 This is a walkthrough on how to discover undocumented APIs and use them in your code. Here I have the title music app. And here I have a program called Fiddler, which is a web proxy software that allows you to see network requests. And I'm going to turn on this live traffic button here. And I'm going to go to the title. And let's just search for your poll. We'll just do a few things here and replay a track. Now I'll switch over here. I'll stop the capture. You can see we've made a ton of network requests here in the process of using title. If I were doing multiple things on the web, I might want to filter. And what I'm looking for here is api.title.com. What we want to look for in the response is a JSON file, something that's returning JSON back to us. Looks like we've got two things here. If we click on one of them, down here we see our JSON response. So it's returning items and this cursor null property. So up here is the request. And it shows the headers. So we have our host api.title.com, as well as this authorization header, which gives us a bearer token that we can use to make further API requests. So that's our authentication for the API. So you could just copy that value and place it in your code. And you can also look at the raw request. So that is get api.title.com profiles 18995-3206. So that's apparently my profile ID. And then all of these other parameters are used to return specific data back from the API. But we can look at those in a more organized manner by clicking on the Params tab. And you can see we're limiting our results to 500, setting our locale to US. And as you can see, returned nothing that useful really in the JSON response. But that is a usable request we could make in, say, JavaScript. And in fact, if we want to copy this as JavaScript, you can see under the Copy menu we have copy as fetch here. If you use Python, you could do Python. But I'm going to use fetch. I'm just going to VS code and paste that here. And you can see we have a valid fetch request in JavaScript. A lot of this stuff we probably wouldn't need and could strip out. And in fact, I've got a sort of working example here where I'm doing that. I've got my API address. I've got a route. And I've got my parameters. And so I'm just doing an async await here. This is Node.js. So on my root route, I'm saying fetch music, then send that data to the front of the browser. The fetch music function has a response from the API, which is an async await. And I request that route. The only data I'm passing here is the type of request, which is a get versus, say, a post. And then these headers, I've passed my authorization token. I'm telling it to expect JSON. And I return that response. So if we run that, let me go to a browser. Alcohol's 3,000. Oh, my token's expired. So I'll probably go back to title. Copy that bear token. And then you could just replace that here. Refresh, and there you go. I'm getting a response back. Now this was a different request than what we looked at before. And you can see it's actually now returning items. We've got Interpol, Sonic Use, Tool, Arcade Fire. So that's how you would use an undocumented API in JavaScript.