Yes the title is correct, but I had nothing malicious in mind!

What this is about

For @qzt@queereszentrumtuebingen.de we include the public feed in a sidbar on the homepage. Initially this was done using the standard API to fetch statuses /api/v1/accounts/{account_id}/statuses and worked like a charm. The problem started when GoToSocial (the fediverse server we use, similar to mastodon) implemented authorized fetch. This is a a good thing! Authorized fetch means, that every call to a endpoint needs to be authorized by an access_token. You get an access token from a fedi account. It’s what fediverse clients like Tusky or Phanpy do on your behalf to get the posts that make up you timeline.