mixv2 / epicresearch Goto Github PK
View Code? Open in Web Editor NEWResearch about Epic Games' non-documented API
Research about Epic Games' non-documented API
I am making a fortnite bot and I am trying to figure out what this does, Can someone explain?
I searched this repository but couldn't find anything, so how do I use it.
Which endpoint do I need to use? What has to be in the header and what has to be in the body of the request?
I saw a lot of discord bots doing it, they have a endpoint to use. Is there any way how to get it?
I'd like to join the community but the discord link is expired/invalid.
https://github.com/MixV2/EpicResearch/blob/master/docs/auth/grant_types/exchange_code.md
"Send a GET request to https://account-public-service-prod.ol.epicgames.com/account/api/oauth/exchange with a valid Authorization header"
What do I have to use in the Authorization header?
Mainly I want this for Fortnite stuff
Hey, im trying to get the cosmetics and some info player using the QueryProfile, I use Node.JS and axios. My code is:
let head = {
'Content-Type': 'application/json',
'Authorization': `bearer ${res.data.access_token}` //<- Here i use the access_token previously defined
}
//I think data is not necessary but I use it too
let data = {
'grant_type': 'authorization_code',
'code': code
}
let res3 = await axios.post(`https://fortnite-public-service-prod11.ol.epicgames.com/fortnite/api/game/v2/profile/${res.data.account_id}/client/QueryProfile?profileId=athena&rvn=-1`, head, data).catch(e => console.log(e))
console.log(res3.data)```
The error is: 401
Epic Games changed the exchange code authentication from GET
request on https://www.epicgames.com/id/api/exchange to POST
request on https://www.epicgames.com/id/api/exchange/generate.
So you should probably update your notes.
nothing
Hello, which api can get user's game list and play duration? Please!
get cosmetics from account
Dear MixV2,
there was an issue I faced and I hope that you can help me further. After setting the creator for an account to be used in item shop, I gifted a few things and it didn't apply to the creator code panel. I thought it would work and anybody can support a creator (doesn't matter where he live, because the other account was set to another region) but it didn't work actually. I thought we might be missing one property in giftCatagory, would it be possible?
Thank you in advance and stay safe
With best regards
Mahdi
Hey!
Recently Fortnite stopped request more DailyQuest when I use "ClaimLoginReward", obligating me to sign in mode to get new daily quest
Someone know other mcp that I can also use to refresh/get new DailyQuest, I was investigating to use "RefreshExpeditions" but I don't know what it does or if will help.
Thanks
Ever since Epic started encrypting the in-game memory for Fortnite, the BenBot has been unable to extract the keys from the game, which means the free flow of updated keys posted online by BenBot has stopped. These keys are needed to view all the content of the game, like unreleased weapons, with the software FModel.
One workaround for this would be to directly download the keys from Epic's server. Does anybody here know the official API endpoint for getting Fortnite AES keys, and the exact method to contact this endpoint?
Yea the title said it, I wanna get the endpoint to change the user picture via post/get or whatever.
I have done a research about the meaning of "MCP" and I have only found an Epic Games post and an Unreal Tournament bug.
I have also visited this page, which says that there is a DefaultPlatformService entry, in Unreal Engine, which is set by default to "MCP"
check if email is registered
When I try to use token to token I get the error message {"errorCode":"errors.com.epicgames.common.oauth.unauthorized_client","errorMessage":"Sorry your client is not allowed to use the grant type token_to_token","messageVars":[],"numericErrorCode":1015,"originatingService":"com.epicgames.account.public","intent":"prod","error_description":"Sorry your client is not allowed to use the grant type token_to_token","error":"unauthorized_client"}
. I am using the right acces token so I don't know why this is happening.
Im trying to get this https://account-public-service-prod.ol.epicgames.com/account/api/public/account/6c34056253a84d269063194d7a69560d/ but it just tells me Authentication failed. I dont wanna put my password in and stuff bc then itll say all the other stuff. You did say you can just get the user but idk how.
Device code getting documentation is pretty empty, it not really helpful. I always get
Authentication failed for /api/oauth/deviceAuthorization
Here the full request
Host: account-public-service-prod03.ol.epicgames.com
Content-Type: application/x-www-form-urlencoded
Content-Length: 29
grant_type=client_credentials
In Auth Clients, the client called graphqlWebsite
has an ID, but its secret is unknown.
Does that mean that I can authenticate neither by authorization code, nor using client credentials, because both methods would require a secret?
Or can I work directly with the authorization code returned by visiting the following URL?
Indeed, I notice that the redirectURL looks like:
So it is enticing to use that XXX code along my queries, but I am not sure whether I would get higher permissions by doing so.
import requests
access_token = "MY_TOKEN"
r = requests.post(
url="https://graphql.epicgames.com/graphql",
json={"query": "{ Catalog { searchStore(count:3, start: 1617) { paging {total} elements {title} } } }"},
headers={"Authorization": f'Bearer {access_token}'},
)
whereas this works, but without any higher permission:
import requests
r = requests.post(
url="https://graphql.epicgames.com/graphql",
json={"query": "{ Catalog { searchStore(count:3, start: 1617) { paging {total} elements {title} } } }"},
)
At the end of the day, my goal would be to figure out the way the Chinese leaker fetched the upcoming free games:
These games were not present in the public database, as can be seen on ScreamDB, so I am very surprised.
or the way the French leaker at dealabs.com achieved roughly the same.
It has to be a different way, because he has access to less data: he is missing the game to be given away on December 30.
Is it possable to unban a user on fortnite with this method? Also can you add rare / unreleased skins to your account. Thanks
Please add friend request
Some documentation on the current register flow with a bit of info on Funcaptcha would be greatly appreciated. Thanks!
When I try to send the request to "ClaimLoginReward", the server returns "ClaimLoginReward is not valid on player:profile_common_public profiles (common_public)". All profiles are common_public, but I know some bots that can claim the daily reward for you. So how do I code that? I am pretty sure that "ClaimLoginReward" is the endpoint for the daily reward
Is there any way to add a creator code to an account so that the purchases of this account supports that creator?
With best regards
Hey there,
after reading the whole documentation I found that I can access really interesting informations about each account, except the vBucks balance of that account. Is there any why to find taht out?
Thanks in advance.
I am trying to authenticate by exchange code. I don't know how to make the authentication header and I am not sure what needs to be in it.
First thanks for putting this research together!
I've been trying all day to work out the generation of the deviceId, via Postman. Your instructions are:
Authenticate yourself with an fortniteIOSGameClient token with your preferred method of authentication.
Call https://account-public-service-prod.ol.epicgames.com/account/api/public/account/{accountId}/deviceAuth with method POST. Your response should look something like:
{
"deviceId": "...",
"accountId": "...",
"secret": "...",
"userAgent": "Any HTTP Client/0.1",
}
So "Authenticate yourself with an fortniteIOSGameClient" - I go to the table later in the document and pull out:
Client Name Client ID Secret
fortniteIOSGameClient 3446cd72694c4a4485d81b77adbb2141 9209d4a5e25a457fb9b07489d313b41a
Using these I login via OAuth:
I then reuse the client ID in the URL for the deviceAuth (X below), and use the generated OAuth token as a bearer token in the authentication of the second request:
The result is:
Sorry your login does not posses the permissions 'account:public:account:deviceAuths CREATE' needed to perform the requested operation
What am I doing wrong?
How do I change the display name of the account thats currently logged in? Via the metadata endpoint or is there something else?
Hey, I'm trying to find a way to query servers and their player's info on another game on ark survival which utilises the Epic Online Services. Is it possible using this approach, and could you advise on how to find the client ID / secret? Thanks
Hey,
Discord invite link has expired, can you update it? Thanks.
Can you make a new invite because the old one is invalid. Thanks
Please can you provide some information regarding endpoints for STW?
Thanks
{
errorCode: 'errors.com.epicgames.modules.profiles.operation_forbidden',
errorMessage: 'Unable to find template configuration for profile commmon_core',
numericErrorCode: 12813,
originatingService: 'fortnite',
intent: 'prod-live'
}
Hey Mix I have worked around Epic Games for 2 years now and I have lots of endpoints and clients that I could add to the repo helping to maintain and bring more information. APIS that have not been found nor available to the public, including private clients for authentication on the EOS servers... Would love to work with you on this repo.
Thanks
Hello,
I am looking for a coder for a advanced Fortnite bot. Looks like you have the skills. Please contact me via email at [email protected]
get_profile = requests.post(f"https://fortnite-public-service-prod11.ol.epicgames.com/fortnite/api/game/v2/profile/{account_id}/client/QueryProfile?profileId=athena&rvn=-1", headers=headers, params={})
i get this problem (title), i want get skins account owner
I was looking around the web and found this repo which can improve my programs exacute time. I am trying for the past 2 days to get an auth code with Authorization Code.
I read the the instructions about 50 times and was still unable to get the auth code.
My question is can you please give an example in some programming language, for example python?
please help i want to use mixHackV2 its broken please help
Do you have any details on the XMPP service build into the Epic Games store?
Would be great to have for this: RareDevs/Rare#93
I guess it would be similar to the Fortnite XMPP service?
¡Hey!
Im trying to get access to the cosmetics of a player, and more info about a player.
I use axios to post to get the access token, the id, and the name.
So, How is the correct endpoint form and post way to get these info?
I tried the classic QueryProfile?profile=athena giving the userID and:
Header = {
'Content-Type' : "xxx-i-form-urlencoded",
'Authorization': Bearer ${access_token}
And no Data or Body (are the same)
But the response of that post is something like Authorization error or invalid.
Please help me!!
Finally solved it, to fix it just concat the access token variable before the use in Authorization, that worked for me.
var access_token= "Bearer ".concat(token);
//Now use it in Authorization
Authorization: access_token
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.