Skip to main content
Social Accounts

Connect

Initiate an OAuth flow to connect a social media account.

Tip — bind to a profile first: creating a profile before this step is optional, but if you want your backend to know exactly which integration was just connected, create one and save the returned profile.id — then pass it as ?profileId= below. After OAuth completes, list /v1/connect/integrations?profileId=... and you get only that user's integration. Without a profile the connect flow still works exactly as before.

Endpoint

GET https://api.postpeer.dev/v1/connect/{platform}

Path Parameters

ParameterTypeDescription
platformstringPlatform to connect: "twitter", "youtube", "tiktok", "facebook", "threads", "pinterest", or "linkedin"
*More coming soon

Query Parameters

ParameterTypeRequiredDescription
redirectUristringNoURL to redirect the user to after successful connection
profileIdstringNoBind the resulting integration to a profile. Useful when your backend needs to know which integration was just created — list /v1/connect/integrations?profileId=... afterwards to find it.

Example

curl "https://api.postpeer.dev/v1/connect/twitter" \
  -H "x-access-key: YOUR_API_KEY"

With redirect:

curl "https://api.postpeer.dev/v1/connect/twitter?redirectUri=https://yourapp.com/connected" \
  -H "x-access-key: YOUR_API_KEY"

Response

{
  "url": "https://twitter.com/i/oauth2/authorize?response_type=code&client_id=..."
}

Redirect the user to the returned url. After they authorize on the platform, PostPeer's callback handles the token exchange and stores the connection. If redirectUri was provided, the user is redirected there after a successful connection.

How It Works

  1. Your app calls GET /v1/connect/{platform} to get an OAuth URL
  2. Redirect the user to that URL (or open it in a new tab)
  3. The user authorizes on the platform (Twitter, YouTube, etc.)
  4. The platform redirects to PostPeer's callback
  5. PostPeer exchanges the code for tokens and stores them encrypted
  6. If redirectUri was set, the user is redirected back to your app

Bluesky: App Password Flow

Bluesky doesn't use OAuth redirects. The end user generates an App Password at https://bsky.app/settings/app-passwords and submits it once via a separate POST endpoint:

curl -X POST https://api.postpeer.dev/v1/connect/bluesky/auth \
  -H "x-access-key: YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "identifier": "alice.bsky.social",
    "password":   "xxxx-xxxx-xxxx-xxxx"
  }'

identifier is the user's handle or DID; password must be an app password, not the account password. The response includes the integration object — use integration.id as accountId when posting. See the Bluesky platform docs for full details.

Status Codes

CodeMeaning
200OAuth URL generated
403Platform not available
500Platform credentials not configured

Delete

Soft-delete a profile. Existing integrations bound to it keep their profileId.

List

Retrieve all social accounts connected to your project.

On this page

Endpoint
Path Parameters
Query Parameters
Example
Response
How It Works
Bluesky: App Password Flow
Status Codes