youtube-studio icon indicating copy to clipboard operation
youtube-studio copied to clipboard

Published 20 hours ago verified publisher icon adasq

New method to resolve sessionToken

Open kfsboss opened this issue 2 years ago • 10 comments

Header: x-origin: https://studio.youtube.com Authorization: [Replace Your SAPISIDHASH] Content-Type: application/json Cookie: [Replace Your Cookie]

1: POST https://studio.youtube.com/youtubei/v1/security/get_web_reauth_url?alt=json&key=$KEY

Data: { "context": { "client": { "clientName": 62, "clientVersion": "1.20220711.03.00", "hl": "en", "gl": "US", }, }, "continueUrl": "https://studio.youtube.com/reauth", "flow": "REAUTH_FLOW_YT_STUDIO_COLD_LOAD", "ivctx": "[Replace Your !!! [ivctx] !!! Required]" }

[encodedReauthProofToken] get the Responses [sessionRiskCtx] get the Responses

2: POST https://studio.youtube.com/youtubei/v1/ars/grst?alt=json&key=$KEY

Data: { "context": { "client": { "clientName": 62, "clientVersion": "1.20220720.01.00", "hl": "en", "gl": "US", }, "request": { "returnLogEntry": true, "internalExperimentFlags": [], "reauthRequestInfo": { "[Replace Your !!! [encodedReauthProofToken] !!! Required]" } }, }, "ctx": "[Replace Your !!! [sessionRiskCtx] !!! Required]" } [sessionToken] get the Responses

// **perfect solution,Data information can be filled in completely if necessary ** example: "user": { "onBehalfOfUser": "[Replace Your UserID]", "delegationContext": { "externalChannelId": "[Replace Your ChannelId@]", "roleType": { "channelRoleType": "CREATOR_CHANNEL_ROLE_TYPE_OWNER" } },

// sessionToken generally expires in seven days, this scheme can automatically obtain new

kfsboss avatar Jul 25 '22 15:07 kfsboss

how can i get botguardResponse data? if i use https://studio.youtube.com/youtubei/v1/att/esr without "botguardResponse", always return wrong ivctx Or other way to get ivctx?

blueveno avatar Jul 27 '22 09:07 blueveno

Thank you both for your input.

That's indeed interesting. I briefly checked it out and it looks like we can generate sessionToken without sending over botGuard details.

The only missing part is ivctx. Need to dig more.

adasq avatar Jul 27 '22 09:07 adasq

sessionToken can got from https://studio.youtube.com/youtubei/v1/att/esr response data, so only how you find the way got exactly botguardResponse. Thank you for your help

blueveno avatar Jul 27 '22 09:07 blueveno

Generating botguardResponse is a tricky part. AFAIR it's generated on the client-side by executing JavaScript (in conjunction with iframes).

I think it'd be easier to get ivctx

adasq avatar Jul 27 '22 10:07 adasq

Why is this method better? If we receive ivctx after we send botGuard?

femtoeu avatar Jul 27 '22 22:07 femtoeu

Hi. Creators, can you make something like "auto generating" of sessionToken? I want to use a lot of accounts and I need to get this sessionToken

Litedown avatar Jul 31 '22 00:07 Litedown

how to get ivctx?

whoisbg avatar Aug 04 '22 18:08 whoisbg

Follow up: we can get ivctx from /esr. The problem is that this API that requires botGuardResponse.

adasq avatar Aug 06 '22 14:08 adasq

Follow up: we can get ivctx from /esr. The problem is that this API that requires botGuardResponse.

So all that's left is to understand how to generate botGuardResponse?

whoisbg avatar Aug 07 '22 12:08 whoisbg

close to the solution guys... let's crack it

ItzmeSwapy avatar Aug 07 '22 23:08 ItzmeSwapy