Developer

API STATUS
All APIs are operational.

GETTING STARTED

You can start using the Lostark Open API by following basic procedures below to understand how it works.

Login

Before using any of the Lostark Open APIs, you need to sign in to your Stove.com account. If you don't have one yet, please sign up here. There is no additional step required to sign up for the Lostark Open API website; signing up for Stove will suffice. Once you sign in, you can create a new client immediately.

Create A Client

Follow these steps to create a client:


  • 1. Click CREATE A NEW CLIENT button or this link
  • 2. In the Client Name field, enter a name to identify your client in the list view. This name will only be associated with your account.
  • 3. In the Client URL field, enter the URL of the service that will be using this client.
  • 4. In the Client Description field, describe what your application will do.
  • 5. Read and agree Terms of Use and Privacy Policy. ( These are NOT optional )
  • 6. After creating your client, you can view the details on the MY CLIENTS page or in the popup that appears when you click the red identity button in the top right corner.

JWT Key

When you create a client, a JWT is issued immediately. We have an OAuth security layer in place, but you don't need to worry about refreshing expired tokens or performing tedious tasks to request a new access token.

The issued security token will remain valid indefinitely unless we determine that your key is not secure or the user deletes the client. We strongly recommend storing the JWT token in a secure place, such as a trusted server-side application.

For example, if you receive a token called "abcdefghijklmnopqrstuvwxyz", you should set the authorization header as follows:

Example Validity
"Authorization: bearer abcdefghijklmnopqrstuvwxyz" O => VALID
"Authorization: abcdefghijklmnopqrstuvwxyz" X => INVALID (missing "bearer")
"Authorization: bearer {abcdefghijklmnopqrstuvwxyz}" X => INVALID
"Authorization: bearer <abcdefghijklmnopqrstuvwxyz>" X => INVALID
"Authorization: bearer{abcdefghijklmnopqrstuvwxyz}" X => INVALID
"Authorization: bearerabcdefghijklmnopqrstuvwxyz" X => INVALID

API Documentation

The Lostark Open API documentation allows you to interact with the API's resources without actual implementation logic. You can explore what we offer and make actual requests using your JWT. Always ensure you click the "Try it out" button to activate the "Execute" button, which finalizes the request setup, calls the API, and provides the result.

Exploring the request parameters and checking the responses before implementing the Lostark Open APIs will save you a significant amount of time and effort.

Swagger Authorization

To authorize and call an API in the Lostark Open API documentation, you need to pass your JWT as follows:


  • 1. Click AUTHORIZE button
  • 2. Enter your JWT in the VALUE field
  • ※ Make sure to avoid the bad examples presented above for successful validations of your token.

Throttling

Clients are limited to 100 requests per minute. Exceeding this quota results in a 429 response until the quota is reset. The quota is automatically renewed every minute, so your application should resume working after a minute once the limit is reached.


Throttling metadata in the response header

429 responses are probably meaningless for you and you may feel frustrated. Throttle your client application then! these metadata below will come in handy for you.
X-RateLimit-Limit : Request per minute (int)
X-RateLimit-Remaining : The number of available requests for your client. (int)
X-RateLimit-Reset : The epoch time for the next quota refresh. (long)