API

vibli uses internal JSON endpoints for web actions and can expose documented integrations as the platform grows.

Current API behavior

The current application API is available through api.php and is primarily intended for the first-party web interface.

Requests that change data require a signed-in user and a valid CSRF token. Unauthenticated requests are rejected except for public search behavior.

Examples of internal actions

Supported actions include liking posts, creating comments, updating privacy, saving profile theme color, creating posts, handling video chunks, and forwarding content.

Responses are JSON objects with an ok flag and, when needed, a message or updated values for the interface.

Future public API

A public developer API should use token-based authentication, strict rate limits, scoped permissions, and separate documentation before third-party use.