Manual:Bot passwords

Bot passwords allow applications or bots to log in with a simple username-password combination even if the wiki employs some extra authorization steps that the bot framework could not handle; they also allow limiting the permissions given to the bot (e.g. the bot might be allowed to edit articles but not to create new ones). Clients using bot passwords can only access the API, not the normal web interface.

New bot passwords can be created and existing ones managed via Special:BotPasswords.

This is a simpler alternative to OAuth, meant for bots which do not support that. If the wiki and the bot support OAuth, use that instead; it is more secure, especially on wikis without robust HTTPS support.