Operate Discord HTTP API through UXC with Discord OpenAPI schema. Bot token recommended for full API access including messages and server management. OAuth2 user authentication available for limited profile operations only.
Use this skill to run Discord REST operations through uxc + OpenAPI.
Reuse the uxc skill for shared execution, auth, and error-handling guidance.
uxc is installed and available in PATH.https://discord.com/api/v10.https://raw.githubusercontent.com/discord/discord-api-spec/main/specs/openapi.jsonBot token provides full access to Discord API including reading messages, managing servers, sending messages, and all administrative operations. This is the recommended method for most use cases.
uxc auth credential set discord-bot \
--auth-type api_key \
--header "Authorization=Bot {{secret}}" \
--secret "YOUR_BOT_TOKEN_HERE"
uxc auth binding add \
--id discord-bot \
--host discord.com \
--path-prefix /api/v10 \
--scheme https \
--credential discord-bot \
--priority 100
Important: User OAuth2 has significant limitations and is not recommended for most operations:
Only use OAuth2 if you specifically need to access user profile information as the user. For all other operations, use Bot Token.
If you still need OAuth2 for user profile operations:
Configuration:
1479302369723285736http://127.0.0.1:11111/callbackOAuth2 Scopes:
Discord user OAuth2 supports read-only operations. It cannot send messages or manage servers as a user (use Bot Token for those operations).
Recommended Scopes (Full Functionality):
--scope "identify email connections guilds guilds.members.read messages.read openid"
Minimal Read-Only Scopes:
--scope "identify email connections guilds guilds.members.read"
Scope Reference:
| Scope | Description | Write Operation |
|---|---|---|
identify | Basic user info (username, avatar, etc.) | ❌ Read |
email | User's email address | ❌ Read |
connections | Linked third-party accounts (Twitch, YouTube, etc.) | ❌ Read |
guilds | User's server list | ❌ Read |
guilds.join | Join user to servers (requires the same application's bot to already be in that guild) | ✅ Write |
guilds.members.read | User's member info in servers | ❌ Read |
messages.read | Read messages (local RPC only, not HTTP API) | ❌ Read |
openid | OpenID Connect support | ❌ Read |
Note: User OAuth2 cannot send messages or manage servers as the user. Use Bot Token for write operations. guilds.join is a special user OAuth write capability that depends on the same application's bot already being in the target guild, so it is not part of the default read-only flow. See Discord OAuth2 documentation for complete scope list.
Two-Stage OAuth Flow (Agent-Friendly):
uxc auth oauth start discord-user \
--endpoint https://discord.com/api/oauth2/token \
--client-id 1479302369723285736 \
--redirect-uri http://127.0.0.1:11111/callback \
--scope "identify email connections guilds guilds.members.read messages.read openid"
Open the displayed authorization URL in browser, complete authorization, then copy the callback URL from browser address bar.
Complete OAuth flow:
uxc auth oauth complete discord-user \
--session-id <session_id_from_step_1> \
--authorization-response "<callback_url_from_browser>"
uxc auth binding add \
--id discord-user \
--host discord.com \
--path-prefix /api/v10 \
--scheme https \
--credential discord-user \
--priority 100
Interactive Alternative (Local Terminal Only):
uxc auth oauth login discord-user \
--endpoint https://discord.com/api/oauth2/token \
--flow authorization_code \
--client-id 1479302369723285736 \
--redirect-uri http://127.0.0.1:11111/callback \
--scope "identify email connections guilds guilds.members.read messages.read openid"
Then paste the callback URL when prompted.
Use fixed link command by default:
command -v discord-openapi-cliuxc link discord-openapi-cli https://discord.com/api/v10 --schema-url https://raw.githubusercontent.com/discord/discord-api-spec/main/specs/openapi.jsondiscord-openapi-cli -hDiscover operations with schema mapping:
discord-openapi-cli -hInspect operation schema first:
discord-openapi-cli get:/users/@me -hdiscord-openapi-cli post:/channels/{channel_id}/messages -hExecute operation:
discord-openapi-cli get:/gatewaydiscord-openapi-cli get:/guilds/{guild_id}/channels guild_id=GUILD_IDdiscord-openapi-cli post:/channels/{channel_id}/messages '{"channel_id":"CHANNEL_ID","content":"Hello from uxc"}'uxc auth binding match https://discord.com/api/v10| Feature | Bot Token | User OAuth2 |
|---|---|---|
| Read channel messages | ✅ Full access | ❌ Not via HTTP API |
| Send messages | ✅ As the bot | ❌ Not supported |
| Manage channels/roles | ✅ Bot permissions | ❌ Not supported |
| Moderation actions | ✅ Bot permissions | ❌ Not supported |
| List servers | ✅ Servers bot is in | ✅ User's servers |
| Read user info | ❌ Not available | ✅ As the user |
| Message appearance | Bot badge "BOT" | N/A |
Key Recommendation: Use Bot Token for almost all operations. User OAuth2 is only useful if you need to read user profile information as that specific user. For reading channel messages, managing servers, or sending messages, Bot Token is required.
Discord inbound events flow through the Gateway WebSocket, not through this REST/OpenAPI surface.
Current uxc subscribe status:
discord-gateway transport now bootstraps through GET /gateway/botREADY and delivered GUILD_CREATEMESSAGE_CREATE event in the subscribe sinkIDENTIFY, sequence tracking, and reconnect handling are implementedRecommended invocation:
uxc subscribe start https://discord.com/api/v10 \
'{"intents":4609,"device":"uxc-discord"}' \
--transport discord-gateway \
--auth discord-bot \
--sink file:$HOME/.uxc/subscriptions/discord-gateway.ndjson
Intent notes:
4609 = GUILDS | GUILD_MESSAGES | DIRECT_MESSAGES32768 (MESSAGE_CONTENT) only when the bot has that privileged intent enabled in the Discord developer portalUse discord-openapi-cli for REST calls and uxc subscribe start ... --transport discord-gateway ... for inbound Gateway events.
uxc link --schema-url ...; pass --schema-url <other-url> only when you need to override it temporarily.--text.ok, kind, protocol, data, error.--input-json.discord-openapi-cli <operation> ... is equivalent to uxc https://discord.com/api/v10 --schema-url <discord_openapi_spec> <operation> ....post:/channels/{channel_id}/messages, delete/update endpoints, and moderation endpoints as write/high-risk operations; require explicit user confirmation before execution.references/usage-patterns.md