This guide describes how to interact with the Lostark Open APIs. It is intended for software developers and walks you through implementation details and sample code.
Making a valid HTTP request to the Lostark Open API services involves three parts:
Remember, your JWT must always be included with every API request. Specify it in the authorization header.
curl -X 'GET' 'https://developer-lostark.game.onstove.com/exmaple/api'
-H "accept: application/json"
-H "authorization: bearer your_JWT"var xmlHttpRequest = new XMLHttpRequest();
xmlHttpRequest.open("GET", "https://developer-lostark.game.onstove.com/exmaple/api", true);
xmlHttpRequest.setRequestHeader('accept', 'application/json');
xmlHttpRequest.setRequestHeader('authorization', 'bearer your_JWT');
xmlHttpRequest.onreadystatechange = () => { };
xmlHttpRequest.send();GET /guilds/rankings API takes a 'serverName' string as a request parameter. Since it is a query string, compose your request URL as follows:
curl -X 'GET' 'https://developer-lostark.game.onstove.com/guilds/rankings?serverName=%EB%A3%A8%ED%8E%98%EC%98%A8'
-H 'accept: application/json'
-H 'authorization: bearer your_JWTvar xmlHttpRequest = new XMLHttpRequest();
xmlHttpRequest.open("GET", "https://developer-lostark.game.onstove.com/guilds/rankings?serverName=%EB%A3%A8%ED%8E%98%EC%98%A8", true);
xmlHttpRequest.setRequestHeader('accept', 'application/json');
xmlHttpRequest.setRequestHeader('authorization', 'bearer your_JWT');
xmlHttpRequest.onreadystatechange = () => { };
xmlHttpRequest.send();GET /armories/characters/{characterName}/profiles API takes a 'characterName' string as a request parameter. Since it is a path string, you need to compose your request URL like this below
curl -X 'GET' 'https://developer-lostark.game.onstove.com/armories/characters/coolguy/profiles'
-H 'accept: application/json'
-H 'authorization: bearer your_JWT'var xmlHttpRequest = new XMLHttpRequest();
xmlHttpRequest.open("GET", "https://developer-lostark.game.onstove.com/armories/characters/coolguy/profiles", true);
xmlHttpRequest.setRequestHeader('accept', 'application/json');
xmlHttpRequest.setRequestHeader('authorization', 'bearer your_JWT');
xmlHttpRequest.onreadystatechange = () => { };
xmlHttpRequest.send();POST /auction/items API requires a 'requestAuctionItems' object as a POST body. You can specify an object body with -d in curl.
curl -X 'POST' 'https://developer-lostark.game.onstove.com/markets/items'
-H 'accept: application/json'
-H 'authorization: bearer your_JWT'
-H 'Content-Type: application/json'
-d '{
"CategoryCode": 20000
}'var xmlHttpRequest = new XMLHttpRequest();
xmlHttpRequest.open("POST", "http://developer-lostark.game.onstove.com/markets/items", true);
xmlHttpRequest.setRequestHeader('accept', 'application/json');
xmlHttpRequest.setRequestHeader('authorization', 'bearer your_JWT');
xmlHttpRequest.setRequestHeader('content-Type', 'application/json');
xmlHttpRequest.onreadystatechange = () => { };
xmlHttpRequest.send(JSON.stringify({"CategoryCode" : 20000}));The Lostark Open API returns basic HTTP errors. See this table below.
| Code | Description |
| 200 |
OK |
| 401 |
Unauthorized |
| 403 |
Forbidden |
| 404 |
Not Found |
| 415 |
Unsupported Media Type |
| 429 |
Rate Limit Exceeded |
| 500 |
Internal Server Error |
| 502 |
Bad Gateway |
| 503 |
Service Unavailable |
| 504 |
Gateway Timeout |
During maintenance, the Maintenance page will be displayed across the website, and your requests will return a 503 Service Unavailable HTTP status code. It is advisable to refrain from further requests or adjust the request interval upon encountering this status code.
Ensure your request quota is utilized effectively! Due to throttling, it's essential for your application to implement a robust caching strategy. Efficient management of in-game data is crucial; for certain datasets, you may only need to call the API once a day or even once a week. For instance:
The response data for these APIs typically remains static unless unexpected maintenance that alters the current resources or response model. Exceeding your quota by continuously generating requests will result in application throttling, necessitating a wait for quota refresh. It is advisable to refrain from excessive polling with microsecond intervals or redundant requests triggered by each user interaction.
We facilitate client request rate management by providing access to counters and timestamps. These response headers indicate the number of requests allowed per minute, the remaining requests, and the time of the next quota refresh:
| Response header key | Response header value | Desc |
| X-RateLimit-Limit | 100 | Request per minute |
| X-RateLimit-Remaining | 15 | The number of available requests for your client. |
| X-RateLimit-Reset | 1668659557 | The UNIX timestamp for the next refresh of your quota. |
We have 5 api status.
means the server is trying to get the status metadata.
means the server is not operational.
means the server is partically functional.
means the server is fully operational.
means the server is under maintenance.
Be sure to check changelog often to stay updated.
We increment versions when we:
API endpoints, properties/fields in the response data, and parameters can all be deprecated for various reasons. Unfortunately, we may not always inform you in advance due to sudden changes in game data.