# Frequently Asked Questions
URL: /faq
Quick answers to common OnlyFans API questions about authentication, security, rate limits, fan analytics, webhooks, and integration best practices.
***
title: Frequently Asked Questions
description: "Quick answers to common OnlyFans API questions about authentication, security, rate limits, fan analytics, webhooks, and integration best practices."
-------------------------------------------------------------------------------------------------------------------------------------------------------------------
import { Accordion, Accordions } from 'fumadocs-ui/components/accordion';
## API Capabilities & Features
Yes, our API fully supports reading and sending messages. Refer to our [List Chats](/api-reference/chats/listChats) and [Send Message](/api-reference/chats/sendMessage) endpoints for more details.
Image generation is not natively supported at this time. However, we recommend third-party solutions like [fanscreator.ai](https://fanscreator.ai) for this functionality.
Direct vault uploads aren’t supported by OnlyFans. However, you have a few options:
* **Recommended:** Upload media exactly when and where it needs to be posted — for example, directly to a post, message, or scheduled post — instead of preloading it into the vault. This keeps your workflow simple and avoids unnecessary steps.
* If you still want to store media in the vault ahead of time, you can:
* Upload media using our [OnlyFans CDN upload](/api-reference/media/uploadMediaToTheOnlyFansCDN) endpoint.
* [Create a post](/api-reference/posts/sendPost) with the media, then delete it immediately - the media will remain in your vault
* Use our [Send Message](/api-reference/chats/sendMessage) endpoint to include the media in a message, then delete the message — again, the media will stay in your vault.
Yes! Many customers successfully use tools like [n8n](https://n8n.io) and [Supabase](https://supabase.com) for faster development and deployment.
You're likely missing the account prefix.
* ❌ Wrong: `/api/fans/active`
* ✅ Correct: `/api/acct_XXXXXXXX/fans/active`
## Security & Safety
Yes, absolutely. We have a 5-year track record with:
* Zero accounts banned
* Zero accounts red-flagged
* Enterprise-grade security measures
Your security is our priority:
* All passwords and cookies are hashed in our database
* We use OpenSSL with AES-256-CBC encryption
* All data is signed with MAC (Message Authentication Code)
We implement robust proxy protection:
* Each connected account gets a dedicated IP address
* Public endpoints use rotating residential proxies
* This prevents detection and ensures account safety
For more information, refer to our dedicated [proxies guide](introduction/essentials/proxies).
## API Stability & Performance
Our API infrastructure includes:
* Web Application Firewall (WAF)
* Proxy management
* Built-in rate limiting
* No stability issues reported to date
Check our real-time status at: [status.onlyfansapi.com](https://status.onlyfansapi.com)
Website updates have minimal impact:
* Downtime only occurs if OnlyFans itself is down
* We typically adapt to changes within minutes
* No extended service interruptions
## Rate Limiting & Best Practices
**Recommended approach:** Implement exponential backoff
1. When you receive a 429 error, wait 1 second
2. If it happens again, double the wait time (2s → 4s → 8s)
3. Continue up to a maximum wait time
4. Use queuing systems like AWS SQS, Laravel Queues, or Ruby Sidekiq
Email us at [hello@onlyfansapi.com](mailto:hello@onlyfansapi.com) for code examples.
Rate limits are documented in our [Rate Limits](/introduction/essentials/rate-limits) guide.
## API Keys Management
**Best practice:** One API key per service/integration
* Create separate keys for different features
* Assign dedicated keys to external developers
* This improves security and tracking
No, you can create as many API keys as you want, regardless of your subscription plan.
Yes, a single API key can access all available endpoints.
## Account Authentication & Management
**Through our [Console](https://app.onlyfansapi.com):**
1. Go to Dashboard -> Accounts
2. Find the relevant account
3. Click on the Account ID to copy it
**Through our API:**
1. Call our [List Accounts](/api-reference/account/listAccounts) endpoint
2. The response includes the account ID in the `id` field
OnlyFans API account IDs **always** start with `acct_`
Always use the format: `acct_XXXXXXXX`
* Include the `acct_` prefix
* Endpoint URL example: `https://app.onlyfansapi.com/api/acct_abc123/chats`
Yes! Use these endpoints for authentication:
* [Start Authentication](/api-reference/connect-onlyfans-account/startAuthentication)
* [Poll Authentication Status](/api-reference/connect-onlyfans-account/pollAuthenticationStatus)
* Optionally, [Submit 2FA](/api-reference/connect-onlyfans-account/submit2FA)
Use our [Get Current Account](/api-reference/account/getCurrentAccount) endpoint to retrieve the authenticated account details.
No need to use our UI - integrate these endpoints directly with your platform.
## Fan Data & Analytics
This is normal behavior:
* Chat lists return immediately
* Fan details are scraped in the background (usually takes 2-3 seconds)
Either call our [Get User Details](/api-reference/users/getUserDetails) endpoint, or retry the original endpoint after 10 seconds.
Use the lastSeen field from our [Get Profile Details](/api-reference/public-profiles/getProfileDetails) or [Get User Details](/api-reference/users/getUserDetails) endpoints. If the `lastSeen` value is recent, the fan is likely online.
```json
{
"lastSeen": "2025-05-01T15:01:07+00:00"
...
}
```
[-> Read more about caching](/introduction/essentials/response-structure#cache-control)
There's two options available:
* **Calculate manually:** Use `subscribedOnData.subscribeAt` on endpoints like [List Active Fans](/api-reference/fans/listActiveFans) or [Get User Details](/api-reference/users/getUserDetails).
* **Human-readable format:** Use `subscribedOnData.duration` (e.g., "3 months")
Access comprehensive spending data through these fields:
| Field | Description |
| ---------------- | ------------------------------ |
| `totalSumm` | Combined total of all spending |
| `subscribesSumm` | Total spent on subscriptions |
| `tipsSumm` | Total spent on tips |
| `messagesSumm` | Total spent on paid messages |
| `postsSumm` | Total spent on paid posts |
| `streamsSumm` | Total spent on streams |
* [Get User Details](/api-reference/users/getUserDetails)
* [List Active Fans](/api-reference/fans/listActiveFans)
Sadly, OnlyFans doesn't store language preferences. Workaround:
1. Fetch chat messages from the fan
2. Use a third-party language detection API
3. Store the detected language in your database
No direct endpoint exists, but you can:
1. Retrieve chat messages using the [List ChatMessage](/api-reference/chats/listChatMessage) endpoint
2. Check if `isOpened = true` AND `price > 0`, which indicates a purchased PPV
## Webhooks & Media Handling
* 📚 Documentation: [docs.onlyfansapi.com/webhooks](/webhooks)
* 🎥 Video Demo: [cap.so/s/p2wfkj072yt2x96](https://cap.so/s/p2wfkj072yt2x96)
When `"isReady": false`, the media is still processing.
**Solution:**
1. Get the chat ID from the webhook
2. Poll the [List ChatMessage](/api-reference/chats/listChatMessage) endpoint every 10-20 seconds
3. Wait for `"isReady": true`
4. The URL will then be available
**Alternatively:** Scrape and store vault content internally for reverse searching by media ID, once the media is ready.
Yes, you can use webhooks with no-code tools like Make, n8n or Zapier. Just set up a webhook listener in your tool and configure it to receive data from our API.
We have most webhook events available as Make and Zapier modules, which you can find in our [Make](/integrations/make/available-modules#instant-triggers) and [Zapier](/integrations/zapier/available-modules#instant-triggers) directories.