Dr. McKay

If you're fetching your time offset and it's 1, then your clock is correct. If you're still being told that your authenticator is invalid, then the secret must be wrong.

No. When you sign into a site using Steam OpenID, the site only gets your SteamID and nothing more. Certainly not an access token. That's great. I'm still not going to help you compromise your own account.

You need to provide the asset owner's SteamID as well. The linked repository only indicates that S is optional because you need either S or M (M is used for market listings).

Not necessarily.

Giving an access token to a third-party site is effectively the same thing as giving them your username, password, and mobile auth code. I wouldn't recommend it.

What's there is what Steam reports. I can't help you if the backend is returning bad data.

Why?

No, use steam-session for that.

The third-party typescript definitions haven't been updated for 2.11.0. Just suppress the error.

Cannot reproduce. Are you on the latest version?

Cannot reproduce.

Duplicate of several threads here: https://dev.doctormckay.com/forum/9-node-steam-tradeoffer-manager/

That's the point. Enabling useAccessToken disable fetching an API key.

Not that I'm aware of. I've heard, but not personally confirmed, that if you use an access token you still receive CS2 offers as normal.

Yes, that seems to be correct.

No. That would defeat the purpose of the token.

Yes.

You need to call setCookies on the TradeOfferManager instance, not on the SteamCommunity instance. TradeOfferManager's setCookies also retrieves your account's API key.

You just need to call setCookies each time the webSession event is emitted. You don't need to create a new TradeOfferManager or SteamCommunity.

Use webLogOn() to get a new web session when that happens. It's a good idea to do that at least every hour or so as well.

You could use the IEconService/GetTradeOffer API method to fetch the trade offer details, which would include the user's SteamID. creator_id is the ID of the trade offer.

The sessionid cookie should indeed be universal. You can use whatever value you want.

That means it couldn't find any pending confirmations that map to an object (trade offer, market listing, or other) with that ID.

You'd need to figure out what requests the help site (help.steampowered.com) makes to change your email, and make those requests yourself using cookies obtained from steam-user or steam-session.