Tried to use several different API endpoints as described in the link, but they all return 403 with a cloudflare “Just a moment…” html reply. Even tried copying an existing jwt token from a working logged-in browser but the same thing still happens.
Any idea what I could be doing wrong?
curl -v --request POST \
--url https://programming.dev/api/v3/user/login \
--header 'accept: application/json' \
--header 'content-type: application/json' \
--data '{"username_or_email": "redacted", "password": "redacted"}'
...
< HTTP/2 403
...
<!DOCTYPE html><html lang="en-US"><head><title>Just a moment...</title>
...
I have no knowledge of this specific issue but 403 means unauthorized and the “Just a moment” response is usually because the server sends a JavaScript challenge to verify that you are a ‘real’ browser/user. It’s an anti bot verification and you’re not passing.
yes but this defeats the whole point of allowing bots on lemmy in the first place.