Hikka Docs Hikka Docs

Authentication

How hikka's authentication works

Getting started

Hikka uses token-driven authentication. Before performing authentication requests, you need to obtain a token via OAuth.

Not familiar with OAuth yet?

Don't worry, you can learn how to obtain a token in our OAuth guide

Perform request with authentication

To authorize a request, you must include a valid access token in the auth header.

auth: <access_token>

Here is a couple examples how to perform authenticated request on Watch Add endpoint.

const body = JSON.stringify({
  "status": "completed",
  "score": 10
})

fetch("https://api.hikka.io/watch/chainsaw-man-movie-reze-hen-c4febd", {
  method: "PUT",
  headers: {
    "Content-Type": "application/json",
    "auth": "<access_token>"
  },
  body
})

Make sure the token is obtained via the OAuth flow before making any authenticated requests.

Endpoints behaviour

Some endpoints require authentication.

Some endpoints don't require authentication.

Some endpoints support both authenticated and unauthenticated requests and return different results based on the provided authentication token.

Here is an example of the response for the Anime catalog endpoint

{
    "list": [
        {
            "data_type": "anime",
            "media_type": "tv",
            "title_ua": "Раб спеціального призначення",
            "title_en": "Chained Soldier",
            "title_ja": "Mato Seihei no Slave",
            "episodes_released": 12,
            "episodes_total": 12,
            "image": "https://cdn.hikka.io/content/anime/mato-seihei-no-slave-fe9d7d/X0xZdV8Dg79k5thO-Jx7vw.jpg",
            "status": "finished",
            "native_scored_by": 179,
            "native_score": 6.74,
            "scored_by": 95665,
            "score": 6.85,
            "slug": "mato-seihei-no-slave-fe9d7d",
            "start_date": 1704326400,
            "end_date": 1710979200,
            "created": 1687464181,
            "updated": 1769130181,
            "translated_ua": true,
            "season": "winter",
            "source": "manga",
            "rating": "r_plus",
            "year": 2024,
            "mal_id": 50392,
            "watch": [
                {
                    "note": null,
                    "updated": 1768838003,
                    "created": 1768837751,
                    "status": "completed",
                    "rewatches": 0,
                    "duration": 276,
                    "episodes": 12,
                    "score": 10
                }
            ]
        }
    ],
    "pagination": {
        "total": 1,
        "pages": 1,
        "page": 1
    }
}

Tips

  • The token lifetime is 30 minutes, so you need to refresh it. The best approach is to set up a cron job that makes a Current user profile request every 30 minutes.
  • Do not store raw access tokens in your database. As a best practice, store them encrypted and decrypt them in memory only when needed.

Resources

All available resources used by the Hikka Docs.

Hikka setup

How to setup hikka and hikka-next locally

On this page

Getting startedPerform request with authenticationEndpoints behaviourTips