Core concepts
Connecting accounts
A connected account is what turns a network id into something you can publish to. Here's how connections are stored, secured, and split between instant and OAuth networks.
The account model
You connect one account per network. Each connection stores the handle you publish as, a follower count and health flag, the platform’s own account id where relevant, and — encrypted — the credentials needed to post. Only connected networks appear in List accounts, and only those can be targeted by a post.
Two ways to connect
| Style | Networks | What you provide |
|---|---|---|
| Instant | Bluesky, Telegram, Discord | A pasted credential (app password, bot token, or webhook URL). No developer app, no review. |
| OAuth | Instagram, Facebook, Threads, TikTok, YouTube, X, LinkedIn, Pinterest, Reddit | An access token from the network's OAuth, plus an account id where the network needs one. |
Each network’s exact fields are documented in its platform guide. A connection is only publishable once its required fields are present — until then, a publish to it is a no-op that reports zero reach.
Credentials & encryption
Every secret is sealed with AES-256-GCM before it’s written to the database. The encryption key is derived (via scrypt) from a server-side secret, POSTMYISH_SECRET_KEY, and each stored value carries its own IV and authentication tag. A database leak exposes ciphertext, not tokens.
- Secrets are decrypted only in memory, at publish time, to make the network call — then discarded.
- If a stored value can’t be decrypted, it’s treated as no credential rather than trusted — the account simply isn’t publishable until reconnected.
Self-hosting? Set the key first
POSTMYISH_SECRET_KEY in the environment, credentials can’t be stored — you can connect an account, but publishing to it stays a no-op. Generate one with openssl rand -hex 32 and set it before connecting networks.Connecting today
Connect networks from the dashboard’s Accounts page. Instant networks take a pasted credential; OAuth networks currently accept an access token you supply. A fully hosted OAuth flow and in-dashboard credential fields for every network are being rolled out — the direction is on the roadmap.
Accounts are read-only over the API
POST /accounts endpoint on /api/v1 today.Health, reconnecting & disconnecting
- Health is either
goodorattention. Anattentionflag means the connection needs reconnecting — often an expired token. - Reconnecting replaces the stored credentials in place; disconnecting removes the account and its secrets entirely.
- Token refresh isn’t automated yet, so long-lived OAuth tokens may need a periodic reconnect — see Known limitations.