User blog comment:Kagimizu/SFW Improvement/@comment-2219543-20111101164618

bots

If the password is correct, this will return a "NeedToken" result and a "token" parameter in XML form, as documented at mw:API:Login. Other output formats are available. It will also return HTTP cookies as described below. where TOKEN is the token from the previous result. The HTTP cookies from the previous request must also be passed with the second request.
 * Request 1
 * URL:
 * POST parameters:
 * Request 2
 * URL:
 * POST parameters:

I agree