Some sites offer this functionality, such as Pokemon Zone and also PTCGP Raenonx.
It would be great to have this possibility here, as it is very difficult to register all the cards manually and keep everything up to date all the time.
Hi. As far as I understand, there is no official way to connect to the Nintendo account.
I know there is a -very dodgy- hack to do it, which I looked into. It basically means you have to share a private login URL with a token in it into the website (like ours) which allows us to (hijack) store the token and use it later to fetch the cards.
The reason why I donāt like this, is because it basically gives access to your complete Nintendo account. Not just your pokĆ©mon game, and Iām not entirely sure what exactly allows us to do with this access. Iām a bit afraid this is a huge security vulnerability, which could result in you losing your account completely if such token would leak out.
I will look into this a bit more later, but I strongly advise anyone to never connect to any application in such a way.
PS. of course, if there is a way to do this in a secure matter, that would be awesome.
3 Likes
I also canāt say about the safety of this method, I am trusting 2FA to make sure I will not lose my account.
Thanks for the answer!
And I hope it is safe, when you look better, I will be happy to receive your answer again 
It is not about 2fa, itās about giving access to your account via the API to a untrusted third party.
1 Like
Even if the third party is reliable, a vulnerability could be found in the future and all the information may be leaked as it happened with Sony, Nintendo etc, earlierā¦
but that is a really good recommendation there!
What about a mobile overlay app that let you scan the pack and automatically updates your collection? It could also be used on your collection to speed up the initial set-up.
Sounds difficutl to program, so would it be always active?
Should it have an overlayed button to activate teh card recognition card? or how would it detect when we are just scrolling trough cards, or playing a match, vs opening packs?
And what if we are watching a youtube video of someone openning a pack?
And what about the safety implications? I do not think that most people are willing to vulnerate their safety having an app tracking whatever happens at their screenā¦Just to have synced cards faster? Hard to believe.
Maybe only active during the app?
Could it be considered as a hack by nintendo? AS a variation of the program could give you an AI analyzer of the match telling you what to play to havethe best chances to win (or/and the probability of winning to forfeit). SO Permaban in the future for all the users?
1 Like
I really donāt think thereās any sensitive or compromising information tied to my Nintendo account. When you talk about data leaks, I donāt see how that could affect me personally. If it were a leak of my address, bank details, social security number or something like that, I would understand.
That would be a dangerous thing, an app that captures any information on the screen. Who can guarantee that it would only capture the game cards?
Possibly it could affect you eveytime you type a password, or use the bank. So potentially dangerous if the information goes to the wrong hands.
Like in your next post, I also see why not so many people would be interested in using such app, or āfeatureā.
A way might be to never store the token right? The user would have to paste it every time they want to sync
1 Like
Iām currently using an overlay app called Poke Geni for PokĆ©mon Go to help assess PokĆ©monās battle potential. The way it work is, as you mentioned, by being activated when needed. In the attached image, you can see the button that appear on top of the app and when clicked it shows you additional information.
My suggestion is to use it in a similar way, so every time you open a pack you can click the button and it will automatically update your collection (or show you the matches and ask you to confirm). Similarly you could use it on My Cards to scan multiple pages (it would still be a bit cumbersome but probably faster than update each single card manually).
Coming to the privacy concerns I fully agree, an application that can spy on your screen is not great, but for Poke Geni I only open it when Iām in the app and in the notification center I get a reminder that it is running with the option to disable it, so once Iām done I just stop it. Secondly, the project seems to be open source, so the overlay app could be added to the Git repository as well, where everyone can see the code and make sure is not doing anything shady.
For the difficulty of implementation I can not speak, I have never implemented such an application, but with all the AI tools on the market maybe it could be vide coded? 
jokes aside, maybe in the community there is someone skilled enough to help.
A couple of final notes:
- Poke Geni has more than 10M download, so I donāt think privacy concerns will prevent people from downloading it
- As far as I know, overlay apps are only working on Android devices so this will probably not work on iPhones. Android is in any case still having more than 70% of market share
- Poke Geni will not get your account banned as it does not violate Nianticās Termās of Service, but I can not guarantee 100% that it will be same on TCG. I assume if the functionality is only to read cards it should be safe but if it gives battle advice maybe it could be borderline cheating and therefore against the ToC.
1 Like
The PTCGP Raenonx website works like this, whenever you want to sync data you need to inform Token.
Pokemon Zone, it saves the token and you just need to click a button at any time to synchronize.
It is worth noting that if you have the game open on your mobile phone and try to synchronize the data on the web, the game session is closed, a message appears informing that the login was made on another device. But right after synchronizing, you can access the game again.
I donāt like the ālogin token hijackā approach for several reasons:
- It is against the ToS of Nintendo and could result in a cease and desist order shutting down our site
- The API is undocumented and I donāt know what youāll able to do with this token. You probably have access to your entire Nintendo account including write access. This means we could make a bug and accidentally wipe your Nintendo account. Or worse if the token leaks, someone could take control of your account.
- Having multiple logins at the same time on multiple devices could probably also get your Nintendo account suspended since it is against their ToS.
I like the idea of having a companion app running on your Android device. Iām guessing this has to be a native app you install. I donāt have any experience developing apps for Android so I have no clue how this would work. Would be great if anyone on the forum/site is willing to figure this out and make a PoC. Iāll make a ticket in GH for visibility as well.
3 Likes
I know Iām late to the party, but if youāve ever purchased anything on your Nintendo account and saved your financial info there, they store that information (credit card # for instance) and link it to your Nintendo account. So you would be risking access to that information by providing an auth token for your account to a third party.