TikTok

Upload videos to TikTok with full control over privacy level, branded-content disclosure, and commercial content flags. Postli uses TikTok’s Content Posting API.

Requirements

• A TikTok account — Personal, Business, or Creator. Postli detects the account type after OAuth.
• The account must accept TikTok’s third-party publishing consent (shown during OAuth).
• For branded-content posts: Business account required.

Spec

Create your TikTok app

TikTok requires merchants to register their own app and request approval for the Content Posting API. Expect a 3–7 day review.

1. Sign in at developers.tiktok.com/apps and click Connect an app. Use the TikTok account that owns the business identity (you can change the connected publishing account later).
2. Fill in the app details: name, category, description, terms-of-service URL, and privacy-policy URL. TikTok rejects apps without working URLs.
3. Under Add Products, add:
   • Login Kit — required for OAuth.
   • Content Posting API — toggle Direct Post on.
4. In Login Kit settings, add the Redirect URI:
   https://app.usepostli.com/api/integration/tiktok/callback
5. Request the following scopes: user.info.basic, user.info.profile, video.upload, video.publish. Each scope needs a written justification — explain that Postli schedules merchant videos to their own TikTok account.
6. Submit the app for review. Once approved, copy the Client Key and Client Secret from the app dashboard.
7. In Postli, open Settings → Integrations → TikTok, paste both values, and save.

OAuth setup

Once credentials are saved, go to Integrations → TikTok → Connect. You’ll be redirected to TikTok’s consent screen. You must approve all the requested permissions for posting to work.

Scopes Postli requests:

Post types in detail

Video

TikTok’s Content Posting API only supports single-video posts — photo carousels and live streams cannot be created via API. Postli uploads via the chunked-upload protocol (videos >64 MB are split into 10 MB chunks).

Privacy & disclosure

The TikTok channel tab in Postli exposes three settings:

• Privacy level — default is the account’s privacy default; can be overridden per post (Public / Followers / Private).
• Disable comments / duet / stitch — three independent toggles, matching the TikTok app.
• Commercial content — toggle either Your brand (own goods) or Branded content (paid partnership). Required by TikTok for any ad-funded post.

Auto-comments

TikTok’s public API does not expose comment publishing endpoints. As a result, Postli’s auto-comment feature is disabled for TikTok posts. Engagement metrics (views, likes, comments, shares) are still pulled.

Rate limits

TikTok enforces an uploads-per-day cap that varies by account type (typically 50 for Business). Postli respects the documented limit and defers excess posts to the next 24h window.

Gotchas & best practices

• Re-auth every 365 days. Postli refreshes the access token automatically using the refresh token, but the refresh token itself expires after 365 days — an account-health alert fires before then.
• Vertical 9:16 wins. Horizontal videos are letter-boxed and perform poorly. Use the channel-tab override to upload a 9:16 cut.
• Privacy default. If you don’t explicitly set a privacy level, TikTok uses the account’s default — which for some Business accounts is Private. Always set explicitly for production posts.
• Branded-content flag is mandatory on any post promoting a third-party brand, per TikTok policy. Misuse can lead to account restrictions.

Webhooks

Postli does not subscribe to TikTok webhooks. Engagement is polled.