Skip to content

The Discord developer platform, in five minutes

Status Stable · Last verified 2026-07-11 · API v10 · Source Discord getting started

The Discord platform looks big because it is really several products that share one name. Once you can name the pieces, everything else slots into place.

Almost everything a developer does reduces to talking over one (or both) of these:

Wire What it is Direction You use it to…
REST API Ordinary HTTPS to https://discord.com/api/v10 You → Discord (request/response) Send messages, create commands, manage guilds/roles/channels, read data
Gateway A persistent WebSocket connection Discord → You (real-time events) Receive events (messages, joins, reactions, voice state) as they happen

A third path, Interactions, can be delivered either over the gateway or to your own HTTP endpoint (Discord → your server, request/response). That choice is the single most important architectural fork for command-based apps — see choosing an integration model.

Discord
┌──────────────────────────────────────────────────────────────┐
│ │
│ Webhooks Apps ───────────────┐ OAuth2 │
│ (post-only) (identity + config) │ (authorize │
│ │ │ │ & install) │
│ │ ┌────┴────┐ │ │ │
│ POST JSON Bot user Interactions │ scopes, │
│ to a URL (token, (commands, │ user-install │
│ intents) components, │ vs guild- │
│ modals) │ install │
│ │ │ │ │
│ Gateway Gateway OR │ │
│ (WebSocket) HTTP endpoint (Ed25519) │
│ │
│ Activities (Embedded App SDK) — an iframe app running │
│ inside the Discord client, over RPC/voice. │
└──────────────────────────────────────────────────────────────┘
  • Webhooks — a per-channel URL you POST JSON to. No bot, no login, no gateway, no intents. Ideal for “send this channel a notification.” Post-only. → Webhooks
  • Applications (“apps”) — the top-level identity you register in the Developer Portal. An app holds an Application ID, a Public Key, an optional Bot user + token, OAuth2 credentials, and its command/installation configuration. → Apps & Bots
  • Bots — a special automated user attached to an app, authenticated with a bot token. Bots connect to the gateway and act via REST. → Apps & Bots
  • Interactions — how users invoke your app: slash commands, user commands, message commands, plus buttons, select menus, and modals. → Interactions & Commands
  • Gateway — the real-time event stream, filtered by intents. → Gateway
  • OAuth2 — how apps are authorized and installed, and how you act on behalf of users. Introduces installation contexts (user-install vs guild-install). → OAuth2 & Installation
  • Activities — full apps that run inside the Discord client via the Embedded App SDK. → tracked in the platform map.
Thing Secret? Where it comes from
Application ID No Developer Portal → General Information
Public Key No (public by design) General Information — verifies inbound interactions
Bot token Yes — full control of the bot Bot tab → Reset Token
Client secret Yes OAuth2 tab → Reset Secret
Webhook URL Yes — anyone with it can post Channel → Integrations → Webhooks
Snowflake ID No Every object (guild, channel, user, message) has one — a 64-bit time-sortable ID

Handle the “Yes” rows like passwords. Start with Security and the repository’s SECURITY.md.

  1. Choose an integration model — the decision table that saves you the most time.
  2. Your first 15 minutes — a concrete, least-privilege first build, plus the beginner→advanced learning path.
  3. Get a DISCORD_WEBHOOK_URL — if you just need to post to a channel right now.