API Key Requirements
Why Personal Keys Are Required
Torn's API does not allow reading another member's energy bars — even a faction leader's key returns only the key owner's own bars. FactionOps collects energy data using each member's personal key. This is a Torn API constraint, not a FactionOps design choice.
Your key is stored AES-GCM encrypted in Cloudflare D1. It is never returned or echoed in any API response.
Key Access Levels
Torn API keys have five access tiers. The table below shows which tiers FactionOps uses and why. Public and Custom tiers unlock nothing in FactionOps.
| Access Level | Required For |
|---|---|
| Minimal | Logging in, basic profile, faction membership check |
| Limited | Battle stats, OC data, contributor stats |
| Full Access | Premium payment detection (Roksonic's key only — not required for faction members) |
Most members need a Minimal key at minimum to log in. A Limited key unlocks the full Stats and Battle Stats tabs.
The AA Requirement
Certain features — Faction Admin, Discord configuration, the FFScouter key pool — require you to hold Faction AA access in-game. The app re-verifies your AA status on every protected request. If your AA is removed in Torn, access to those features is revoked within approximately 60 seconds.
Generating a Torn API Key
- Log into Torn at torn.com
- Go to Settings → API Key
- Generate a key at the access level you need
- Copy it and paste it into FactionOps on login
You can generate multiple keys at different access levels. FactionOps only stores the key you provide at login.