This guide describes how to interact with Lostark Open APIs. This is a technical guide intended for software developers, which walks you through implementation details and sample codes.
Making a valid HTTP request to Lostark Open API services all comes down to 3 parts.
Remember your JWT must be always presented along with every API requests. You need to specify it in the authorization header.
curl -X 'GET' 'https://developer-lostark.game.onstove.com/exmaple/api'
-H "accept: application/json"
-H "authorization: bearer your_JWT"
var xmlHttpRequest = new XMLHttpRequest();
xmlHttpRequest.open("GET", "https://developer-lostark.game.onstove.com/exmaple/api", true);
xmlHttpRequest.setRequestHeader('accept', 'application/json');
xmlHttpRequest.setRequestHeader('authorization', 'bearer your_JWT');
xmlHttpRequest.onreadystatechange = () => { };
xmlHttpRequest.send();
GET /guilds/rankings API takes a 'serverName' string as a request parameter. Since it is a query string, you need to compose your request URL like this below
curl -X 'GET' 'https://developer-lostark.game.onstove.com/guilds/rankings?serverName=%EB%A3%A8%ED%8E%98%EC%98%A8'
-H 'accept: application/json'
-H 'authorization: bearer your_JWT
var xmlHttpRequest = new XMLHttpRequest();
xmlHttpRequest.open("GET", "https://developer-lostark.game.onstove.com/guilds/rankings?serverName=%EB%A3%A8%ED%8E%98%EC%98%A8", true);
xmlHttpRequest.setRequestHeader('accept', 'application/json');
xmlHttpRequest.setRequestHeader('authorization', 'bearer your_JWT');
xmlHttpRequest.onreadystatechange = () => { };
xmlHttpRequest.send();
GET /armories/characters/{characterName}/profiles API takes a 'characterName' string as a request parameter. Since it is a path string, you need to compose your request URL like this below
curl -X 'GET' 'https://developer-lostark.game.onstove.com/armories/characters/coolguy/profiles'
-H 'accept: application/json'
-H 'authorization: bearer your_JWT'
var xmlHttpRequest = new XMLHttpRequest();
xmlHttpRequest.open("GET", "https://developer-lostark.game.onstove.com/armories/characters/coolguy/profiles", true);
xmlHttpRequest.setRequestHeader('accept', 'application/json');
xmlHttpRequest.setRequestHeader('authorization', 'bearer your_JWT');
xmlHttpRequest.onreadystatechange = () => { };
xmlHttpRequest.send();
POST /auction/items API requires a 'requestAuctionItems' object as a POST body. You can specify an object body with -d in curl.
curl -X 'POST' 'https://developer-lostark.game.onstove.com/markets/items'
-H 'accept: application/json'
-H 'authorization: bearer your_JWT'
-H 'Content-Type: application/json'
-d '{
"CategoryCode": 20000
}'
var xmlHttpRequest = new XMLHttpRequest();
xmlHttpRequest.open("POST", "http://developer-lostark.game.onstove.com/markets/items", true);
xmlHttpRequest.setRequestHeader('accept', 'application/json');
xmlHttpRequest.setRequestHeader('authorization', 'bearer your_JWT');
xmlHttpRequest.setRequestHeader('content-Type', 'application/json');
xmlHttpRequest.onreadystatechange = () => { };
xmlHttpRequest.send(JSON.stringify({"CategoryCode" : 20000}));
Lostark Open API returns basic HTTP errors. See this table below.
Code | Description |
200 |
OK |
401 |
Unauthorized |
403 |
Forbidden |
404 |
Not Found |
415 |
Unsupported Media Type |
429 |
Rate Limit Exceeded |
500 |
Internal Server Error |
502 |
Bad Gateway |
503 |
Service Unavailable |
504 |
Gateway Timeout |
You will see Maintenance page all across this website and your requests will receive 503 Service Unavailable http status code when the API servers are under maintenance. You may want to stop requesting or adjust the request interval when you receive this http status code.
Please make your request quota count! Due to throttling in place, your application is required to implement certain cache strategy as the best practice. Characterizing in-game data is important too. For some in-game data, you don't even have to call the API twice. Calling once a day or even a week is enough for certain APIs. For example...
The response data APIs above return won't usually change unless there is an unexpected maintenance that causes certain changes to the relevant resources. Generating requests regardlessly will make your application end up throttling quarantine zone and you will need to wait for us to refresh the quota. Make sure you avoid endless polling logics in place with a micro second interval or regardless requests with every user interactions.
We can help you throttle your client application by exposing counters and timestamp for you to evaluate your quota. You can see how many requests you can make per a minute, how many requests are left, when the quota will be refreshed by looking at these three header key/value pairs in your response.
Response header key | Response header value | Desc |
X-RateLimit-Limit | 100 | Request per minute |
X-RateLimit-Remaining | 15 | The number of available requests for your client. |
X-RateLimit-Reset | 1668659557 | The UNIX timestamp for the next refresh of your quota. |
We have 5 api status.
means the server is trying to get the status metadata.
means the server is not operational.
means the server is partically functional.
means the server is fully operational.
means the server is under maintenance.
Be sure to check changelog often!, which will keep you updated.
We increment versioning when we
API endpoints, properties/fields in the response data, parameters can all be deprecated for a variety of reasons. We regret to tell you that we may not be able to inform you of the deprecated entities in advance due to sudden, unnoticed changes in game data.