There are multiple ways to connect to the Lichess API, depending on your needs.
Which authentication is right for you?
This is the simplest way, but it requires manually creating a token.
It's the preferred way if you're only writing a client for yourself, or if the users of your client are few, and tech-savvy.
Examples:
- A Lichess bot
- A script that manages Swiss or Arena tournaments or broadcasts
- A zulip/discord/slack bot
Never use this for an app that will be used by multiple users. Never share your personal token.
Relevant code example: oauth-personal-token
Authenticate your users with a simple "Login with Lichess" button, if you have a webserver. This allows you to make requests to Lichess on behalf of your app users. It is safe, and scales very well with many users.
Examples:
- A web app that manages Swiss or Arena tournaments on behalf of a user
- A board API client with a centralized server
- a web app that analyses puzzle activity or games played on server-side
Relevant code example: oauth-backend
Authenticate your users with a simple "Login with Lichess" button, if you don't have a webserver. Perfectly suited to mobile apps, CLI apps, client-side JS apps.
This allows you to make requests to Lichess on behalf of your app users. It is safe, and scales very well with many users.
Examples:
- Lichess API demo app
- A client-side app that manages Swiss or Arena tournaments on behalf of a user
- An e-board app to play using the board API
- A JS app that analyses puzzle activity or games played on client-side
Relevant code example: oauth-app
Many endpoints of the Lichess API don't require any authentication.