How to login with token discord

Discord bot how to login with personal account token with Node.js?

This source code work normally with token bot i want to login with personal account token what should i use or do?

2 Answers 2

Trending sort

Trending sort is based off of the default sorting method — by highest score — but it boosts votes that have happened recently, helping to surface more up-to-date answers.

It falls back to sorting by highest score if no posts are trending.

Switch to Trending sort

They have removed support for user token (self bot) from discord.js in v12 and looking at the commit they have removed quite a lot from the package.

After digging a bit in the discord.js package found a way where you can overwrite this functionality by doing.

This will remove the prefix bot when making a call to discord gateway and client will connect successfully.

This is purely for educational purpose and should be used responsibly.

P.s They are going to modify some other stuff too in the apis to make it impossible.

Unfortunately, Discord doesn’t support this kind of use and actually forbids it. This is mostly related to the Security and Regulation of the users and the usage of the API:

You can read about it here.

The question regarding «self bots» has come up here and there, and we’d like to make our stance clear:

Discord’s API provides a separate type of user account dedicated to automation, called a bot account. Bot accounts can be created through the applications page, and are authenticated using a token (rather than a username and password). Unlike the normal OAuth2 flow, bot accounts have full access to all API routes without using bearer tokens, and can connect to the Real Time Gateway. Automating normal user accounts (generally called «self-bots») outside of the OAuth2/bot API is forbidden, and can result in an account termination if found.

m-Phoenix852 / discord-token-logger.js

This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode characters

rfwn commented Apr 24, 2022

works. 4/2022 (non mfa token)

YeetusBaboon commented Apr 26, 2022

clevef commented Apr 29, 2022

Uncaught TypeError: document.body.appendChild(. ) is undefined

991cz commented Apr 30, 2022

It is still working? For some reason, it don’t work for me

come discord I’ll explain u cz#9999

githubcommonid commented May 8, 2022

I don’t think this is an issue of not pasting the code correctly since that’s a task everyone should be able to do, many people get the same 401 error message, I read somewhere that this might be a firewall blocking the log in, I have the same issues, did anybody fix it?

bytixo commented May 8, 2022

I don’t think this is an issue of not pasting the code correctly since that’s a task everyone should be able to do, many people get the same 401 error message, I read somewhere that this might be a firewall blocking the log in, I have the same issues, did anybody fix it?

401 == Invalid Token, the script is working fine the issue is on your end

githubcommonid commented May 10, 2022

Well I was just testing this by my own, and I used my own token that I copied just a few seconds before I tried to log in with it, while I was logged in on web, under the application tab in the dev-tools. I am pretty sure that is the most valid way to get your token, since you are literally logged in with it

mothervoid commented May 13, 2022

Is there any way to reset the password of an account you’re logged into? Lost my 2FA account and can’t remember my password to look at backup codes, and of course discord is no help at all even though I can provide proof I own the account — 🙂 so I’m basically a crash away from losing my account.

bruhub912 commented May 14, 2022

Is there any way to reset the password of an account you’re logged into? Lost my 2FA account and can’t remember my password to look at backup codes, and of course discord is no help at all even though I can provide proof I own the account — 🙂 so I’m basically a crash away from losing my account.

whats why you can download them

mothervoid commented May 14, 2022

Is there any way to reset the password of an account you’re logged into? Lost my 2FA account and can’t remember my password to look at backup codes, and of course discord is no help at all even though I can provide proof I own the account — 🙂 so I’m basically a crash away from losing my account.

whats why you can download them

I was dumb and didn’t do it when I set up 2FA, assumed I’d probably never need it. And now of course I can’t look at or download them without my password — that I can’t seem to remember :’)

Moomoomankers commented May 19, 2022

Does it still work? It keeps saying «invalid» with no code before or after whenever I try, could anyone help me out?

crowwd commented May 26, 2022

you could just change your token in your local storage and refresh

its-pablo commented Jul 2, 2022

i believe webpack pushed an update and your token is no longer in localstorage, can anyone confirm?

Hynes1154 commented Jul 3, 2022

@its-pablo believe so too, it says version nine or smth and has a red code, build weird since i could get thee token but could not use to login

Hynes1154 commented Jul 3, 2022

waiting on any new methods.

crowwd commented Jul 4, 2022

i believe webpack pushed an update and your token is no longer in localstorage, can anyone confirm?

its-pablo commented Jul 5, 2022 •

@crowwd lmao i must be stupid how did i not see it sorry lol

Aking54 commented Jul 6, 2022

crowwd commented Jul 7, 2022

did you managed to edit it and save in the token field?

its-pablo commented Jul 7, 2022

This script helps you log in as a user, not as a bot.

Aking54 commented Jul 7, 2022 •

@crowwd yeah I even tried with 3 tokens, I save the token and then refresh but it really does not seem to work (Sometimes it puts me back on the login page after the refresh). If you’re willing to help, that’s my discord : Pascal#2895
Really sorry for the inconvenience (and sorry for the bad english too)

How to Log in to Discord With a Token

If you have a Discord token, you can log in to Discord with it.

This is because your token acts as your login information (email address and password).

If you have someone else’s Discord token, you can also log in to their account with it.

Because it’s so simple, there are many phishing scams online that involve fake Nitro gift links.

This includes websites resembling the official Discord website.

The goal of these websites is to trick people into giving away their login information or scanning a QR code.

In this guide, you’ll learn whether you can log in to Discord with a token, how to log in to Discord with a token, and whether people can steal your token.

Can you log in to Discord with a token?

Yes, you can log in to Discord with a token.

To log in to your Discord account with a token, you must first copy your Discord token.

If someone else has your token, they can also log in to your account with it.

Hence, you should never share your Discord token with anyone.

Otherwise, they’ll have full access to your Discord account.

Can people steal your Discord token?

Yes, people can steal your Discord token.

There are a lot of phishing scams online.

These scams involve a website that resembles the official Discord website.

The website will ask you to enter your login information or your Discord token.

If you do, your account will be hacked and fraudulent links will be sent to your friends.

How to log in to Discord with a Token

To log in to Discord with a token, you need to copy your token and open Discord in your browser.

Secondly, press “CTRL” + “SHIFT” + “I” to open the developer tools and click on “Console”.

In the console, you need to paste a code and replace ‘PASTE TOKEN HERE’ with your token.

Lastly, press “Enter” to log in to your Discord account with your token.

This is useful if you don’t know your Discord email address or password.

Here’s how to log in to Discord with a token:

1. Open Discord in your browser

Before you can log in to Discord with your token, you need to copy it.

If you already have a Discord token, go to the Discord website.

Once you’re on the Discord website, you’ll see a couple of buttons.

This includes “Download for Windows” and “Open Discord in your browser”.

Click on “Open Discord in your browser” to open the browser version of Discord.

Unfortunately, you won’t be able to log in to Discord with a token if you’re using the Discord mobile app (iPhone/Android).

2. Press “CTRL” + “SHIFT” + “I”

After you’ve clicked on “Open Discord in your browser”, you’ll land on the login page of Discord.

Now, you need to open the developer tools.

This is because you need to use the Discord console.

To open the developer tools, press “CTRL” + “SHIFT” + “I” on your keyboard.

3. Click on “Console”

After you’ve pressed “CTRL” + “SHIFT” + “I”, the developer tools will open.

At the top of the developer tools, you’ll see multiple tabs.

This includes “Elements”, “Console”, “Sources”, and more.

Click on “Console” to go to the Discord console.

4. Paste the code and replace ‘PASTE TOKEN HERE’ with your token

After you’ve clicked on “Console”, the Discord console will open.

Firstly, you need to copy this code (this is simply a function to log in to a Discord account with a token):

Under the console, you’ll see a text field where you can type things.

After you’ve copied the code above, paste it into the text field under the console (yes, this is safe!).

Now, you need to replace ‘PASTE TOKEN HERE’ with your token.

For example, if your token is “1234abcd”, you need to replace ‘PASTE TOKEN HERE’ with ‘1234abcd’ (without removing the quotation marks).

Lastly, press “Enter” to log in to your Discord account.

5. You’ve successfully logged in!

After you’ve replaced ‘PASTE TOKEN HERE’ with your token and pressed “Enter”, you’ll be automatically logged in to your Discord account.

You don’t have to enter your email address or password.

You might not even need to complete a 2-step verification.

Now, close the developer tools and use Discord!

Conclusion

Beware of Discord phishing scams!

If someone asks you to share your Discord token with them, do not do it.

Discord staff will never ask you for your token.

Unfortunately, many users fell prey to token scams.

If you are one of them, you need to change your Discord password immediately.

In addition, you can contact Discord support for help.

How to login with token discord

Copy raw contents

OAuth2 enables application developers to build applications that utilize authentication and data from the Discord API. Within Discord, there are multiple types of OAuth2 authentication. We support the authorization code grant, the implicit grant, client credentials, and some modified special-for-Discord flows for Bots and Webhooks.

The first step in implementing OAuth2 is registering a developer application and retrieving your client ID and client secret. Most people who will be implementing OAuth2 will want to find and utilize a library in the language of their choice. For those implementing OAuth2 from scratch, please see RFC 6749 for details. After you create your application with Discord, make sure that you have your client_id and client_secret handy. The next step is to figure out which OAuth2 flow is right for your purposes.

These are a list of all the OAuth2 scopes that Discord supports. Some scopes require approval from Discord to use. Requesting them from a user without approval from Discord may cause errors or undocumented behavior in the OAuth2 flow.

info guilds.join and bot require you to have a bot account linked to your application. Also, in order to add a user to a guild, your bot has to already belong to that guild.

State and Security

Before we dive into the semantics of the different OAuth2 grants, we should stop and discuss security, specifically the use of the state parameter. Cross-site request forgery, or CSRF, and Clickjacking are security vulnerabilities that must be addressed by individuals implementing OAuth. This is typically accomplished using the state parameter. state is sent in the authorization request and returned back in the response and should be a value that binds the user’s request to their authenticated state. For example, state could be a hash of the user’s session cookie, or some other nonce that can be linked to the user’s session.

When a user begins an authorization flow on the client, a state is generated that is unique to that user’s request. This value is stored somewhere only accessible to the client and the user, i.e. protected by the same-origin policy. When the user is redirected, the state parameter is returned. The client validates the request by checking that the state returned matches the stored value. If they match, it is a valid authorization request. If they do not match, it’s possible that someone intercepted the request or otherwise falsely authorized themselves to another user’s resources, and the request should be denied.

While Discord does not require the use of the state parameter, we support it and highly recommend that you implement it for the security of your own applications and data.

Authorization Code Grant

The authorization code grant is what most developers will recognize as «standard OAuth2» and involves retrieving an access code and exchanging it for a user’s access token. It allows the authorization server to act as an intermediary between the client and the resource owner, so the resource owner’s credentials are never shared directly with the client.

Authorization URL Example

Redirect URL Example

code is now exchanged for the user’s access token by making a POST request to the token URL with the following parameters:

Access Token Exchange Example

You can also pass your client_id and client_secret as basic authentication with client_id as the username and client_secret as the password. In response, you will receive:

Access Token Response

Having the user’s access token allows your application to make certain requests to the API on their behalf, restricted to whatever scopes were requested. expires_in is how long, in seconds, until the returned access token expires, allowing you to anticipate the expiration and refresh the token. To refresh, make another POST request to the token URL with the following parameters:

Refresh Token Exchange Example

The implicit OAuth2 grant is a simplified flow optimized for in-browser clients. Instead of issuing the client an authorization code to be exchanged for an access token, the client is directly issued an access token. The URL is formatted as follows:

Authorization URL Example

Redirect URL Example

There are tradeoffs in using the implicit grant flow. It is both quicker and easier to implement, but rather than exchanging a code and getting a token returned in a secure HTTP body, the access token is returned in the URI fragment, which makes it possibly exposed to unauthorized parties. You also are not returned a refresh token, so the user must explicitly re-authorize once their token expires.

Client Credentials Grant

You can specify scopes with the scope parameter, which is a list of OAuth2 scopes separated by spaces:

info Team applications are limited to the identify and applications.commands.update scope, because teams are not bound to a specific user.

Client Credentials Token Request Example

In return, you will receive an access token (without a refresh token):

Client Credentials Access Token Response

So, what are bot accounts?

Bot vs User Accounts

Discord’s API provides a separate type of user account dedicated to automation, called a bot account. Bot accounts can be created through the applications page, and are authenticated using a token (rather than a username and password). Unlike the normal OAuth2 flow, bot accounts have full access to most API routes without using bearer tokens, and can connect to the Real Time Gateway. Automating normal user accounts (generally called «self-bots») outside of the OAuth2/bot API is forbidden, and can result in account termination if found.

Bot accounts have a few differences in comparison to normal user accounts, namely:

Bot Authorization Flow

Bot authorization is a special server-less and callback-less OAuth2 flow that makes it easy for users to add bots to guilds. The URL you create looks similar to what we use for full stack implementation:

Bot Auth Parameters

Additionally, if your bot provides Application Commands, you can add applications.commands to the URL’s scopes, so that commands will be available in the guild.

When the user navigates to this page, they’ll be prompted to add the bot to a guild in which they have proper permissions. On acceptance, the bot will be added. Super easy!

If you happen to already know the ID of the guild the user will add your bot to, you can provide this ID in the URL as a guild_id=GUILD_ID parameter. When the authorization page loads, that guild will be preselected in the dialog if that user has permission to add the bot to that guild. You can use this in conjunction with the parameter disable_guild_select=true to disallow the user from picking a different guild.

If your bot is super specific to your private clubhouse, or you just don’t like sharing, you can leave the Public Bot option unchecked in your application’s settings. If unchecked, only you can add the bot to guilds. If marked as public, anyone with your bot’s URL can add it to guilds in which they have proper permissions.

Advanced Bot Authorization

Extended Bot Authorization Access Token Example

Two-Factor Authentication Requirement

For bots with elevated permissions (permissions with a * next to them), we enforce two-factor authentication on the owner’s account when added to guilds that have server-wide 2FA enabled.

Discord’s webhook flow is a specialized version of an authorization code implementation. In this case, the scope querystring parameter needs to be set to webhook.incoming :

Webhook Token Response Example

Any user that wishes to add your webhook to their channel will need to go through the full OAuth2 flow. A new webhook is created each time, so you will need to save the token and id. If you wish to send a message to all your webhooks, you’ll need to iterate over each stored id:token combination and make POST requests to each one. Be mindful of our Rate Limits!

Get Current Bot Application Information % GET /oauth2/applications/@me

Returns the bot’s application object.

Get Current Authorization Information % GET /oauth2/@me

Returns info about the current authorization. Requires authentication with a bearer token.

Как войти в Discord с токеном

Если у вас есть токен Discord, вы можете войти в Discord с его помощью.

Это потому, что ваш токен acts as your login information (адрес электронной почты и пароль).

Если у вас есть чужой токен Discord, вы также можете войти в его учетную запись с его помощью.

Потому что это так просто, Есть много phishing scams online которые включают поддельные подарочные ссылки Nitro.

Сюда входят веб-сайты, похожие на официальный сайт Discord.

Цель этих веб-сайтов — заставить людей выдать свою регистрационную информацию или отсканировать QR-код.

В этом руководстве вы узнаете, можете ли вы войти в Discord с помощью токена, как войти в Discord с помощью токена и могут ли люди украсть ваш токен.

Можно ли войти в Discord с токеном?

Да, вы можете войти в Discord с токеном.

Чтобы войти в свою учетную запись Discord с помощью токена, вы должны сначала скопировать свой токен Discord.

Если у кого-то есть ваш токен, он также может войти в вашу учетную запись с его помощью.

Следовательно, вы должны never share your Discord token кто-нибудь.

В противном случае они будут иметь полный доступ к вашей учетной записи Discord.

Могут ли люди украсть ваш токен Discord?

Да, люди могут украсть ваш токен Discord.

В сети очень много фишинга.

Эти мошенничества связаны с веб-сайтом, который resembles the official Discord website.

Веб-сайт попросит вас ввести данные для входа или токен Discord.

Если вы это сделаете, ваша учетная запись будет взломана, а вашим друзьям будут отправлены мошеннические ссылки.

Как войти в Discord с токеном

Чтобы войти в Discord с токеном, вам нужно скопировать свой токен и открыть Discord в браузере.

Во-вторых, нажмите CTRL + SHIFT + I чтобы открыть инструменты разработчика и нажмите Console.

В консоли вам нужно вставить код и заменить «ВСТАВИТЬ ТОКЕН ЗДЕСЬ» своим токеном.

Наконец, нажмите Enter чтобы войти в свою учетную запись Discord с помощью своего токена.

Это полезно, если вы не знаете свой адрес электронной почты или пароль Discord.

Вот как log in to Discord with a token:

1. Откройте Discord в своем браузере.

Прежде чем вы сможете войти в Discord с помощью своего токена, вам необходимо его скопировать.

Если у вас уже есть токен Discord, перейдите на Дискорд-сайт.

Как только вы окажетесь на сайте Discord, вы увидите пару кнопок.

Это включает в себя Download for Windows и Open Discord in your browser.

Нажмите на Open Discord in your browser чтобы открыть браузерную версию Discord.

К сожалению, вы не сможете войти в Discord с токеном, если используете мобильное приложение Discord (iPhone/Android).

2. Нажмите CTRL + SHIFT + I

После того, как вы нажали на Open Discord in your browser, вы попадете на страницу входа в Discord.

Теперь вам нужно открыть инструменты разработчика.

Это потому, что вам нужно использовать консоль Discord.

Чтобы открыть инструменты разработчика, нажмите CTRL + SHIFT + I на вашей клавиатуре.

3. Нажмите Console

После того, как вы нажали CTRL + SHIFT + I, откроются инструменты разработчика.

В верхней части инструментов разработчика вы увидите несколько вкладок.

Это включает в себя Elements, Console, Sources, и больше.

Нажмите на Console чтобы перейти в консоль Discord.

4. Вставьте код и замените «ВСТАВИТЬ ТОКЕН ЗДЕСЬ» своим токеном.

После того, как вы нажали на Console, откроется консоль Discord.

Во-первых, вам нужно copy this code (это просто функция для входа в учетную запись Discord с токеном):

Под консолью вы увидите текстовое поле, в которое вы можете вводить текст.

После того, как вы скопировали приведенный выше код, вставьте его в текстовое поле под консолью (да, это безопасно!).

Теперь вам нужно replace ‘PASTE TOKEN HERE’ with your token.

Например, если ваш токен 1234abcd, вам нужно заменить «ВСТАВИТЬ ТОКЕН ЗДЕСЬ» на «1234abcd» (не удаляя кавычки).

Наконец, press Enter чтобы войти в свою учетную запись Discord.

5. Вы успешно вошли в систему!

После того, как вы заменили «ВСТАВИТЬ ТОКЕН ЗДЕСЬ» своим токеном и нажали Enter, ты будешь automatically logged in на свой дискорд-аккаунт.

Вам не нужно вводить свой адрес электронной почты или пароль.

Возможно, вам даже не потребуется проходить двухэтапную аутентификацию.

Теперь закройте инструменты разработчика и используйте Discord!

Вывод

Остерегайтесь фишинга Discord!

Если кто-то попросит вас поделиться с ним своим токеном Discord, не делайте этого.

Персонал Discord никогда не попросит у вас ваш токен.

К сожалению, многие пользователи стали жертвами мошенничества с токенами.

Если вы один из них, вам нужно change your Discord password немедленно.

Кроме того, вы можете обратиться за помощью в службу поддержки Discord.