Reddit Vault

Credential store for Reddit accounts — $0.01 per account. Save your Reddit Token V2 (the token_v2 cookie) or Reddit Session (the reddit_session cookie) plus the matching proxy under a friendly name like main, alex-burner, or work_2. Then in any of the RedCrawler Reddit actors (Posting, Wiki, Flairs, Content Fetcher, …) just type the saved name — no more pasting credentials + proxy on every run.

You're charged $0.01 only when a new account is added (STORE). Looking up your accounts (STATUS), rotating credentials (UPDATE), and deleting accounts (CLEAR) are free — and so is leaving accounts sitting in the vault. One-time onboarding cost per account, no subscriptions, no monthly storage fees.

---

Credential lifetimes

Credential	Lifetime	Where to find it	When to refresh
Token V2 (token_v2 cookie)	~24 hours	Browser DevTools → Application → Cookies → https://www.reddit.com → token_v2	Daily — or save a Reddit Session below and let the vault auto-refresh it
Reddit Session (reddit_session cookie)	~180 days	Browser DevTools → Application → Cookies → https://www.reddit.com → reddit_session	Roughly twice a year, or whenever a run reports unauthorized

Recommended: save a reddit_session rather than a token_v2 — the vault auto-mints fresh tokens from your saved session every ~23 hours, so a single STORE keeps the account working for months. See How to get these credentials at the bottom of this page for screenshots.

---

Why this actor exists

Reddit IP-binds token_v2 and reddit_session to the IP that minted them. That means every Reddit actor needs two secrets to work:

1. The Token V2 (or Reddit Session) that authenticates the request.
2. The exact proxy IP that was used when the credential was created — otherwise Reddit returns 401 / "session corrupted".

Pasting both fields into every actor run is error-prone (one wrong character and the credential rejects), and a token_v2 expires roughly every 24 hours so it needs rotating. The vault solves both problems:

• Save the pair once.
• Reference the saved pair by name from any other Reddit actor.
• Optionally save the longer-lived Reddit Session too — the vault then auto-refreshes the Token V2 in the background every ~23 hours so your saved account keeps working for months without manual rotation.

Each new account stored costs $0.01 (one-time onboarding charge). After that, the account sits in the vault for free indefinitely, and the consumer actors that use it are billed independently.

---

How it works

You pick a mode (STORE / UPDATE / STATUS / CLEAR), fill the matching fields, and run. Credentials are encrypted at rest, never logged, and STATUS never returns the plaintext Token V2 or Reddit Session (just the last 4 chars as a hint, plus expiry).

Other actors in the family (Posting, Wiki, Flairs, Content Fetcher, …) reuse what you save here — you reference the saved account by name in their Saved account name field, and they never see your credentials or proxy directly.

---

The four modes

The first input field, Mode, decides what this run does:

Mode	What it does	Required fields
STORE	Save a NEW account. Fails if Account name already exists.	Account name + (Token V2 or Reddit Session) + proxy
UPDATE	Replace credentials on an existing account. Fails if the name is not in your vault.	Account name + at least one of (Token V2, Reddit Session, proxy)
STATUS	List every account you have saved. Returns name, last-4 hint, expiry, proxy IP — no plaintext.	(none)
CLEAR	Delete one account, or all of them if Account name is left blank.	(optional Account name)

Modes are chosen via the dropdown at the top of the input form — only the fields that matter for the chosen mode need filling, the rest are ignored.

---

Quick start — save your first account

Option A — save a Token V2 (simple, expires in ~24h)

1. Mode → STORE — save a new account
2. Account name → main (or any 1-32 char label)
3. Token V2 → paste your eyJ… token_v2 cookie value
4. Proxy → paste ip:port:user:pass (the proxy that minted the Token V2)
5. Run the actor.

You'll get a dataset row like:

{
  "success": true,
  "mode": "STORE",
  "account_name": "main",
  "token_hint": "...A8q4",
  "proxy_address": "1.2.3.4:8080",
  "remaining": "23h 47m",
  "expires_at": "2026-05-08T11:42:18+00:00",
  "auto_refresh": false
}

Option B — save a Reddit Session (auto-refresh, lasts ~180 days)

1. Mode → STORE
2. Account name → main
3. Reddit Session → paste the eyJ… reddit_session cookie value from your browser
4. Proxy → ip:port:user:pass
5. Run.

The vault exchanges the Reddit Session for a fresh Token V2 immediately, then auto-refreshes the Token V2 every ~23h until the Reddit Session itself expires (~180 days). auto_refresh: true in the result confirms it's wired up.

Why Reddit Session > Token V2: a raw Token V2 expires in ~24 hours and you'd have to re-run STORE every day. A Reddit Session lasts ~180 days — the vault uses it like a refresh token.

Use the saved account from another actor

In any of the RedCrawler Reddit actors (Reddit Posting V1, Reddit Wiki, Reddit Flairs V2, Reddit Content Fetcher, …):

1. Credential source → Use saved account (vault)
2. Saved account name → main
3. Leave Token V2 + proxy blank — they're ignored when the source is the vault.

The actor talks to the vault, pulls the Token V2 + proxy, runs your call, and that's it.

---

Input field reference

Mode (required)

• STORE — save a new account
• UPDATE — replace credentials on an existing account
• STATUS — list every saved account
• CLEAR — delete one account, or all if name is blank

Account name

• 1-32 characters
• Allowed: lowercase letters, digits, -, _
• Examples: main, alex-burner, work_2, dev_test
• Required for STORE / UPDATE; optional for CLEAR; ignored for STATUS

Token V2

• The token_v2 cookie value, a JWT starting with eyJ…
• Provide this OR a Reddit Session — not both unless you also want auto-refresh
• Must be paired with the proxy that minted it (Reddit IP-binds token_v2)
• Lifetime: ~24 hours
• Stored encrypted; the STATUS endpoint only returns the last 4 characters as a hint

Reddit Session

• The longer-lived reddit_session cookie value (also eyJ…)
• When you provide this, the vault:
  • Exchanges it for a fresh Token V2 right away
  • Stores both the Reddit Session AND the derived Token V2
  • Auto-refreshes the Token V2 every ~23h until the Reddit Session itself expires (~180 days)
• Lifetime: ~180 days — strongly recommended over raw Token V2

Proxy

• Format: ip:port:user:pass
• Required for STORE; optional for UPDATE (only include it if you want to change the proxy)
• Reddit binds Token V2 / Reddit Session to the IP that minted them — if you change proxies, also rotate the credential

---

Output schema

Every run pushes exactly one record to the run's default dataset. The shape depends on the mode.

STORE / UPDATE result

{
  "success": true,
  "mode": "STORE",
  "account_name": "main",
  "token_hint": "...A8q4",
  "proxy_address": "1.2.3.4:8080",
  "remaining": "23h 47m",
  "expires_at": "2026-05-08T11:42:18+00:00",
  "auto_refresh": true
}

STATUS result

{
  "success": true,
  "mode": "STATUS",
  "account_count": 3,
  "accounts": [
    {
      "account_name": "main",
      "token_hint": "...A8q4",
      "proxy_address": "1.2.3.4:8080",
      "has_session": true,
      "bearer_remaining": "23h 14m",
      "bearer_expired": false,
      "updated_at": "2026-05-07T11:42:18+00:00",
      "expires_at": "2026-05-08T11:42:18+00:00",
      "session_expires_at": "2026-11-04T18:00:00+00:00"
    },
    { "account_name": "alex-burner", "...": "..." }
  ]
}

CLEAR result

{
  "success": true,
  "mode": "CLEAR",
  "account_name": "main",
  "deleted": 1,
  "scope": "single"
}

When Account name is blank, scope: "all" and deleted is the count of every entry wiped.

Failure result

{
  "success": false,
  "mode": "STORE",
  "account_name": "main",
  "error": "Account 'main' already exists in your vault (token ...A8q4). Use UPDATE to replace it."
}

---

Common workflows

Add a second account

mode: STORE
accountName: alex-burner
reddit_session: eyJ...   (or token_v2)
proxy: 1.2.3.4:8080:user:pass

Rotate a Token V2 that just expired

If you saved a Reddit Session originally, the vault auto-refreshes — you don't need to do anything.

If you saved a raw Token V2:

mode: UPDATE
accountName: main
token_v2: eyJ...new...

(proxy can stay blank to keep the existing one)

Move an account to a new proxy

mode: UPDATE
accountName: main
token_v2: eyJ...   (must mint a fresh Token V2 from the new IP first)
proxy: 5.6.7.8:8080:user:pass

See what you have

mode: STATUS

Delete one account

mode: CLEAR
accountName: alex-burner

Wipe everything

mode: CLEAR
(leave accountName blank)

---

Security model

• Encryption at rest. Token V2 and Reddit Session values are encrypted before storage and never logged in plaintext.
• No plaintext echo. STATUS returns the last 4 characters of the credential as a hint — never the full Token V2 or Reddit Session.
• Per-customer isolation. Your vault is keyed by your Apify user ID. Other Apify customers cannot see, list, or delete your accounts.
• Reserved names. default is reserved as a fallback for actors that don't ask for an account name. Pick anything else.
• Audit log. Every STORE / UPDATE / CLEAR is recorded against your account with a token hint and timestamp — useful if you ever lose track of what's in the vault.

---

Limits and quirks

• Token V2 length check. A token_v2 shorter than 50 characters is rejected as malformed.
• Reddit Session must be live. STORE/UPDATE with an expired reddit_session fails with Session cookie is already expired. — refresh the cookie in your browser first.
• Reddit Session ↔ proxy match. If the reddit_session cookie was minted on IP A and you save it with proxy IP B, the Token V2 derivation step will fail and the entry won't save.
• UPDATE never wipes a working entry on bad input. If you send a broken session in UPDATE, the existing entry stays untouched — the actor returns an error instead of silently breaking your account.
• Names are normalized. Main, MAIN, and main all collide. The vault stores the lowercased form.

---

Troubleshooting

Error	Why	Fix
Account 'X' already exists in your vault	Used STORE for a name that's taken	Use UPDATE instead, or CLEAR first
No vault entry named 'X' found	Used UPDATE for a name that doesn't exist	Use STORE first, or check STATUS for the exact name
Provide either 'bearer' or 'session'	STORE/UPDATE without any credential	Add at least one of: Token V2 or Reddit Session
Failed to derive bearer from session	Reddit Session valid but proxy wrong, or it was IP-bound to a different IP	Use the same proxy that was active when you logged in
Session cookie is already expired	The reddit_session JWT's exp field is in the past	Log into Reddit again in your browser, copy the new reddit_session cookie
'proxy' is required	STORE without a proxy	Always pass the proxy that minted the Token V2 / Reddit Session
Invalid proxy format	Bad proxy string	Use exactly ip:port:user:pass, no protocol prefix, no extra whitespace

---

Companion actors that read from the vault

Once your account is saved, set Credential source = Use saved account (vault) and pick the name in any of:

• Reddit Posting V1 — create text / link / image / gallery / video / GIF / crosspost / poll posts
• Reddit Wiki & Emojis & Widgets — read wiki pages, listings of emojis and widgets per subreddit
• Reddit Flairs V2 — manage user / link flair on subreddits
• Reddit Content Fetcher — pull the saved posts / comments / messages stream for the account

All of them accept the same accountName field — saving a credential here works for every consumer actor immediately.

---

How to get these credentials

The vault doesn't mint credentials — it only stores them. You bring your own.

From a desktop browser (recommended)

1. Open https://www.reddit.com in Chrome / Edge / Brave / Firefox and log into the account you want to save.
2. Open DevTools (F12 or right-click → Inspect) → Application tab → Storage → Cookies → https://www.reddit.com.
3. In the filter box at the top, type the cookie name and copy the Value column.

Token V2 (token_v2 cookie — ~24h)

The whole eyJ… string in the Value column is your Token V2. Lifetime: ~24 hours.

Reddit Session (reddit_session cookie — ~180 days)

Same procedure, different cookie name. The eyJ… Value column is your Reddit Session. Lifetime: ~180 days. This is the one we recommend saving — the vault will auto-mint Token V2s from it for you.

Then pair it with a proxy

Reddit IP-binds these cookies to the IP that minted them. The proxy you save into the vault MUST be the IP your browser was actually using when you logged in. For sustained automation, use mobile or residential proxies — datacenter IPs get aggressively rate-limited or shadowbanned for posting actions.

---

Why this actor is fast

• Speed — 1–2 seconds per STORE / UPDATE / STATUS / CLEAR. Pure HTTP to RedCrawler's vault API. No browser, no overhead.
• Reliability — zero browser flakiness. Cookie storage and rotation runs through direct API calls, not headless Chromium. No JS-render timeouts, no captcha pages.
• Footprint — under 100 MB RAM per run. Lightweight async actor — most operations complete in well under 2 seconds.

---

Pricing

$0.01 per new account stored. The vault uses Apify's pay-per-event pricing model with a single billable event:

Event	Trigger	Price
account-stored	A successful STORE run that adds a new account to your vault	$0.0001

Everything else is free:

• UPDATE (rotating Token V2 / Reddit Session / proxy on an existing account) — free
• STATUS (listing your saved accounts) — free
• CLEAR (deleting one account or all of them) — free
• Storage time — free, accounts can sit in the vault indefinitely

You'll see the per-event line item on your Apify usage statement as account-stored.

The consumer actors that use vault credentials (Posting, Wiki, Flairs, Content Fetcher) are billed independently per their own event prices.

---

Support

Found a bug, want a feature, or have a credential format that doesn't fit (e.g. mod-only OAuth scopes)? Reach out via the actor's Apify Console feedback link, or open an issue at the RedCrawler support channel.

---

Reddit Vault is part of the RedCrawler family of Reddit actors. RedCrawler is independent — not affiliated with, endorsed by, or sponsored by Reddit, Inc.