Custom Sign Servers
Basic guidance on creating a custom signature server for TikTokLive libraries.
Is it possible to create a custom server for the TikTokLive libraries? Yes! This guide gives basic guidance on how. We know that this hurts our business, but we also believe if you have the skills to reverse-engineer TikTok's signature generation, you shouldn't be locked into our service.
What we can't do is tell you how to generate signatures. But if you've got that down, this is how you'll need to integrate it.
The /webcast/fetch endpoint
At minimum, you need to implement the /webcast/fetch endpoint. This endpoint calls /webcast/im/fetch on webcast.tiktok.com.
In order to get the protobuf response, you need to provide a valid X-Bogus, X-Gnarly, and msToken signature. These are just
extra URL parameters that TikTok create with complicated obfuscated JavaScript, based on your browser information.
This is part of something called the "ByteDance Anti-Crawler", which is just a basic anti-bot measure to prevent crawlers from harvesting data en masse from TikTok.
Note that the signature parameters encode your browser details, which must match the browser_version and browser_name query parameters.
These must also match your User-Agent header. If you don't provide a User-Agent that matches the browser name and version, TikTok will reject your request.
Here is a basic example of how to fetch the protobuf from TikTok:
const parameters = {
"device_id": "GENERATE_ME", // Random 19 digit number
"email": "[email protected]", // Your email
"room_id": "1234567890", // The room ID
"X-Bogus": "GENERATE_ME", // X-Bogus Signature
"msToken": "GENERATE_ME", // msToken Signature
"X-Gnarly": "GENERATE_ME", // X-Gnarly Signature
"browserName": "BROWSER_NAME",
"browserVersion": "BROWSER_VERSION",
"userAgent": "USER_AGENT"
};
// Returns protobuf. Go to TikTok and open DevTools to find the latest URL.
const fetchResult = await fetch(`
https://webcast.tiktok.com/webcast/im/fetch/
?aid=1988
&app_language=en
&app_name=tiktok_web
&browser_language=en-US
&browser_online=true
&cookie_enabled=true
&cursor=
&debug=false
&device_platform=web
&did_rule=3
&fetch_rule=1
&history_comment_count=6
&history_comment_cursor=
&identity=audience
&internal_ext=
&last_rtt=0
&live_id=12
&resp_content_type=protobuf
&screen_height=1920
&screen_width=1080
&sup_ws_ds_opt=1
&tz_name=UTC
&version_code=270000
¬ice=CUSTOM_SIGN_SERVER
&device_id=${parameters["device_id"]}
&room_id=${parameters['room_id']}
&contact_us=${parameters["email"]}
&X-Bogus=${parameters["X-Bogus"]}
&_signature=${parameters["_signature"]}
&msToken=${parameters["msToken"]}
&browser_name=${parameters["browserName"]}
&browser_version=${parameters["browserVersion"]}
`,
{
method: "GET",
headers: {
"User-Agent": parameters["userAgent"]
}
}
);That's really all there is to it. Just return the Protobuf response from /webcast/fetch, and all libraries will work with your custom server.
The /webcast/sign_url endpoint
Check the OpenAPI Spec for the current list of parameters & response format. This endpoint is used to generate signatures for other TikTok LIVE endpoints. You don't need to implement this if you don't want to, but this is needed for advanced features like sending messages, gifts, etc.
This takes information about the type of request (i.e. fetch vs xhr), the URL, the method, a suggested User Agent, and just returns
the URL with added signature parameters. Technically speaking, if you've got /webcast/fetch done, this is easy.