Documentation Index
Fetch the complete documentation index at: https://mintlify.com/chefnaphtha/xBlockOrigin/llms.txt
Use this file to discover all available pages before exploring further.
xBlockOrigin interacts with X.com’s official APIs using authenticated requests with CSRF tokens and bearer authentication.
Authentication
All API requests require authentication headers extracted from the user’s active X.com session:
Bearer token used by X.com web client:Bearer AAAAAAAAAAAAAAAAAAAAANRILgAAAAAAnNwIzUejRCOuH5E6I8xnZz4puTs%3D1Zv7ttfk8LF81IUq16cHjhLTvJu4FA33AGWWjCpTnA
CSRF token extracted from ct0 cookie value
Always set to OAuth2Session
The extension requires an active X.com session. All requests are made with credentials: 'include' to send session cookies.
GraphQL endpoints
UserByScreenName
Fetches user ID and following status in a single API call.
Endpoint:
GET https://x.com/i/api/graphql/-oaLodhGbbnzJBACb1kk2Q/UserByScreenName
-oaLodhGbbnzJBACb1kk2Q
Variables:
{
"screen_name": "username",
"withSafetyModeUserFields": true
}
{
"creator_subscriptions_tweet_preview_api_enabled": true,
"hidden_profile_subscriptions_enabled": true,
"highlights_tweets_tab_ui_enabled": true,
"profile_label_improvements_pcf_label_in_post_enabled": true,
"responsive_web_graphql_skip_user_profile_image_extensions_enabled": false,
"responsive_web_graphql_timeline_navigation_enabled": true,
"responsive_web_profile_redirect_enabled": false,
"responsive_web_twitter_article_notes_tab_enabled": true,
"rweb_tipjar_consumption_enabled": true,
"subscriptions_feature_can_gift_premium": true,
"subscriptions_verification_info_is_identity_verified_enabled": true,
"subscriptions_verification_info_verified_since_enabled": true,
"verified_phone_label_enabled": false
}
data.user.result.__typename
Always "User"
data.user.result.relationship_perspectives.following
Whether you are following this user (defaults to false if not present)
{
"data": {
"user": {
"result": {
"__typename": "User",
"rest_id": "1234567890",
"relationship_perspectives": {
"following": true
}
}
}
}
}
AboutAccountQuery
Fetches user’s originating country based on X.com’s geolocation detection.
Endpoint:
GET https://x.com/i/api/graphql/XRqGa7EeokUU5kppkh13EA/AboutAccountQuery
XRqGa7EeokUU5kppkh13EA
Variables:
{
"screenName": "username"
}
data.user_result_by_screen_name.result.about_profile
Account information object (may be null if not available)
data.user_result_by_screen_name.result.about_profile.account_based_in
Country name (e.g., “United States”, “Japan”, “Antarctica”)
data.user_result_by_screen_name.result.about_profile.location_accurate
Whether the country detection is accurate
data.user_result_by_screen_name.result.about_profile.learn_more_url
URL with more information about country detection
data.user_result_by_screen_name.result.about_profile.source
Source of country detection (e.g., “IP address”)
{
"data": {
"user_result_by_screen_name": {
"result": {
"about_profile": {
"account_based_in": "United States",
"location_accurate": true,
"learn_more_url": "https://help.x.com/...",
"source": "IP address",
"username_changes": {
"count": "0"
}
}
}
}
}
}
According to X.com, country detection is based on IP geolocation and is updated every 30 days.
MutedAccounts
Fetches paginated list of muted users (used for unmute operations).
Endpoint:
GET https://x.com/i/api/graphql/5a30tCbggzoTACV_yr-cRA/MutedAccounts
5a30tCbggzoTACV_yr-cRA
Variables:
{
"count": 20,
"includePromotedContent": false,
"cursor": "optional-pagination-cursor"
}
data.viewer.muting_timeline.timeline.instructions
Array of timeline instructions containing entries
Array of user entries and cursor entries
entries[].content.itemContent.user_results.result.rest_id
User ID of muted user
entries[].content.itemContent.user_results.result.core.screen_name
Username of muted user
entries[].content.cursorType
Cursor type (e.g., "Bottom" for next page cursor)
Cursor value for pagination
REST API endpoints
Create mute
Mutes a user by their user ID using X.com’s REST API v1.1.
Endpoint:
POST https://x.com/i/api/1.1/mutes/users/create.json
application/x-www-form-urlencoded
Body:
Response:
Returns the muted user object on success (200 OK).
Rate limiting:
If rate limited (429 status), the extension waits until the rate limit reset time specified in x-rate-limit-reset header.
Destroy mute (unmute)
Unmutes a user by their user ID.
Endpoint:
POST https://x.com/i/api/1.1/mutes/users/destroy.json
application/x-www-form-urlencoded
Body:
Response:
Returns the unmuted user object on success (200 OK).
Rate limiting
All API endpoints implement automatic rate limit handling:
- Detection - 429 status code indicates rate limiting
- Reset time - Read from
x-rate-limit-reset header (Unix timestamp)
- Wait - Extension waits until reset time
- Retry - Automatically retries the request after waiting
Rate limit state is tracked per endpoint using the rateLimitState utility to prevent requests before the reset time.
if (response.status === 429) {
const resetHeader = response.headers.get('x-rate-limit-reset')
if (resetHeader) {
const resetTime = parseInt(resetHeader) * 1000
const waitTime = resetTime - Date.now()
await new Promise(resolve => setTimeout(resolve, waitTime))
return makeRequest() // retry
}
}
Request queue
All API requests are processed sequentially through a request queue:
- Sequential processing - Only one request at a time
- In-flight tracking - Prevents duplicate requests for same user
- Navigation clearing - Queue is cleared when user navigates to new page
Sequential processing prevents hitting rate limits too quickly and ensures consistent ordering of operations.