Developer

API STATUS
All APIs are operational.
MY CLIENTS LOGOUT

GETTING STARTED

You can get started using Lostark Open API following basic procedures below and understand how it works.

Login

Before you hit any of Lostark Open APIs, you need to sign in to your Stove.com account. If you don't have one yet, please sign up here. There's no further step to sign up Lostark Open API website. Stove signing up will do. As soon as you sign in, you can create a new client right away.

Create A Client

You need to follow a few steps to create a client.


  • 1. Click CREATE A NEW CLIENT button or click this link
  • 2. In the Client Name field, enter a name to identify your client in the list view. The name only belongs to your account.
  • 3. In the Client URL field, enter the URL of the service that will be using this client.
  • 4. In the Client Description field, describe what your application will do.
  • 5. Read and agree Terms of Use and Privacy Policy. ( These are NOT optional )
  • 6. After creating your client, check out the detail on MY CLIENTS page or on the popup that you can see when you click the red identity button on the top right corner.

JWT Key

The moment you create a client, JWT is going to be immediately issued for you. We have OAuth security layer in place, but you don't have to worry about refreshing your expired token or performing redundant, tedious task to ask a fresh new access token.

The issued security token will be indefinitely valid unless we determine that your key is not secured or user deletes the client. We strongly recommend you to store JWT token in a secure place, such as a trustful server side application.

Let us give you a practical example. If you received a token called "abcdefghijklmnopqrstuvwxyz", then you must set the authorization header following way below.

Example Validity
"Authorization: bearer abcdefghijklmnopqrstuvwxyz" O => VALID
"Authorization: abcdefghijklmnopqrstuvwxyz" X => INVALID (missing "bearer")
"Authorization: bearer {abcdefghijklmnopqrstuvwxyz}" X => INVALID
"Authorization: bearer <abcdefghijklmnopqrstuvwxyz>" X => INVALID
"Authorization: bearer{abcdefghijklmnopqrstuvwxyz}" X => INVALID
"Authorization: bearerabcdefghijklmnopqrstuvwxyz" X => INVALID

API Documentation

Lostark Open API documentation lets you interact with the API's resources without actual implementation logic in place. You can explore what we offer, make an actual request via the tool with your JWT. Always make sure you click "Try it out" button to enable "Execute" button, that will finalize the request setup and call the API and get you the result.

Exploring the request parameters and checking out responses prior to implementing Lostark Open APIs will greatly save your time and effort.

Swagger Authorization

To authorize and call an API in Lostark Open API documentation, you need to pass your JWT in.


  • 1. Click AUTHORIZE button
  • 2. Put your JWT in the VALUE field
  • ※ Make sure you avoided bad examples presented above for successful validations of your token.

  • Available authorizations

    apiKeyAuth (apiKey)

    Enter your API JWT here to be used with the interactive documentation
    ex:) bearer JWT
    ※ if unauthorized with your valid token, please check out this bad examples.
    ※ Please make sure you avoided the invalid cases.

    Name: authorization

    In: header

Throttling

Clients are limited to fire 100 requests per a minute. Exceeding the minute quota results in 429 response until we reset the quota. We automatically renew the quota every minute, so you can expect your application would work after a minute once you hit the limit.


Throttling metadata in the response header

429 responses are probably meaningless for you and you may feel frustrated. Throttle your client application then! these metadata below will come in handy for you.
X-RateLimit-Limit : Request per minute (int)
X-RateLimit-Remaining : The number of available requests for your client. (int)
X-RateLimit-Reset : The epoch time for the next refresh of your quota. (long)