Skip to main content
Need help or have questions? Join our Discord server and ask in the support channels: Nebula0 - Discord.This guide is community-maintained. If you’re unsure about any step, it’s safer to ask first.
The NPSSO token lets you access private PlayStation APIs like PSNAWP. These APIs can be used to:
  • View user profile info
  • Check friends list and online status
  • Get trophy data
  • Access game metadata
  • Track PSN activity
  • And more

Get your NPSSO token

1

Log in to PlayStation.com

Log in to playstation.com using your browser. Log out and then log back in to refresh the token.
2

Extract the token

Go to https://ca.account.sony.com/api/v1/ssocookie. You’ll see:
{ "npsso": "your_64_character_token_here" }
Copy the token. It should be valid for 60 days.

What NPSSO can access

The NPSSO token gives limited access to your PlayStation account data. According to the PSNTools privacy policy, here’s what it can and cannot access:
Data pointAccessed
Account / login emailYes
Account / login passwordNo
Personal profile pictureYes
Real nameYes
Account devicesYes
Credit cards / payment detailsNo
All transaction historyYes
2-step verification phone numberNo
Exact date of birthYes
Verification statusYes
Cart itemsYes
This clarifies what level of privacy is maintained when using your NPSSO with third-party API tools.

Frequently asked questions

Yes. If someone gets your NPSSO token, they can extract sensitive account data — transaction history, real name, profile picture, date of birth, and other details tied to your PSN identity.Even though they can’t directly log in or change your password, they can log your transaction IDs. If they contact Sony support pretending to be you and provide those transaction details, they may be able to take over your account through social engineering.
Never paste your NPSSO on untrusted websites. Treat it like a password. Only use it with safe, known tools — ideally open-source ones you can inspect.
No. NPSSO is only used with unofficial, reverse-engineered APIs like:
  • psn-api
  • psnawp
  • Other tools that simulate PlayStation’s internal requests
You cannot use NPSSO with Sony’s official API endpoints or developer portals, since Sony has not made any public-facing API that supports it. NPSSO is meant for internal cookie-based session auth; these tools just repurpose it for personal use.
Yes. You can simplify the process with a browser extension that:
  • Detects when you’re signed into playstation.com, or signs you in
  • Extracts the NPSSO cookie from your current session
  • Displays or copies the token instantly
This is much faster than manually visiting the NPSSO URL each time.
Only use trusted tools. Never use apps or websites that ask for your NPSSO unless they are open-source or verifiable (for example, hosted on GitHub). Avoid .exe files or applications that offer cosmetic changes like custom avatars if they require your NPSSO or your pdccws_P.

Safe open-source tools

PSNToolBot — a Discord bot used mainly to add PlayStation 3 avatars to a shopping cart and obtain a PlayStation account ID from a username. Made by @hzhreal. More safe tools will be added soon.