All Activity

Just out of curiosity, this was marked as deprecated. is there any particular reason? was the /inventory/{steamid64}/{appid}/{contextid} a newer addition to steam's API? or a simpler or a more reliable implementation? by the way, sorry for not checking the code more thoroughly ❤️ thanks again.

There's no reason to think you'd be banned for using this endpoint. It's already there: TradeOffer#loadPartnerInventory

Hi guys. A while ago, there was an update on Apr 2nd, 2025 that hided the items before 10 days on the endpoint: https://steamcommunity.com/inventory/{steamid64}/730/2 but i found a workaround for it, if you have the other user's trade URL. there is a request that the page sends while getting their inventory through the trading page. here is a refined code that does this. this will show all the fast traded items, even if they are not passed their 10 days. fetch( `https://steamcommunity.com/tradeoffer/new/partnerinventory/?sessionid=${sessionID}&partner=${steamID64}&appid=730&contextid=2`, { headers: { cookie: `${steamLoginSecure}; ${sessionID};`, Referer: tradeURL } }, ) but here is my question, (mostly towards Doc since they're the owner of this package) Is there a ban risk for using this endpoint? (mostly because we're spoofing the refer URL) Why hasn't this been added to the package. if it's the matter of not having enough time, can I please send a PR? or it there any criteria for sending a PR?

Please example, I need to add authenticator into the steam via node and proxy but I dont understand. How I can to link steam-session and node-steamcommunity mobile session from proxy?

Not currently possible but it's on my list of things to do

It's available under artifacts on SteamKit's GitHub Actions (you need to login to GitHub to download): https://github.com/SteamRE/SteamKit/actions

Steam introduced an update some time ago that exposes both float and seed values. Could you advise how to access these values using this module, without creating an external request to the Steam Web API? #getAssetsProperties = async (contextId) => { try { const { data } = await axios.get( `${SteamWrapper.#apiOrigin}/IEconService/GetInventoryItemsWithDescriptions/v1`, { params: { 'access_token': this.#accessToken, 'steamid': String(this.#userClient.steamID), 'appid': 730, 'contextid': contextId, 'get_asset_properties': true, }, }, ); const raw = data?.response?.asset_properties; const assetProperties = Array.isArray(raw) ? raw : []; return [assetProperties, null]; } catch (error) { return [null, error]; } }

Could you please share prebuilt dll ? I have troubles building that

No, you'll need to login twice.

The features I’m using require different types of sessions. For example, enableTwoFactor needs a MobileApp session, while component-related operations like getCasketContents require a SteamClient session. Is there a way to obtain both sessions with one login process (one username/password + one mobile authenticator confirmation)? Or is it possible to convert between these two types of sessions?

Yeah I did get as far as that, I use getAppBetaDecryptionKeys and store the response then do getProductInfo and the data from productInfo.apps[appId].appinfo.depots is: { '3241661': { manifests: { public: [Object], beta: [Object] } }, branches: { public: { buildid: '20785042', timeupdated: '1763126393' }, beta: { buildid: '20947718', description: 'beta branch', timeupdated: '1764151547' } }, privatebranches: '1' } which doesn't seem to include encryptedmanifests or the private branch? From what I understand from the docs it used to be the case that you'd use the decryption key against the encrypted manifest id from getProductInfo however that no longer seems to be returned? Edit: I just checked via steam console and the app_info_print command seems to only show the private branch if I have it selected as the active beta and it's returned in manifests already decrypted not in encryptedmanifests... so it seems like steam have changed how it works?

Yes, use getAppBetaDecryptionKeys.

Hello, I was wondering if there's any way to get the latest manifest id of a private beta branch if I have the app id, depot id, branch name & password?

I suspect the problem isn't in the code, but in the overall implementation of ElectronJS (which I use) applications. Everything works fine in development mode, but as soon as I create an .exe application, I get this error. But I haven't yet figured out the cause of this problem.

Thank you! It's works.

I don't know why you'd get DuplicateRequest when logging in if you're doing everything correctly. Maybe the code was already used?

Yes, after a repeated request to the login() method. The first time I initiate authorization, I receive a Steam Guard code via email. Then I call the same login() method, but with the code inside. And then I receive a DuplicateRequest. The same problem occurs when working with steam-session: First, I call startWithCredentials(), and then submitSteamGuardCode().

You're getting DuplicateRequest in the login callback?

Basically just do exactly what the login-with-password example shows, and once you have webCookies then you can call community.setCookies(webCookies)

Compile Win32

Could you please show me how steam-session and steamcommunity interact? My IDE keeps complaining that setCookies isn't working. I've already tried logging in through steam-session and passing cookies to setCookies, but it's not working. Thanks in advance!

The code is event-driven. First, login() is called. Then, the "steam guard" code is entered, and the login() request is repeated.

Yes, but when i try to inject that on steam.exe?

In admin command prompt: rundll32.exe NetHook2.dll,Inject

There is any guide how to properly inject nethook.dll into steam.exe?