Unbrowse is a drop-in replacement for browser automation in agent stacks. It learns the request path behind websites and reuses it as a skill, so agents stop repeating the same browser workflow every time.

How does Unbrowse work?

Unbrowse can use a real browser on the first pass to learn the request flow behind a site, then reuse that learned route as a skill on later runs. The browser stays available for auth and hard cases, but repeat work stops depending on the DOM.

Which AI coding agents work with Unbrowse?

Unbrowse works with all major AI coding agents including Claude Code, Cursor, OpenClaw, and Windsurf. The simplest full install path is curl -fsSL https://unbrowse.ai/install.sh | bash. After install, hosts with skills support can also use npx skills add unbrowse-ai/unbrowse.

Is Unbrowse free to use?

Yes, Unbrowse is free and open-source. Install it with curl -fsSL https://unbrowse.ai/install.sh | bash and start discovering APIs immediately. After install, hosts with skills support can also use npx skills add unbrowse-ai/unbrowse. The shared skill marketplace lets you benefit from APIs discovered by the community.

← All articles

Blog

How to Access TikTok Data Without the Official API

TikTok's official API is restricted to approved partners with weeks-long review processes. Shadow APIs -- the internal endpoints TikTok's web app calls -- provide access to video metadata, user profiles, trending content, and search results without partner approval.

Lewis Tham

April 3, 2026

How to Access TikTok Data Without the Official API

TikTok has one of the most restrictive API access policies of any major platform. Their Research API requires a university affiliation or approved research institution. Their Marketing API requires a business account with advertising spend. Their Display API is limited to embedding videos on websites. None of these serve the most common developer need: getting video metadata, user profiles, and trending content programmatically.

The approval process takes 2-6 weeks, rejection is common, and even approved access comes with severe rate limits and data restrictions. Meanwhile, TikTok's website and web app serve this exact data to every visitor through internal API endpoints.

The Problem with Current Approaches

Official API Access Is Gated

TikTok's API tiers are designed to restrict access, not enable it:

Research API: Requires academic institution affiliation, IRB approval, and a detailed research proposal. Rejection rate is high.
Marketing API: Requires active ad account with minimum spend. Data is limited to your own campaigns.
Display API: Only supports video embeds. No metadata, no search, no user data.
Login Kit: User authentication only. No content data access.

For a developer building a trend analysis tool, content aggregator, or social listening platform, none of these tiers provide what is needed.

Scraping TikTok Is a War of Attrition

TikTok employs some of the most sophisticated anti-bot measures on the internet:

Device fingerprinting that detects headless browsers, VMs, and automation frameworks
Signature algorithms (X-Bogus, _signature) that change frequently and require reverse engineering
CAPTCHA puzzles that trigger on the first suspicious request
IP reputation scoring that blocks datacenter IPs immediately
Dynamic rendering that serves different content to detected bots

Most TikTok scraping libraries on GitHub break within days of publication. Maintaining a working scraper requires continuous reverse engineering effort.

Third-Party APIs Are Expensive and Unreliable

Services that offer TikTok data APIs (RapidAPI wrappers, social media intelligence platforms) charge $100-500/month and frequently go down when TikTok changes their anti-bot measures. They are, underneath, just scraping -- you pay them to maintain the scraper.

Shadow APIs: The Alternative

When you browse TikTok's website, your browser makes dozens of internal API calls per page. The For You feed, search results, user profiles, and video details are all fetched from backend services that return structured JSON. These shadow APIs are the real data layer of TikTok's web application.

Calling these APIs directly means you are making the same requests the website makes. There is no scraping signature to detect, no headless browser to fingerprint, no HTML to parse. The data arrives as clean JSON with video metadata, engagement metrics, user information, and audio details.

What Unbrowse Discovers on TikTok

When Unbrowse indexes TikTok through normal browsing, it captures endpoints like:

Endpoint Pattern	Data Returned	Format
`/api/search/general/full/`	Search results with video metadata	JSON
`/api/user/detail/`	User profile with follower stats	JSON
`/api/item/detail/`	Individual video with engagement data	JSON
`/api/comment/list/`	Video comments with reply threads	JSON
`/api/recommend/item_list/`	For You page recommendations	JSON
`/api/related/item_list/`	Related videos for a given video	JSON

These endpoints return data that no official API tier provides: real-time view counts, share statistics, duet chains, stitch references, and audio usage graphs.

How It Works

# Install Unbrowse
npx unbrowse setup

# Browse TikTok to discover endpoints
npx unbrowse go "https://www.tiktok.com/search?q=AI+agents"

# Resolve TikTok data via shadow API
npx unbrowse resolve "tiktok trending videos about AI"

After discovery, queries resolve through direct API calls:

import Unbrowse from 'unbrowse';

const ub = new Unbrowse();

const result = await ub.resolve(
  'tiktok user profile @openai'
);

console.log(result.data);
// {
//   user: {
//     uniqueId: "openai",
//     nickname: "OpenAI",
//     followers: 2800000,
//     following: 3,
//     likes: 18500000,
//     videoCount: 145,
//     verified: true,
//     bio: "..."
//   },
//   recentVideos: [
//     {
//       id: "7352...",
//       description: "...",
//       views: 4200000,
//       likes: 380000,
//       shares: 45000,
//       duration: 32
//     }
//   ]
// }

Performance: Browser vs Shadow API

Metric	Browser Automation	Shadow API (Unbrowse)
Latency per request	5-12 seconds	300-600ms
Memory usage	500MB+ (headless Chrome)	~5MB
Cost per 1,000 requests	$5.30 (compute + proxy)	$0.05
Anti-bot detection risk	Very high	Low
Data format	HTML (requires parsing)	Structured JSON
Video metadata completeness	Partial (DOM scraping)	Full (internal API)

For a social listening tool monitoring 100 trending topics daily, shadow APIs reduce the collection time from hours to minutes while eliminating the constant scraper maintenance burden.

When to Use This Approach

Shadow APIs via Unbrowse are right when:

You cannot get official API approval. If you are not a university researcher or active advertiser, shadow APIs may be your only programmatic access path.
You need real-time trending data. Shadow APIs return the same data the For You page uses, updated in real-time.
Your agent needs TikTok context. AI agents analyzing social trends or generating content ideas need fast, structured access to video metadata.
You need engagement metrics. View counts, like/share ratios, and comment sentiment data are all available through internal endpoints.

This approach is less suitable for downloading actual video files (which requires separate CDN access) or for bulk historical data analysis (the API returns recent content by design).

Getting Started

# 1. Install
npm install -g unbrowse

# 2. Set up
unbrowse setup

# 3. Browse TikTok to index APIs
unbrowse go "https://www.tiktok.com/trending"

# 4. Query via shadow API
unbrowse resolve "tiktok trending videos in tech this week"

The initial browse session captures TikTok's internal API patterns. After indexing, all requests resolve through direct API calls with no browser overhead.

FAQ

Is this legal?

You are accessing data that TikTok publicly serves to every website visitor. Shadow API calls reproduce the same HTTP requests your browser makes when you visit a TikTok page. There is no authentication bypass, no credential theft, and no access to private user data. The data accessed is limited to what TikTok makes publicly visible on its website.

How is this different from scraping?

Scrapers render full HTML pages in a headless browser, execute JavaScript, and parse the resulting DOM. This is what TikTok's anti-bot systems detect. Shadow APIs call the same REST endpoints that TikTok's JavaScript frontend uses to fetch data. The calls look like normal frontend requests because they are structurally identical to them.

What about TikTok's signature parameters?

TikTok's web API uses signature parameters (X-Bogus, msToken) for request validation. Unbrowse captures these patterns during the initial browse session from your real browser, where they are generated naturally. The discovered endpoints include the necessary parameter patterns for valid requests.

Can I access private accounts?

No. Shadow APIs only provide access to publicly visible data. Private accounts, private videos, and direct messages are behind authentication barriers that shadow APIs do not bypass.