Skip to main content
Ayase Quart provides a REST API (v1) for programmatically accessing archive data, managing moderation tasks, and administering users. The API follows the Asagi/FoolFuuka JSON format for board and thread endpoints.

Base URL

All API endpoints are prefixed with /api/v1: 
https://your-domain.com/api/v1

API categories

The API is organized into four main categories:

Archive endpoints

Access board catalogs, threads, and indexes

Authentication

Obtain bearer tokens for authenticated requests

Moderation

Manage reports and moderate content

Administration

Manage users, view configs, and access latest posts

Archive endpoints

These endpoints return JSON data compatible with the Asagi/FoolFuuka format. Authentication is optional but recommended to view reported content.

Get board catalog

GET /api/v1/{board}/catalog.json
Returns all threads on a board organized by page.
board
string
required
Board shortname (e.g., g, tech, a)
Authentication is optional. Authenticated users with moderation privileges can view reported posts.
Example request: 
curl https://your-domain.com/api/v1/g/catalog.json \
  -H "Authorization: bearer YOUR_TOKEN"

Get thread

GET /api/v1/{board}/thread/{thread_id}.json
Returns all posts in a specific thread.
board
string
required
Board shortname
thread_id
integer
required
Thread number (OP post number)
Example request: 
curl https://your-domain.com/api/v1/g/thread/12345678.json \
  -H "Authorization: bearer YOUR_TOKEN"
Response structure:
posts
array
Array of post objects in the thread

Get board index

GET /api/v1/{board}/{page_num}.json
Returns threads on a specific page of the board index.
board
string
required
Board shortname
page_num
integer
required
Page number (0-indexed)
Example request: 
curl https://your-domain.com/api/v1/g/0.json
Response structure:
threads
array
Array of thread objects on the specified page

Moderation endpoints

All moderation endpoints require authentication and appropriate permissions.

Get reports

GET /api/v1/reports
Retrieve reports based on filters. Query parameters:
public_access
string
required
Filter by visibility: v (visible) or h (hidden)
mod_status
string
required
Filter by status: o (open) or c (closed)
page_size
integer
default:"20"
Number of reports per page (max 50)
page_num
integer
default:"0"
Page number (0-indexed)
board_shortnames
string | array
Filter by board(s). Can be a single board or array of boards (max 1-5 characters each)
Required permissions: report_read Example request: 
curl "https://your-domain.com/api/v1/reports?public_access=v&mod_status=o&page_size=20&page_num=0" \
  -H "Authorization: bearer YOUR_TOKEN"

Take action on report

POST /api/v1/reports/{report_parent_id}
Perform a moderation action on a specific report.
report_parent_id
integer
required
ID of the report parent
Request body:
action
string
required
Action to perform: report_delete, post_delete, media_delete, media_hide, media_show, post_show, post_hide, report_close, report_open, report_save_notes
mod_notes
string
Optional moderator notes
Required permissions: report_read Example request: 
curl -X POST https://your-domain.com/api/v1/reports/123 \
  -H "Authorization: bearer YOUR_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "action": "report_close",
    "mod_notes": "Resolved - false positive"
  }'
Response:
msg
string
Success message
error
string
Error message (if status >= 400)

Bulk action on reports

POST /api/v1/reports/bulk
Perform the same action on multiple reports at once. Request body:
action
string
required
Action to perform on all reports
report_parent_ids
array
required
Array of report parent IDs (at least 1 required)
mod_notes
string
Optional moderator notes
Required permissions: report_read Example request: 
curl -X POST https://your-domain.com/api/v1/reports/bulk \
  -H "Authorization: bearer YOUR_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "action": "report_close",
    "report_parent_ids": [123, 456, 789],
    "mod_notes": "Batch closure"
  }'
Response: Returns HTTP 207 (Multi-Status) if reports had mixed results, or a single status code if all succeeded/failed the same way.
results
object
Object mapping report IDs to their individual results with msg and code fields

Administration endpoints

All administration endpoints require authentication and specific admin permissions.

Get latest posts

GET /api/v1/latest
Retrieve the most recent posts across all boards in catalog format. Required permissions: archive_latest_view Example request: 
curl https://your-domain.com/api/v1/latest \
  -H "Authorization: bearer YOUR_TOKEN"

Get configs

GET /api/v1/configs
View moderation configuration settings. Required permissions: archive_configs_view Example request: 
curl https://your-domain.com/api/v1/configs \
  -H "Authorization: bearer YOUR_TOKEN"
Response: Returns an array of configuration key-value pairs:
key
string
Configuration key name
value
any
Configuration value
Available configs: hide_post_if_reported, hide_upstream_deleted_posts, remove_replies_to_hidden_op, regex_filter, path_to_regex_so

List users

GET /api/v1/users
Get all users in the system. Required permissions: user_read

Get user

GET /api/v1/users/{user_id}
Get details for a specific user.
user_id
integer
required
User ID
Required permissions: user_read

Create user

POST /api/v1/users
Create a new user account. Request body:
username
string
required
Username (must not already exist)
password
string
required
Password (will be hashed with scrypt)
is_admin
boolean
required
Whether the user has admin privileges
is_active
boolean
required
Whether the user account is active
permissions
array
Array of permission strings. See Permissions for available values
notes
string
Optional notes about the user
Required permissions: user_create Rate limit: 6 requests per hour

Update user

PUT /api/v1/users/{user_id}
Update an existing user.
user_id
integer
required
User ID to update
Request body:
username
string
required
Username
password_old
string
Current password (required if changing password)
password_new
string
New password
is_admin
boolean
required
Admin status
is_active
boolean
required
Active status
permissions
array
Array of permission strings
notes
string
User notes
Required permissions: user_update
The system enforces that at least one active admin must exist at all times.

Delete user

DELETE /api/v1/users/{user_id}
Delete a user account.
user_id
integer
required
User ID to delete
Required permissions: user_delete
Cannot delete the last active admin user.

Permissions

The following permissions can be assigned to users:
  • user_create - Create new users
  • user_read - View user information
  • user_update - Edit users
  • user_delete - Delete users
  • report_open - Open reports
  • report_close - Close reports
  • report_read - View reports
  • report_update - Update reports
  • report_delete - Delete reports
  • report_save_notes - Save moderator notes
  • post_show - Unhide posts
  • post_hide - Hide posts
  • post_delete - Delete posts
  • media_hide - Hide media files
  • media_show - Unhide media files
  • media_delete - Delete media files
  • archive_stats_view - View statistics
  • archive_latest_view - View latest posts
  • archive_configs_view - View configuration
  • messages_view - View messages
Admin users automatically have all permissions regardless of their assigned permission set.

Rate limiting

Rate limiting is applied to sensitive endpoints:
  • Login endpoint: 3 requests per day
  • User creation: 6 requests per hour
Rate limits can be configured in your application settings.

Configuration

The API must be enabled in your configuration file: 
[app]
api = true
login_endpoint = "login"  # Customize the login path
See Authentication for details on obtaining and using bearer tokens.

Build docs developers (and LLMs) love

Get started for freeTalk to us