One credential dance per platform. TikTok's already wired — the YouTube grant below is the repeatable one you'll run three times, once per channel. I handle everything after you hand me the token.
TikTok · @Tried.that
Creds wired Postiz healthy
YouTube · 3 channels
Your move grant needed
TikTok — the last 2 clicks
Production app creds are already in Postiz. You just authorize the account.
Open Postiz
Browser → http://192.168.1.236:5000 (on your tailnet).
Add channel → TikTok → Authorize
Because you're already signed into @Tried.that in that browser, there's no login — just the consent screen. Approve all 6 permissions.
That's it for TikTok. Unaudited = posts go out private (SELF_ONLY) immediately — plenty for SU. Public flips on automatically when the audit clears. Tell me once it's connected and I'll run a dry-run post.
YouTube — run this 3× (once per channel)
You've made the OAuth client for zionboggan@gmail.com. This grant turns it into a durable token. Same steps for each channel — you just pick a different channel on the consent screen each time.
Install the one library
On a machine with a browser (your computer is easiest):
pip install google-auth-oauthlib
Put the script + your client-secret in one folder
The script is on the share at P:\ClipEngine\yt-creds\yt_oauth_grant.py. Drop your downloaded client_secret_…json next to it.
Sign in as zionboggan@gmail.com →
on the "unverified app" screen click Advanced → Go to (continue) →
pick the channel you're wiring (Clip Radar or Clip Vault) →
approve the youtube.upload permission.
Confirm the token
It writes yt_token.json and prints refresh_token present: True. That "True" is the thing to check.
Hand it to me
Drop bothyt_token.json + the client_secret_…json into P:\ClipEngine\yt-creds\ and tell me which channel you picked. I wire it into config.json on the 3060 and run a dry-run upload — no more input from you.
One gotcha that saves a redo: the OAuth client must be type "Desktop app" (localhost redirect just works). If you built a "Web application" one, either recreate it as Desktop app, or add http://localhost to its authorized redirect URIs.
Daily Clip Drop · Zion Bogganyt_zion_bogganzionboggan0@
Clip Radar & Clip Vault share the zionboggan@ account (pick the right channel on the consent screen). Daily Clip Drop is the separate zionboggan0@ account — different login.
What I'm handling in the background
So you only touch what genuinely needs a human.
✓ TikTok production creds wired into Postiz
Container recreated, healthy, verified.
✓ Watchlist SU-ready
25 channels, squatters purged, priority students added, validated.
→ Every token you hand me
Placed on the 3060, wired into config, dry-run tested — before anything's enabled.
→ Fable's SU tooling
Getting the production panel + edit-pane wins integrated next.