the resources to spare, please have a private talk with me as I don't want to discuss publicly.

Thank you

where can i invest some crypto into this project

Is there an NFT I can purchase? Please get back to me quick before the market collapses.

Oh my goodness! This is hype!

Lol it's not a scam and is actually useful.

Seems like this requires you to enter app credentials, which I believe Discord does not like.

Doesn't the autocode one require you to enter those as well? The autocode site even requires your bot token, mine only requires the secret which gives you less access over the application.

my god, the answer

to use protocol urls in redirects you must be using PKCE. you can learn more by reading https://datatracker.ietf.org/doc/html/rfc7636

This behavior is not a bug and is working as intended. We could improve documentation to further clarify this behavior.

Thanks for the feedback. We duplicate this information to reduce confusion around the OAuth2 required parameters.

Thanks for the report. I would recommend filing a support ticket to our developer support team so they can help investigate your commands and why they are flags as harmful: https://support-dev.discord.com/hc/en-us/requests/new

this looks like a developer portal issue. the api does not limit the field length to 170 characters

This does not look to be an issue pertaining to Discord's API. For issues with specific libraries, you may consider filing a support ticket with the corresponding library's GitHub issues.

We could improve documentation for this, but receiving strings is working as intended for autocomplete. We do not process user input and pass that direct to bots for autocomplete suggestions. This includes empty string, which is the initial payload we send when a user starts autocomplete.

Closing this due to inactivity. If you're still experiencing issues, please provide specific curl outputs which we can use to replicate the behavior. "Add a slash command" and "Update the OptionData" is unfortunately not enough information that we can use to replicate this issue.

This does not appear to be an issue with the Discord API. If you are suggesting changes to the API, I would recommend opening a discussion over at https://github.com/discord/discord-api-docs/discussions

Thanks for the report. This issue should be fixed.

Thanks for the report. This is a quirk of the API, since wait is forced to true if there are specific post processing requirements of the request. I would recommend checking for 2xx rather than strictly 204, but we can likely improve the documentation to make this clearer.

Could anyone who got this working, kindly assist me with the process?

I'm unable to figure what exactly needs to be returned to the Webhook calls.

Currently, when i attempt to save my webhook URL in discord developer portal, my url gets called with 2 POST requests; one with correct signature and the other with incorrect.
For the Correct one, i return Status 200 and JSON data: {"type":1}
For the Incorrect one, i return Status 401 and JSON data: {"type":1}

But, Discord is still refus...

you should ask that in ddevs rather than posting on very old & closed issues

Thanks for bringing this up and including concrete rationale. I think a lot of these points are good, and it makes sense to shift the sample and tutorial to use HTTP instead of Gateway. I'll spend some time next week going through the existing app and tutorial to rewrite and reframe it.

However, I don't want to or plan on removing the tutorial entirely. We've gotten indication that Heroku is really popular among Discord devs through surveys (and they'll use it regardless), so we want t...

Thanks for bringing this up and including concrete rationale. I think a lot of these points are good, and it makes sense to shift the sample and tutorial to use HTTP instead of Gateway. I'll spend some time next week going through the existing app and tutorial to rewrite and reframe it.

However, I don't want to or plan on removing the tutorial entirely. We've gotten indication that Heroku is really popular among Discord devs through surveys (and they'll use it regardless), so we want t...

I think this is a good idea going forward to have tutorials on various hosting providers. I just wanted to say that the particular example used was not suitable because of what Heroku is for; it sounds great that you are going to rewrite it for HTTP though 👍

swag :)

meow

AutoMod allows pre-moderation, however it can be extended into a more general policies system to allow even more detailed moderation possibilities.

Proposal

I propose a few policies that would complement existing moderation tools.

Channel rate limit across users

Per-user rate limit, i.e. slow mode is useful to ease up a bit of a moderation load, but it does not necessarily make whole discussion slower-paced. Channel rate limit across users, on the other hand, would be usefu...

#5110

Discord should now be able to allow us to moderate this via their "AutoMod" bot/service ?
It's a win-win for everyone! Server admins can efficiently blacklist stuff out, and no pressure of bot Devs making a bot fetch bios then?

Btw on an alternative note, can't we tell users to not provide sensitive information in their bio when they edit it? Internet itself is not a safe place to just give out any private information...

@msciotti can we expect any SDK for mobile apps/games too? Samsung doesn't own even the 50% of android users... Makes no sense for a normal android user to buy a costly phone from samsung just to flex their game status from android... Android games are a lot popular, not having playing status SDK makes it impossible to boast about :(

Please open a new issue/discussion about this. This is unrelated to the current discussion.

Alternative: Make MESSAGE_CONTENT a precondition for automod policy execution intents.

It's 2022, there are no endpoint

Make it clear that these message endpoints also requires the CONNECT permission to see the text in the voice channels.

Otherwise the bot will get Missing Access error

It's 2022, there are no endpoint

There is an endpoint in a way. Changes have been made to be able to delete the old default channels. So you can just clone and delete a channel to purge it.

There are use cases to receive automod execution events without the Message Content Intent. For example, an integration with a bot warning system.

@Zoddo AutoMod rejections leak information about message content, namely that the rejected message includes content unwanted in that channel.

You may know that the message contained, for example, a slur (you don't even know which one) but this won't let you know what the message was about (which is the point of the Message Content Intent).

Description

The Message Formatting part of the documentation (https://discord.com/developers/docs/reference#message-formatting) mentions unix timestamps but doesn't specify that the parser expects timestamps with second precision. Using millisecond timestamps will result in formatted dates beyond the year 50000 and microsecond timestamps will outright cause NaNs and undefineds to appear in formatted output.

Steps to Reproduce

Expected Behavior

I'd expect usag...

FIX! https://pastebin.com/ZCQ1bhuV GARRYS MOD

This PR documents seconds as the time unit required for proper formatting when using markdown timestamps

Related: #5112

This pull request polishes the automoderation docs by fixing some typos, removing redundant words and improving some sentences

For certain slash commands, I've got autocompletes which have no useful options for certain users, even with no input. It would be nice to tell the user why there's no results.

Example commands:

• A sell item command when you have no items
• Delete emoji command in a server with no emojis

Adds the allow_list metadata which exempts strings from the preset trigger type.

This statement is already fine as it is. allowed-word is not a correct term.

Will this be revisited? There are limits posted in some of the newer docs such as Guild Scheduled Events

It's also standard to include character limits in the other docs pages, so it seems weird to close this PR and keep role names inconsistent with most string fields in the docs.

Oh, so any string is valid if the user is focused on the option.

{
    "data": {
        "type": 1,
        "options": [
            {
                "value": 42,
                "type": 4,
                "name": "second"
            },
            {
                "value": "asdasd",
                "type": 4,
                "name": "third",
                "focused": true
            }
        ]
    },
}

(irrelevant fields omitted)

To me this seems pre...

It's a win-win for everyone!

...except for where it might be necessary for a bot or other application to function. Honestly, how hard could it be to add an intent for this?

It's not hard in a technical way, it's just a privacy concern. Just making something an intent doesn't stop any malicious use.

I'm still holding on to a simple yet revolutionary improvement to our communications systems but have no way to get it directly to a dev, besides posting publicly...

you can contact dev support if you'd like to talk to someine at Discord

I tried Dev Support and it directed me here.

I'm looking for a way to speak directly to a staff member or someone in charge. I've got an idea that's going to be huge but nobody to work on it with. I'm getting close to the point of driving from Michigan down to their California HQ...

For making suggestions about the app as a whole you can leave feedback here: https://feedback.discord.com. If your idea involves the bot API specifically you can make another post like this outlining it. Good luck! 😊

i doubt they'd even let you in lol, anyway discord doesn't have a place where feedback is actually heard that anyone can access

I think in these cases, a proposal like https://github.com/discord/discord-api-docs/discussions/4615 would solve this problem more generally; for example signalling an error from auto-complete if there's an issue – like there being no emojis to pick from etc.

I tried that and it directed me here to this github

Well that's what I'm hoping for and suggesting is a way to contact them directly.

There is a level of communication missing between the different teams @ Discord, but I'm sure if you create a feedback post at the site someone will see it! :rocket:

By the way, if your idea is so sensitive nobody except Discord should see it, they're always hiring! https://discord.com/jobs

Thanks splatter! I don't see myself having a good enough resume history, but it's a great suggestion to get in contact with them!

With the "standard" permission system, I am able to configure permissions for individual roles/members specific for each channel.

With the new command permission system, it seems like I'm able to allow/deny commands for each channel or for each role, but simultaneously (although I can do it "separately").

What I want to be able to express is something like "role A can use the command in channel A, and role B can use the command in channel B", and that doesn't seem possible to do with ...

1. I find it hard to see a malicious use or a privacy concern for it. It's public data. If message intent is a thing, then profile intent should at least be a thing.
2. Intents do stop malicious use. That's why they exist at all. If not, Discord would have removed them, because it probably costs them a lot of money to pay people to review the intent requests.

What are current practices for implementing approximation of this functionality as closely as possible?

I'm removing myself from this thread because I think the engineering staff have made it clear this isn't a feature they want to implement but I'll add this:

We now have the guilds.members.read scope to get member profile information per-guild, this still doesn't bios but it does return everything you normally get from members. This appeals to the use cases menioned further up this thread asking for access to per-server data.

I stand by the moderation use cases I mentioned before. Co...

Description

Hello, When is discord going to have IPv6 support?

Steps to Reproduce

.

Expected Behavior

.

Current Behavior

.

Screenshots/Videos

.

Client and System Information

.

See #1280

However, I agree that Discord should seriously consider supporting IPv6.

See #1280

However, I agree that Discord should seriously consider supporting IPv6.

Latest post there was 2020, Nothing is happening. I don't understand how it can take this long.

Steps to reproduce: connect discord.com from an IPv6-only network

Expected behaviour: Discord can be used normally

Actual behaviour: Discord cannot be used at all

Client/system information: Any

ah i meant ignored for message send deduplication,

No way to guarantee deduplication for bots? Weird.

Current behavior

Currently, the client caches autocomplete results with what the user typed in the focused option

Desired behavior

The client should cache autocomplete results based on what the user typed in the focused option, as well as other options.

Why this is needed

I've seen the client give back invalid results after changing one of the previously set values.

Let's take an example

1. You are trying to find a function in a class
2. You start typing your co...

Most implementations I've seen use an embed (either before or in the bridged message itself), with the name and avatar of the author and a small snippet of the message. The "author url" is then set to a link of the message that is being replied to, so that it can be clicked to jump to the message.
<img width="207" alt="image" src="https://user-images.githubusercontent.com/44026893/175832261-3d5fcaf1-8faa-4333-98d0-660ab476765e.png">

Closes #5054

Currently the interaction request sends a channel ID. It would be ideal if some basic channel information could also be sent, like how there's basic member information sent, to save on an API request. My primary use case is checking for the NSFW state of a channel to permit NSFW-flagged search results in channels, but without flagging the entire command as NSFW.

Duplicate of #4813

Didn't seem to show up in my searches. Thank you.

Duplicate of #4813

How about letting users to upload image as input in Modals?

Planned feature already

- An available Guild: a [guild](#DOCS_RESOURCES_GUILD/guild-object) object with extra fields, as detailed below.

###### Guild Create Extra Fields

lowercase

3.  When the current user joins a new Guild (this guild may be available or unavailable).

I don't think that should be renamed

These wont be sent for unavailable guilds, so its just to specify

Guild seems to be used as upper case everywhere in this section, so for consistency sake will leave it like that

3.  When the current user joins a new Guild.

During an outage the guild object in scenarios 1 and 3 may be marked unavailable.

"guild create available guild" is very difficult to read.

###### Available Guild Create Extra Fields

This shouldn't be renamed. It's already clear from the context that this is only available if the guild is available since that's the default state of a guild. Rewording this only makes it sound more awkward than it actually is.

Removing the previous note just hampers understanding of the flow.

Yeah I prefer this wording to the one currently proposed.

Planned feature already

Oh nice

For now that's not a use case our permission system will support. For your use case, you can create mod commands which are only accessible by moderators in mod channels.

What, as in create commands that themselves create commands?

What do you mean?

If I want users to be able to allow commands in some channels for some roles (and other channels for other roles), are you suggesting a (guild owner/admin) command that would create one or more unique guild commands with the actual functionality that could then be separately role-restricted. ...but that does feel like abusing the system, so maybe not.

There does not appear to be a bug reported here. To submit feedback for Discord's API, consider opening a discussion instead: https://github.com/discord/discord-api-docs/discussions

Unavailable is only sent during startup (e.g. immediately after READY), this was wrongly removed in 78a152e

Furthermore, there's a quirk with unavailable regarding it's presence, as it is absent when the user joins a new server. I've mentioned this on the DAPI Server [here](#381887113391505410 message)

As you can see per this screenshot:

ac827be Add error (#5034) - Jupith

@typpo Can you review this?

7a1679a add details to timestamps (#5113) - AlmostSuspense

82df679 Update test.yaml (#5100) - ArjunSharda

067289f Update message type names (#5093) - advaith1

aeaf0ab chore: Include github-actions in the dependabot... - naveensrinivasan

I'm also curious how to do that – I have a very simple app and would like to use the /@me//reationships read endpoint :/

Yup, that would be correct

Jokes on you I just reverse engineered the undocumented packets and the Discord API has no problems sending video to bots.

this structure is sent by discord in interactions, it is not sent in response to interactions.

as said above you can't

Removes the oauth2 scopes which: reference parts of the API which are no longer
usable; or require approval (which cannot currently be obtained) to use.

These are still used and given to select development partners.

One would assume "select development partners" are given docs which contain the complete list of scopes discord offers.

I also think the store section – probably even the whole of – the SDK should be reviewed, since it documents code clearly written for api version 6. I did not remove any of it here because I felt like that would be making the scope of this pull request too large.

These docs are for the publicly available API; unless someone from discord can confirm the community docs ...

RPC is technically usable without approval (for the app owner and up to 50 "testers" declared in the dev portal).

SKUs still exist

Removing approval only scopes isn't helpful at all, these scopes do exist and they should be documented for 2 large reasons:

So industry partners can understand what's possible (PS/Xbox setting presences, getting friends lists etc.)
So general users like me and you can see what Discord are offering to industry partners

Applications.entitlements still works even though the gameSDK is effectively depreciated. This technology may be re-used later down the line. SKUs are, for example, us...

That is not the point here – the point is you cannot reasonably expect to use the store endpoints that scope grants access to.

If and when these features are repurposed with a different intent, they can be added back with the relevant feature documentation.

If there is a closed set of applications using legacy technology from discord, these scopes should not be listed in this table as things people can use today. My recommendation here would be a separate section of the docs containing the legacy documentation.

6f91475 Fix command interaction data note (#5126) - advaith1

I think all scopes should continue to be listed. Maybe to reduce confusion separate them into 3 lists:

• publicly available
• usable by app devs and testers
• not publicly available

but... people can use them today? I gave 2 examples of applications that actively use some of these scopes? Delisting these is literally just reductive and harms the developer experience for people using the technology, legacy or not. Complicating the docs with a legacy section is redundant when this is a list of scopes that have actual use cases and in-the-wild uses in applications.

It wouldn't make sense to move the documentation of these scopes away from the scope documentation and into...

Add some more error codes :)
Some I'm not sure about, since the corresponding features are not yet released:

50106 - INVALID_ACTIVITY_LAUNCH_NO_ACCESS
50107 - INVALID_ACTIVITY_LAUNCH_PREMIUM_TIER
50108 - INVALID_ACTIVITY_LAUNCH_CONCURRENT_ACTIVITIES

Yeah, usually, unreleased features are not documented, however this one is already partially documented (for example, the additional field in the Invite Object)

| 200000 | Message was blocked by automatic moderation                                                                                   |
| 220001 | Title was blocked by automatic moderation                                                                                     |
| 220003 | Webhooks can only create threads in forum channels                                                                            |

numeric order

Oh right didn't notice that,
Sorry can't do it rn, just got off of my laptop :(

Encountered 110001 because of an unknown package.

@night "Convert to discussion" is a thing.

This PR addresses some issues with the OAuth2 Scopes table by separating it into multiple groups:

• Public User Scopes (normal)
• Guild Scopes (commands/bot)
• Other Scopes (webhooks/client creds)
• Restricted Scopes (devs/testers only, unless approved)
• Private Scopes (approval required)

I think this is a better alternative to the controversial #5127, as it should resolve confusion without removing documentation. I believe the documentation should continue to list all scopes, as i...

perhaps there should be a section about what "approval" is, to avoid more confusion from users since i believe there's no formal approval process?

i can confirm i also have this same error, deleting webhooks does not allow me to make more either

The client just says internal server error when you hit the guild wide rate limit for creating them (should probably be changed), if you wait an hour it should be fine again.

I'm going to close this in favour of a separate table

Should this be moved to guild scopes?

Waiting for?

What does "applications.store.update" actually authorize, I cannot find an endpoint that the token can use.

Adds changelog and updates docs for new app_permissions field

f4e3955 Add app_permissions (#5131) - shaydewael

Too sad this was insta-merged. :disappointed: I think this would have been a better wording, and consistent with how this is named everywhere else:

Interaction payloads now contain an `app_permissions` field whose value is the computed [permissions](#DOCS_TOPICS_PERMISSIONS/permissions-bitwise-permission-flags) for a bot or app in the context of a specific interaction (including channel overrides). Similar to other permission fields, the value of `app_permissions` is a bitw...

I have another change coming up so I'll include this wording update. With changelogs, I'm mostly trying to get them deployed as fast as possible so I can post in DDevs, Github, etc.

Description

As of the API push an hour or so ago, the user json returned by the API now has premium_type = null for non-nitro accounts, it used to be 0, and it is defined as returning an integer. This is breaking some libraries

Steps to Reproduce

do a get on /users/@me (as long as you don't have Nitro)

Expected Behavior

it should return an integer, like it used to do and is documented as doing

Current Behavior

it is returning null

Screenshots/Videos

No response
...

Thanks for adding yet another feature with 0 prior warning!

• The original request has now been implemented with #5131
• Would still really love to see the same for channel options

@ImRodry It's an additive change so it won't break any apps—it's solely giving apps more information.

We also talked about the change in the latest DDevs event.

This will be fixed shortly

Adds changelog for some upcoming changes to how a bot's permissions are calculated for interactions and bot-created webhooks (which opens up use cases like posting external emojis).

Docs won't be updated until the change goes live on July 28.

This is confusing, "installed with" suggests that moderators cannot change the permission in the role after adding the both, which is not true, unless this is truly relying on the granted permissions from the oauth step.

It also suggests that its not a combined check like the rest of discords permission system, wherein if @everyone has permission, so would the bot (unless explicitly denied in an overwrite)

@ImRodry It's an additive change so it won't break any apps—it's solely giving apps more information.

We also talked about the change in the latest DDevs event.

Usually stuff is added and only announced a few days later to allow libs to implement the feature, otherwise not many people can use it at the official launch

@ImRodry It's an additive change so it won't break any apps—it's solely giving apps more information.
We also talked about the change in the latest DDevs event.

Usually stuff is added and only announced a few days later to allow libs to implement the feature, otherwise not many people can use it at the official launch

So you would rather it be announced and made usable in a few days?

The fix is complete

No I'd rather it was done the opposite way: made available in the API and PR made and announced a few days later

The docs say that app_permissions? is a string but it's an integer in the payload I'm receiving.

If only messages had this too, we wouldnt need to cache roles at all for a lot of usages...

060cae6 Bot permissions calculation changes (#5133) - shaydewael

This implies that the @ everyone calculated permissions will not be considered even if the bot isn't in the guild.

The docs say that app_permissions? is a string but it's an integer in the payload I'm receiving.

this is a bug, and shall be fixed momentarily! sorry about that

Will timeouts be included when calculating the app permissions for responding? Right now they have no impact, but it would ne nice to clarify if they will in this changelog.

No I'd rather it was done the opposite way: made available in the API and PR made and announced a few days later

What's the difference? Why have it available and undocumented when it can be documented as it's made available

• The original request has now been implemented with #5131
• Would still really love to see the same for channel options

Doesn't the autocode one require you to enter those as well? The autocode site even requires your bot token, mine only requires the secret which gives you less access over the application.

@TechnicPepijn In that case, I think Discord should avoid including both websites to prevent accidental promotion of unsafely sharing credentials with 3rd-parties.

I don't really agree that it implies that, especially with the context provided in the above section. Unless a dev relies on the @everyone permissions grant their botATTACH_FILES, EMBED_LINKS, MENTION_EVERYONE, or/and USE_EXTERNAL_EMOJIS in every server its installed, then a dev should make sure their bot is installed with the permissions.

The section above is the technical changes, the Updating your app section is purely to give devs advice on the practical changes they shou...

Change to Bot Permissions in Interactions and Webhooks

:warning: This includes an upcoming breaking change for some bots

Starting on July 28, 2022 (in about a month), the way bot's permissions will be calculated for interaction responses and webhook execution will be updated. Instead of using the permissions calculated for @-everyone, permissions will be calculated specifically for the bot (including any overwrites).

This change aligns with how bot's permissions are calcula...

The provided URL is a 404

If a PR is made by a team member it’s documented so libraries can implement it. Releasing like this means thousands of people will rush into support servers asking where is the support for that new feature when it most likely will take a while to come out

This is a good and long-awaited change for the Use External Emojis permission.

However, as we have been discussing in DDevs #api, this change is a pain for permissions that previously were not checked for interactions and webhooks, such as Embed Links. One of the benefits of using interactions is that you don't need to worry about making sure the bot has embed permissions, since they are essential to most bots and if the server does not give everyone embed permissions, it is annoying to ha...

there is no reason for support for this feature to take a while to come out

The docs say that app_permissions? is a string but it's an integer in the payload I'm receiving.

this is a bug, and shall be fixed momentarily! sorry about that

A fix for this is now out on stable. As an aside, this PR isn't the right place to discuss procedures around feature release announcements

+1, currently webhooks don't have embed links checked for at all, and in my bot it's a pretty widespread assumption that a webhook will be able to send embeds. Either having to disable this functionality or rework it to not will be a pain

The provided URL is a 404

Oh see, looks like github added an extra "/" at the end of the url, I just added an other commit and fixed it on the webserver

Description

Discord's developer policy (https://discord.com/developers/docs/policies-and-agreements/developer-policy) states not to 'to distribute NSFW material without an NSFW tag;'. I have realized that the 'NSFW' terminology for referring to age-restricted content has been rebranded to 'age-restricted' in the discord client, perhaps we should define 'NSFW' or change the terminology to 'age-restricted'? If so, I have already forked this repo and am ready to make changes. Let me know!

...

We probably can't change this right away as it's a legal document. Would have to hold on changing this till the next time we update dev policy.

perhaps there should be a section about what "approval" is, to avoid more confusion from users since i believe there's no formal approval process?

tried to clarify this with

Some scopes require approval from Discord to use, and there is no public application process.

could add more information tho

What does "applications.store.update" actually authorize, I cannot find an endpoint that the token can use: are you sure that is not behind approval?

yeah this scope does ...

this scope is kinda weird, but looks like it does create a guild integration so I'll move it to guild scopes

As an alternative, maybe consider rich embeds in the payload sent by bots not require the Embed Links permission at all:

1. I've always found it a bit strange that a permission specifically referencing unfurling links would apply to the content provided in the payload.
2. It's not great that sending a message with non-empty content and with an embed silently drops the embed but still allows the message to send.
3. Very rarely do bots actually change the output of their replies if they don'...

Summary

This PR fixes the trigger_metadata link on Create Auto Moderation Rules' body section.

note: required resizing of the table to fix the link, diff looks quite borked

I've always found it a bit strange that a permission specifically referencing unfurling links would apply to the content provided in the payload.

The embeds can contain unfurled links in the case of embed images, which I believe is the primary goal of this permission. The reason to disable this permission, is to prevent users from sending images via links, in my experience at least.

However, if that is the goal of applying this permission here, then maybe those images could be just ...

Dupe #5070 ?

I don't want my site linked from or embedded on discord. I don't want traffic to my site coming from there at all. How do I block my site from being linked on there? I know I can't stop people from trying to post a link to it on Discord, I'm hoping it's possible that if they try it doesn't allow it or posts a fake link or the link I choose (a redirect?) to somewhere other than my domain. I'd rather my site be secure. Discord is not secure.

I'm hoping there's a way that if I can't disallow...

Going to close this as it's in legal territory. We've passed along the feedback

hi ty for feedback, we're making a change to this. will announce on GH and in DDevs as well.

Why you can't allow bots to use USE_EXTERNAL_EMOJIS too without any check? like MENTION_EVERYONE makes sense but when you r allowing EMBED_LINKS, ATTACH_FILES then why not USE_EXTERNAL_EMOJIS too?

Hey all—

I wanted to post an update that we're removing the ATTACH_FILES and EMBED_LINKS changes for this update based on feedback. The post above has ben edited to reflect that.

@imranbarbhuiya This is just communicating the change. For feedback about it, you can post in Discussions instead.

67c6001 add update (#5137) - shaydewael

Description

Result property is not set in constructor of exception, therefore it is always Result.Ok which prevents proper exception handling.

Steps to Reproduce

public partial class ResultException : Exception
{
        public readonly Result Result;

        public ResultException(Result result) : base(result.ToString())
        {
        }
}

Expected Behavior

Result property is set accordingly to exception type (result value)

Current Behavior

Result ...

Nsfw application commands support when

Description

Running my 36k guild bot, infrequently I get warnings to the tune of

[serenity::gateway::ws]: Err deserializing text: Json(Error("invalid value: integer -1, expected u64", line: 0, column: 0)); text: {"t":"THREAD_MEMBERS_UPDATE","s":....,"op":0,"d":{"removed_member_ids":["..."],"member_count":-1,"id":"...","guild_id":"..."}}```

causing issues due to the library I'm using using an unsigned integer to represent this.

### Steps to Reproduce

Run a bot until you get it,...

gotcha, thanks!

for subcommands and subcommand groups in name field for message interaction objects (not interaction responses)

Could this not be done in a non-breaking way by creating a new field? i.e a path field with the full {name} {group} {subcommand} path, and keeping name the same?

I think its also a bit confusing that message.interaction.name is different from interaction.name. Maybe in the future the same change could be done for subcommand (and group) interactions, removing the option nesting?

{
    ...
    "data": {
        "options": [{
            "name": "user",
            "value": "173547401905176585"
        }],
        "name": "mod ban",
        "id": "771825006014889984"
    }
}

87d717b Add message interaction object change (#5140) - shaydewael

I'm just noting the change—you're more than welcome to open a discussion with feedback, but this PR probably isn't the place for it.

Dear Discord,

https://github.com/discord/discord-api-docs/pull/5140 is an example of an unacceptable change.
This should have been conducted via a version bump with proper notice in the docs.

I cannot stress enough how publicly documented endpoints should not be altered without a version bump.

389355f Update Change_Log.md - devsnek

Description

When you reply to a modal, it replies in the main channel you're in rather than where it was started, which proves to be an issue when it began in a thread channel but the user is using a side-by-side view of a thread and a channel.

Steps to Reproduce

Use the API to create a button inside of a thread that will open a modal, and then view the thread side-by-side with its parent channel. Program the Modal to reply with a message when it's submitted, and submit the modal. ...

I don't even get what was wrong with that particular change; I doubt many people relied on the interaction name payload in already existing messages

11e1af6 Fix mistakes in the Auto Moderation docs (#5070) - hampuskraft

072319f improve automod docs (#5114) - AlmostSuspense

I don't even get what was wrong with that particular change; I doubt many people relied on the interaction name payload in already existing messages

That's beside the point. Unless its a security threat or actively being abused then at minimum there should be some advance notice before a breaking change. Posting the changelog of a change that is breaking after making the change is basically the complete opposite of what is supposed to occur.

I don't think the additional links or language changes add anything. The only thing I'd do is update the Gateway link to the broader message section - https://discord.com/developers/docs/topics/gateway#messages (#DOCS_TOPICS_GATEWAY/messages).

I don't even get what was wrong with that particular change; I doubt many people relied on the interaction name payload in already existing messages

The definition of a breaking change does not alter depending on the amount of people relying on current behaviour, the discord developers server demonstrated many people rely on the documented behaviour as it should not have changed before v11.

Posting the changelog of a change that is breaking after making the change

It says upcoming change:

Starting July 18, 2022

Personally I feel almost all of them misread it and were thinking about the actual interaction payload rather than the message one

1159aef add min_length and max_length (#5143) - shaydewael

Description

The API documentation states that the Global Rate Limit is 50 requests per second.

Here is a scenario that currently occurs occasionally in interaction with the Discord API using a global bucket rate limit with a 1 second expiry time. The endpoint used in this scenario does NOT provide rate limit headers (potentially intended) contrary to https://github.com/discord/discord-api-docs/issues/1808#issuecomment-658535754. The actual global rate limit bucket header ...

3 Tips for Parents Who Want to Learn Quran For Kids
Your child may have started learning to read Quran, and if not then it’s time you introduced your little one to this great Islamic tradition of reading the holy book of God. The Arabic language can be difficult and it would help greatly if you had someone teach you what your child has been learning in his or her classes. Here are three tips for parents who want to **[learn Quran for kids](https://onlinemadrasa.org/online-quran-classes-for-k...

uhm wrong repo?

In addition, please add how we determine which requests route to a bucket. The documentation states:

Per-route rate limits exist for many individual endpoints, and may include the HTTP method (GET, POST, PUT, or DELETE). In some cases, per-route limits will be shared across a set of similar endpoints, indicated in the X-RateLimit-Bucket header. It's recommended to use this header as a unique identifier for a rate limit, which will allow you to group shared limits as you encounter them.
...

Posting the changelog of a change that is breaking after making the change

It says upcoming change:

Starting July 18, 2022

That is the current changelog, this was the original announcement [discord.gg/discord-developers#api-announcements@30/06/2022](#api-announcements message)

The permission to Manage N also includes the ability to Delete N. Any possibilities that gives the permission to Manage N can be undone. For example, if a user accidentally moves a channel to another category, this can be corrected by a reverse action. This applies to any action that depends on the permission to Manage N, except deletion.

The deletion of N cannot be undone. It seems to me that only those users/bots in which the server administration is 100% sure should have this permission. ...

@ooliver1 i replied to a comment specifically mentioning the current changelog.

Description

Channels have a position field which is supposed to reflect the visual position of a channel, see https://discord.com/developers/docs/resources/channel#channel-object

It seems like the position is incorrectly returned by the API for channels under specific circumstances, for example after creating a new channel under a category the new channel will have the highest position, no matter where it is visually placed.

Steps to Reproduce

1. Check channel positions
   ...

Duplicate of #4613

Perhaps an astrix beside types;
0 6 7 8 12 18 19 20 23
With a note below that it denotes these message types are self deletable (Author is able to delete without manage messages)

Yes please. If this is going to be implemented, please make separating channel deletions from MANAGE_CHANNELS (Manage Channels) highest priority, as deleting a channel is the most destructive action, which involves completely wiping all of channel overwrites, followers (for news (announcement) channels), messages, and even threads in the channel in a single API request.

Sure thing .thanks

Description

String options can have min_length be set to less than max_length

Steps to Reproduce

register a slash command with an option that has max_length set to less than the min_length. A payload has been provided below.

{
 "type": 1,
 "name": "str_length_go_brr",
 "dm_permission": true,
 "default_permission": true,
 "default_member_permissions": null,
 "description": "-",
 "options": [
  {
   "name": "option",
   "description": "-",
   "type": 3,
   "re...

The current requirement to modify the "slowmode" of a channel is the manage channel permission, which is an extremely powerful permission that lets you completely delete the channel and all of its content, permanently.

Slowmode is an extremely valuable moderation tool, that explicitly targets the message frequency in a channel. A logical and far more appropriate permission for managing this setting, is manage messages, which also allows users to bypass it as well.

I argue that the abili...

I have created a slash command editor I like to share with other developers.

I think autocomplete restults shouldn't be cached anyways. I'm having problems with all use-cases I currently have, and even if autocomplete caching is needed, the bot can cache it itself.

Upvoting this. I'm working on a interaction based mailbox system which would have a big advantage with such a feature!! 👍

I think client-side caching is okay, results shouldn't change even in an entire minute, just that it should take into account the entire request instead of just the current option

Caching on the bot-side isn't going to help with this issue as there is 200-400 ms delay by doing the network request, client-side and server-side caching isn't the same at all

I've been testing the new slash command control in the integrations area. A couple of observations.

All bots are still listed even when there are no permitted commands available. Ideally bots with no permitted commands should not be listed in the slash command menus.

Not all slash command bots are listed in the integration area... At least on my server.

Description

{"message": "500: Internal Server Error", "code": 0} when fetching guild bans

Steps to Reproduce

do the funne to ban endpoint

Expected Behavior

data is returned successfully

Current Behavior

api necks itself, data not returned successfully

Screenshots/Videos

Client and System Information

Jake-Build 133700 (330e391)
(ian didnt break th...

You don't need slash commands to be listed there, the integrations tab shows other information unrelated to slash commands like granted permission or who added it and when. You also can only see the first 50 integrations added to the server

Description

The dm_channels.read scope could include a way for bots to send ephemeral messages inside a user's DMs.

Why

Currently the dm_channels.read scope is a very interesting scope. I personally can't think of a lot of use cases to use this scope. However, by allowing the bot to interact in said channel, some new uses can open up. Bots could actually interact with whatever content is being read, without having to open up a new DM channel or use other means of communicatio...

Description

Http-only apps (apps, that don't have a bot user) are currently massively lacking behind when it comes to visibility and growth. When running a command from such an app and then clicking on the message author (as if you wanted to view the app's details) the info looks like this:

As viewable, neither the app's description nor the install button are shown altough...

Currently, if a developer wants to dynamically display information under a bot's profile, they need to use the bots "status."

Allowing developers to edit the application description/the bots about me will give developers more flexibility in their bot.

Some usage examples:

• Display stats such as servers, up time, last updated, and build version
• "Fun" features like a small quote of the day under the bot description

Alternative:
Make the bots "about me" separate from the application descri...

Aha thanks!! I do have exactly 50 listed so that's correct(and a pain)

I also meant that for users whos permissions are removed, they can still see the bot listed in the command menu even though there are no available Commands to them. The bot should just be absent. (I wasn't sure if I made sense the first time)

Will the 50 limit stay? That seems a bit deficient. I mean imagine you could only apply permissions to the first 50 people in a server.

I think I'll go back to my original suggestion which is to have a toggle in the normal permission area.

An easy way would be to reuse the application command permission

That permission is useless for bots current...

iirc they don't plan on modifying the limit

Overlooked in #4927 and #4970 but no longer

it would not hurt for an engineer to take 5 minutes of their time to add anti-coke measures to the API
engineers attack me all week long, I see no problem for them to use their time to add counter-measures to stop coke accordingly

Hi! I've got a Discord application where I authenticated via OAuth2 with a redirect URI, got a bearer token, and can make API requests. However, it's hard to tell which API requests require a bot versus just the regular bearer token I have. I'm specifically trying to send a direct message via the API to a particular server I belong to, which is something I can do personally in the Discord app, but which I can't seem to do programmatically via the Discord API. Here's an example request that gi...

All endpoints that can be used with oauth are listed in the oauth table and have a "requires x scope" in the endpoint description. Pretry much all other endpoints require a bot token

What you're asking is basically selfbotting (automating your user account) which is against the tos

It's assumed that all endpoints are bot only unless they are listed/linked on the oauth2 scopes list.

This is a pretty smart approximation!

Description

When trying to create a message with a select option that contains an emoji ID that is too large, (e.g. 99361420069595959602), the API will respond with a 500 status code.

Example Payload:

{
    "components": [
        {
            "type": 1,
            "components": [
                {
                    "type": 3,
                    "custom_id": "switch-sub",
                    "min_values": 1,
                    "max_values": 1,
             ...

Thank you!

just wanted to mention that having a bot user existing or in the server is totally irrelevant to receiving interactions over http vs gateway; you can have a bot user in the server and also receive interactions over http, so this request has nothing to do with http

hmmm nice

ids should be sent as strings

Hello there, taking into account the bugs that exist towards Ephemeral messages disappearing if it's an old message in a channel.

I think it'd be quite ideal, to have interaction responses that instead of making an ephemeral, they cover the screen showing the message, with its content, embeds and attachments, similar to how Modals work.

That way if I want interactions that are done with the purpose of being informative, the user will get the message on screen and able to read and close ...

Bruh, now, nothing left to us?

snowflakes can be sent as integers (this has always worked). In fact, the docs says that Discord handle them internally as integers. They are however always returned as string by the API to prevent overflows in some languages.

The error reported in this issue can also be reproduced when sending the (invalid) ID as a string.

Description

Calling the DELETE HTTP method on /invites/:code provides no ratelimit headers in the response.

Steps to Reproduce

curl -i -H "Authorization: Bot $DISCORD_TOKEN" -X DELETE https://discord.com/api/v10/invites/[somecode] - assuming DISCORD_TOKEN is a variable in your shell, and [somecode] is a valid invite code.

Expected Behavior

The response includes x-ratelimit-[whatever] headers.

Current Behavior

The response does not include any ratelimit headers...

Not all routes have rate-limits. You are only bound to your global rate-limit if they don't.

Point was that we are indeed hitting 429s on this. Just edited in something to address that.

What is the ratelimit scope?

There are three potential cases:

1. It has a rate limit bucket that isn't being showcased.
2. You hit a global rate limit, which should showcase a Retry-After header (of around 1 second).
3. You were Cloudflare banned, which should showcase a Retry-After header (of around 50 minutes).

Rate limit scope isn't required for this to be a bug, but a missing Retry-After header would be.

_Related: https://github.com/discord/discord-api-docs/issues/5144_

This is indeed a bug, a fix should be rolled out soonish.

Here is what I understand regarding this endpoint and returned headers:

• There isn't any classic (user) ratelimit on this endpoint, because there isn't any major parameter (guild or channel id) that can be used. This explains why there is not any X-Ratelimit-* headers returned on success responses.
• However, there is a shared rate limit (likely per guild or per channel) on deleting invites. You only get a X-RateLimit-Scope: shared and Retry-After headers when exceeding it.
  • T...

@devsnek confirmed https://github.com/discord/discord-api-docs/issues/5161 as a bug. Does this issue also contain a bug? The endpoint used in this scenario is GetCurrentBotApplicationInformation.

2020 - 2022

it hasn't been the same

precedent: 😺🚀
https://github.com/discord/discord-api-docs/blob/1159aef52648602c22f72104faaed0155fafca64/docs/topics/Rate_Limits.md?plain=1#L51

also season 4 has started

![im...

fix should be out very soon

Btw, isn't v9 the default version rn?

no, v6 is

@devsnek What was the fix?

This PR removes the unnecessary nullable tag for the communication_disabled_until parameter in the JSON params for the Modify Guild Member endpoint. This change was made because the endpoint has a note that says all parameters are optional and nullable.

You should correct that note instead, since communication_disabled_until is nullable

Oh it's only nullable? Alright

Ah no, nevermind I see what you mean, Didnt see the notes clear enough from mobile

Ah no, nevermind I see what you mean, Didnt see the notes clear enough from mobile

No worries 👍

Description

I am trying to implement OAuth2 login on Android Webview. Once I login with valid credentials for DISCORD, the login will take place but it won't show the App Authorize page, instead it will log me out and would show login screen again. Please check the below video

Steps to Reproduce

1. Open authorization link in webview with WebView.loadUrl(authorizationUrl)
2. Log in with your credentials (using my phone number and password)
3. It will redirect back to the login pag...

I’m working on a system where users can turn in Quest rewards. This is exactly what I want for users being able to show proof etc.

Is there still no fix? This seems simple enough to implement, adding a few new argument like newInlineRow or any of the other suggestions above would work.

Looks good

| 50132  | Ownership cannot be transferred to a bot user                                                                                       |

@here

Why does discord decide to screw up API with slash commands? The system is just terrible. Bring back commands via msgs.