I'm adding a feature to lichess-bot that would allow users to refuse games against accounts they block and ToS violators. However, when this information is queried from the /api/user/{username} access point, the blocking and tosViolation fields are missing. According to the first comment in issue #159, these fields "never appear in a response to a unauthenticated request." I've tried making tokens with bot:play and web:login scopes, but these don't work. A comment on discord says that OAuth tokens are not sufficient authentication for these values.
ornicar
commented
2 years ago
I'm adding a feature to lichess-bot that would allow users to refuse games against accounts they block and ToS violators. However, when this information is queried from the
/api/user/{username}access point, theblockingandtosViolationfields are missing. According to the first comment in issue #159, these fields "never appear in a response to a unauthenticated request." I've tried making tokens withbot:playandweb:loginscopes, but these don't work. A comment on discord says that OAuth tokens are not sufficient authentication for these values.