"self-bots"

[Lolihunter1337]

So i know it got kinda answered already that "self bots" arent allowed. However if i see that right

Automating normal user accounts (generally called "self-bots") outside of the OAuth2/bot API is forbidden

But if the bot behaves only for YOU inside of those api/OAuth2 and does not accept other users input its fine?

[shikhir-arora]

If the bot doesn't behave for you then it's commonly called a "userbot" which is absolutely forbidden and doing this will almost certainly lead to a very quick report/ban.

And yes, even if the bot behaves for you only, as it has been long standing in several official Discord Terms and Policies - any usage of a user token with the bot API's are forbidden, - not condoned and can lead to your account getting banned.

[jagrosh]

Keep in mind that logging in to your account (via a 'user token') is not within the OAuth2 api. Any form of logging in with a user token or email/password is forbidden.

Do you have an example of something that is possible with the OAuth2 api that would involve responding to another user's input?

[Lolihunter1337]

so it is fine. if i use a selfbot which can use like simple stuff... muting a user ( removes permission from him like you go into channel settings and you tick "send messages" to false? or like i use ".textflip and it flips the text?. that beeing said if i use a google custom search api it is also ok since it doesnt interact with Discord´s bot API's ?

Edit: So to be simple ( my explaining is bad ) The "selfbot" just simple minimize the steps i have to do. Muting a user for this channel would take 4/5 steps. the "selfbot" would just do that with a command for me. the "selfbot" has No extra permissions / functions / abilities that me as normal user would have

[Daniel-Worrall]

Selfbot usage of any form is forbidden no matter how simple the tasks it is performing are.

[Vexs]

I don't know why this is so complicated. It's been reiterated, time and time again that selfbots are not kosher. As Jag said, logging in via token or user/pass is outside the OAuth2/bot api, and is thus banned. If this isn't enough for you, here's the FAQ on it.

Your account won't be automatically terminated for using one as of now, however, it's playing with grenades, and your account can be hit without warning or apparent cause, as you have accidentally tripped some unknown criteria for a ban.

[jagrosh]

@Lolihunter1337 OAuth2 api cannot mute a user because it cannot modify permissions. AFAIK editing messages via oauth is also not possible. Can you give an example using the available OAuth2 api? Remember, all OAuth2 actions would be performed using a BOT account's token and an authorized access token for a specific scope.

[Lolihunter1337]

@jagrosh i dont use OAuth2. i use my token which i get from the Discord Client itself. As for the muting. here an example: I use this command ".mute " which end in this output which ends in that result

[jagrosh]

If you're not using OAuth2, then your actions are strictly forbidden.

Additionally, your original question was about using OAuth2:

But if the bot behaves only for YOU inside of those api/OAuth2 and does not accept other users input its fine?

[Lolihunter1337]

@jagrosh i am sorry i just asked in the Dev discord of that bot. it does use Oauth2 sorry D:

[jagrosh]

The command you linked cannot be done via OAuth2, so can you be a bit more specific? Also, if you're getting a token from the Discord client, that is not OAuth2.

[Lolihunter1337]

well the main thing i wanted to be specific is that ( got a littlebit offtopic ). some people say its kinda keyword beeing kinda ok to use them aslong you dont abuse the API. or use them for stuff you wouldnt be able to. as of today is that beeing the case or is it now an instaban reason? But like the 100% save way would be using bots like Nadeko and use them over an Bot account you create on the Discordpage yea?

[jagrosh]

No. Automating client accounts (outside of the OAuth2 api, which is a completely different process and does not involve a 'user token' gotten from the client) is forbidden.

[Vampire]

@Lolihunter1337 I also was confused about the wording "outside the OAuth2 scope" and brought the guys at the DAPI discord nearly to despair with my questions until someone managed to explain it understandably. :-D

If you look at https://discordapp.com/developers/docs/topics/oauth2#shared-resources-oauth2-scopes, you can see exactly which actions are legally doable for a user-account which is a very limited set. And to use it, you have to do the full OAuth dance, having the user you want to act as authorizing you through an OAuth link with a callback that needs to reach your bot.

And just to repeat what others said already, as soon as you get the user-token or use username / password to login, you are doing stuff that is not allowed and I've heard of people that were banned for just sending a simple message this way, so be aware that you can get banned very quickly if you do so.

If you want to mute someone with a command, create a bot that reacts on that command and does the muting for you as himself, not as you.

[Lolihunter1337]

@Vampire i see. thank you very much ^^