TikTok Content Posting API: Complete Developer Guide 2026
The TikTok Content Posting API is now one of the most strategically important developer tools in social media marketing. As TikTok continues to dominate short-form video with over 1.9 billion monthly active users, marketing teams and developers are racing to build scalable, automated content pipelines that can publish consistently across dozens — or even hundreds — of accounts without manual intervention.
This guide is written for marketing engineers, growth developers, and performance marketers who want a deep, practical understanding of how the TikTok Upload API works in 2026 — from OAuth authentication and chunked video uploads to rate limit strategies and multi-account orchestration. Whether you're building an internal content scheduler, a SaaS publishing platform, or a full-scale TikTok account scaling operation, this guide covers everything you need.
We'll also explore how platforms like TokPortal augment the API by providing real, pre-warmed TikTok accounts on physical devices across 30+ countries — solving the biggest pain point developers face: account trust and geo-authenticity at scale.
1.9B+
TikTok Monthly Active Users (2026)
30+
Countries Supported by TokPortal
100+
Real Device Accounts Available
10GB
Max Video File Size via Upload API
3
TikTok API Auth Scopes for Posting
~60s
Average API Upload Time (1080p)
What Is the TikTok Content Posting API?
The TikTok Content Posting API — officially part of TikTok's Content Posting API suite under the TikTok for Developers platform — allows authorized applications to programmatically upload and publish video content to TikTok accounts on behalf of users or creators. It replaced the older, unofficial scraping methods that marketers relied on and is now the sanctioned, stable way to automate TikTok video posts at scale.
The API supports two primary upload flows: Direct Post (content goes live immediately) and Upload to Inbox (content is queued in the creator's draft inbox for review before publishing). For marketing automation, Direct Post is the go-to flow — it lets your pipeline push a video, caption, hashtags, privacy settings, and audience targeting parameters in a single API call chain.
As of 2026, TikTok has significantly expanded the Content Posting API's capabilities, including support for Duet and Stitch permissions, branded content disclosures, geo-targeting of video visibility, and webhook callbacks for upload status. Developers building on this API should be aware that TikTok routinely updates rate limits and permission scopes, so staying current with the TikTok API integration changelog is essential.
TikTok API Developer Prerequisites & Setup
Create a TikTok Developer Account
Navigate to developers.tiktok.com and register for a developer account using a valid business email. You'll need to agree to TikTok's API Terms of Service. Personal accounts are not eligible for Content Posting API access — you must operate under a recognized business or developer entity.
Create an App in the Developer Portal
Once verified, create a new App inside the developer dashboard. Choose the 'Content Posting API' product when selecting your app's capabilities. You'll receive a Client Key and Client Secret — treat these like production credentials and never expose them client-side.
Request the Required API Scopes
For video posting, your app must be granted the following OAuth scopes: video.upload (to initiate uploads), video.publish (to publish drafts or direct-post), and user.info.basic (to validate account identity). Submit your scope request with a detailed use-case description — TikTok manually reviews access for the Content Posting API.
Implement OAuth 2.0 Authorization Flow
Use TikTok's OAuth 2.0 PKCE flow to obtain user access tokens. Redirect users to TikTok's authorization URL with your client_key, scope, redirect_uri, and a state parameter for CSRF protection. After authorization, exchange the code for an access_token and refresh_token with a TTL of 24 hours and 365 days respectively.
Sandbox Testing Before Production
TikTok provides a Sandbox environment where you can test video uploads without publishing to real accounts. Use test user accounts provided in the developer portal. Validate your entire upload pipeline — initiation, chunked transfer, and publish call — before pointing at production credentials.
Apply for Production Access
After sandbox validation, submit your app for TikTok's production review. This includes providing a demo video of your upload flow, your privacy policy URL, and a clear description of how user data is handled. Approval typically takes 5–10 business days in 2026.
How to Post a Video via the TikTok Upload API
Posting a video via the TikTok Upload API is a multi-step process. Unlike simple REST APIs that accept a single POST with a file attachment, TikTok uses a chunked upload protocol designed for large media files. Here's the complete technical flow every TikTok API developer needs to understand.
The process begins with an upload initiation request to POST /v2/post/publish/video/init/, where you declare the video's source type (FILE_UPLOAD or PULL_FROM_URL), chunk count, total file size in bytes, and publish metadata including caption, privacy level, and interaction toggles. TikTok responds with an upload_url and a publish_id — the publish_id is your tracking reference for the entire lifecycle of this post.
For URL-based uploads (PULL_FROM_URL), TikTok's servers fetch the video directly from a publicly accessible URL — an excellent pattern for CDN-hosted content pipelines. For file uploads, you'll use chunked PUT requests to the provided upload_url, with each chunk declared using the Content-Range header. After all chunks are transferred, you poll the /v2/post/publish/status/fetch/ endpoint using your publish_id until the status transitions from PROCESSING to PUBLISH_COMPLETE. This async pattern is critical to handle correctly in production queues.
Pro Tip: Use URL-Based Uploads for Speed
Key API Endpoints Every TikTok Developer Must Know
- POST /v2/post/publish/video/init/ — Initiate a video upload and receive upload_url + publish_id
- PUT {upload_url} — Transfer video chunks using Content-Range headers (file upload flow only)
- POST /v2/post/publish/inbox/video/init/ — Upload to creator's draft inbox instead of direct publishing
- GET /v2/post/publish/status/fetch/ — Poll async upload status using publish_id (PROCESSING → PUBLISH_COMPLETE)
- GET /v2/video/list/ — Retrieve a list of published videos for an authenticated user account
- GET /v2/video/query/ — Fetch detailed metadata for specific videos by video_id array
- DELETE /v2/video/delete/ — Remove a published video programmatically using its video_id
- GET /v2/oauth/token/ — Exchange authorization code for access_token and refresh_token
- POST /v2/oauth/token/refresh/ — Refresh an expired access token using the long-lived refresh_token
- GET /v2/user/info/ — Retrieve authenticated user profile info including display_name and avatar_url
TikTok API Rate Limits & Quotas in 2026
Rate Limit Strategy Is Non-Negotiable at Scale
Multi-Account Management: The Real Scaling Challenge
The TikTok API itself is only half the equation. The harder problem for marketing teams running multi-account TikTok strategies is account trust, geo-authenticity, and avoiding platform-level throttling or bans. TikTok's risk systems are sophisticated — they flag accounts that show unusual behavioral patterns, access from mismatched IP geographies, or were never organically onboarded on a real device.
This is where TokPortal provides critical infrastructure. Rather than spinning up accounts programmatically in bulk (which TikTok's systems flag rapidly), TokPortal creates and warms real TikTok accounts on physical mobile devices in 30+ countries, with authentic local IP addresses, organic early engagement history, and proper device fingerprints. These accounts are then made available for API integration, giving your publishing pipeline a trusted, geo-specific account layer. Learn more about how this works in our TikTok account farming strategies guide.
For performance marketers running geo-targeted TikTok campaigns across multiple regions, this matters enormously. An account created and warmed in Brazil will have an authentic Brazilian audience signal — something no proxy or VPN layer can replicate when you're trying to grow organic reach in that market.
TikTok API vs. Third-Party Automation Tools
Advantages
- Full control over upload logic, scheduling, and metadata
- No dependency on third-party tool uptime or pricing changes
- Access to raw API responses for analytics and debugging
- Supports custom retry logic and error handling
- Can integrate directly with your existing data pipeline
- Scales to thousands of posts without per-seat licensing
Drawbacks
- Requires developer resources to build and maintain
- Must handle OAuth token refresh and expiry management
- Requires manual monitoring of TikTok API deprecations
- No built-in visual UI for non-technical team members
- Rate limit handling and queue management adds complexity
- Account trust and device authenticity not included
Video Format & Technical Specifications for the Upload API
- Supported Formats: MP4 and WebM (MP4 with H.264 codec strongly recommended for compatibility)
- Minimum Resolution: 540 × 960px — below this TikTok will reject the upload
- Recommended Resolution: 1080 × 1920px (9:16 portrait) for full-screen delivery
- Maximum File Size: 10 GB for production apps (128 MB in sandbox)
- Maximum Duration: 10 minutes for standard accounts; 60-second limit for new/low-trust accounts
- Frame Rate: 23–60 FPS recommended; below 23 FPS may trigger quality rejection
- Audio: AAC-encoded stereo audio at 44.1 kHz or 48 kHz sample rate
- Bitrate: 2–8 Mbps for 1080p content; higher bitrates are acceptable but increase upload time
- Aspect Ratio: 9:16 (portrait) preferred; 1:1 (square) and 16:9 (landscape) also supported
- Caption Length: Maximum 2,200 characters including hashtags and mentions via API
- Hashtag Limit: Up to 30 hashtags per post via API (same as manual posting limit)
Error Handling & Common TikTok API Failures
Error 10101 — Invalid Access Token
The most common error in production. Indicates the access_token has expired (24-hour TTL). Fix: implement proactive token refresh using the refresh_token before the access_token expires, rather than waiting for a 401 response. Store token expiry timestamps alongside credentials.
Error 10003 — Scope Not Authorized
Your app has not been granted the required scope (video.upload or video.publish) for this user. Fix: ensure your OAuth authorization URL includes all required scopes and that the user has explicitly approved them. Re-authorize if scopes were added to the app after the user's initial auth.
Error 10202 — Video Upload Failed
Chunk transfer failed or file validation rejected the video. Common causes: incorrect Content-Range headers, unsupported codec, file corruption, or resolution below minimum threshold. Fix: validate video specs server-side before initiating upload, and implement chunk-level retry with MD5 verification.
Error 10002 — Rate Limit Exceeded
Your app or user has exceeded the allowed API call frequency. Fix: implement a token bucket or leaky bucket rate limiter in your upload queue. Respect X-RateLimit-Remaining and X-RateLimit-Reset headers. Distribute high-volume posting across multiple time windows.
Status: FAILED (publish_id polling)
The async publish job failed after upload was completed. Common causes: content policy violations detected by TikTok's automated review (copyright audio, restricted visuals), or account-level publishing restrictions. Fix: implement content pre-screening, monitor publish status webhooks, and maintain a dead-letter queue for failed publishes.
Build a Robust Retry & Observability Layer
Integrating TokPortal with Your TikTok API Pipeline
TokPortal is built specifically for marketing teams and developers who need the account infrastructure layer that the TikTok API alone cannot provide. While the Content Posting API handles the programmatic publishing mechanics, TokPortal handles the account creation, device registration, and geographic warming that determines whether your content actually gets distributed by TikTok's algorithm.
The integration pattern is straightforward: TokPortal provisions real TikTok accounts on physical devices in your target countries — available across USA, Brazil, UK, Indonesia, and 30+ more — and delivers the OAuth credentials (access tokens and refresh tokens) needed to authenticate each account against the Content Posting API. Your upload pipeline treats each account's token set like any other OAuth credential, pushing content through the standard API flow while benefiting from the account's authentic device history and local trust signals.
For teams running bulk creator account strategies or managing content for multiple regional brands, this two-layer approach — TokPortal for account quality, TikTok API for programmatic publishing — is the most reliable architecture available in 2026. Explore our TikTok Content API integration guide for specific implementation patterns.
Ready to Scale Your TikTok Content Pipeline?
TokPortal provides real TikTok accounts on real devices in 30+ countries — the trusted account infrastructure your API pipeline needs to publish at scale without flags or bans.
Frequently Asked Questions
What is the TikTok Content Posting API and how is it different from the old API?+
How many TikTok accounts can I manage with one API app?+
Does TikTok's API support scheduling posts for a future time?+
Why do TikTok accounts get flagged or banned even when using the official API?+
What video formats does the TikTok Upload API support?+
How do I handle OAuth token expiry in a multi-account pipeline?+
Can I use the TikTok Content Posting API for advertising or paid promotion?+

Written by
Vincent Tellenne
Founder & CEO
Vincent is the founder of TokPortal, building the infrastructure for scaled organic social media distribution. Previously scaled multiple startups and APIs to millions of requests.
Learn more about this topic with AI
Related Resources
Make Money Managing TikTok Posting Phones in 2026
Make money managing TikTok posting phones by running approved brand posts on real devices. Learn requirements, routine, payouts, and 20+ countries.
Earn Monthly Income Renting TikTok & IG Pages
Rent your TikTok or Instagram page for monthly income: TokPortal pays $144–$12,000+ monthly based on followers, niche, and approvals—no passwords shared.
Programmatic Social Posting With Real Devices
Programmatic social posting with real devices: human-in-the-loop API infrastructure across 20 countries for TikTok, Instagram and YouTube.
Geo-Distributed Posting for Global Launches
Run geo-distributed social posting for a global launch using real local devices, SIMs, and operators across 20+ countries.
Organic vs Paid TikTok CAC: 2026 Model
Model TikTok organic CAC vs paid CAC with a 6-metric framework using 20-country distribution, Spark Ads, payback, blended CAC, and board metrics.
Recover TikTok Reach After a Shadowban Scare
Recover TikTok reach after a shadowban scare with a 7-day reset: test distribution, stop spam-like patterns, warm accounts, then scale safely.
