Core Concepts

Understand the building blocks of the OF API Gateway before making your first integration.

Organizations

Everything in the Gateway is scoped to an organization. When you sign up, a default organization is created for you automatically.

Your organization holds your subscription plan and credit balance.

All API keys you create belong to your organization — credits are shared across all keys.

Rate limits are enforced at the organization level.

API Keys

API keys are long-lived credentials used to authenticate all proxy requests. You generate and manage them from the dashboard.

Pass your key in the X-API-Key header on every request.

Keys are shown only once at creation — save them immediately.

You can create multiple keys (e.g. one per integration or environment).

Keys can be revoked at any time from the dashboard.

All keys under an organization share the same credit balance.

OnlyFans Models

A Model is an OnlyFans creator account linked to your organization. You connect models from the dashboard, and the gateway manages their sessions automatically.

Connect a model from the dashboard by providing their OnlyFans email and password.

Each connected model receives a UUID that you use in all proxy endpoint paths.

The gateway stores and refreshes OnlyFans sessions securely — you never handle credentials in API calls.

A disconnected model (expired session) can be reconnected from the dashboard without re-entering credentials.

One organization can connect multiple models.

Credits

Credits are the billing unit of the Gateway. Each successful proxy call deducts a fixed number of credits from your organization's balance.

Credits are deducted only on successful (2xx) responses — failed requests cost nothing.

Each endpoint type has a fixed credit cost: most cost 1 credit, Send Message and Payout Stats cost 2.

Credits are shared across all API keys in your organization.

Credits reset monthly when your subscription auto-renews.

Unused credits do not roll over to the next billing period.

Your current balance and plan are visible on the dashboard.

How a Request Flows

Every proxy API call goes through the following steps before reaching OnlyFans and returning a response to you.

Your request arrivesYour app sends a request with the X-API-Key header to a proxy endpoint.

API key validationThe gateway validates the key — must be active and belong to an organization.

Subscription checkVerifies the organization has an active subscription plan.

Rate limit checkChecks the sliding-window request rate against your plan's limit.

Credit checkVerifies your organization has enough credits for the endpoint's cost.

Proxy to OnlyFansThe gateway forwards the request to OnlyFans using the model's managed session.

Credits deductedOn a 2xx response, credits are atomically deducted. Errors cost nothing.

Response returnedThe raw OnlyFans response is passed directly back to your app.

Proxy responses include a _meta envelope

Successful proxy responses (2xx) are wrapped: { data: <OnlyFans response>, _meta: { _credits, _rate_limits } }. The data field contains the raw OnlyFans data exactly as returned. Error responses (4xx, 5xx) are never wrapped.

PreviousBilling & CreditsPlans, credits, and costs NextAPI ReferenceAll proxy endpoints and parameters