API Reference

Information

Market API

API free libraries

Rate limit

20 requests per minute (3 seconds delay between per request).

If you exceed the limit, the response code 429 will be returned to you.

Token configuration

You can pass the token as a query parameter or in the request headers

  • Token query param name: oauth_token
  • Token bearer header name: Bearer

Discoverability

System information and availability can be determined by sending a GET request to / (index route). A list of resources will be returned. If the request is authenticated, the revisions of API system and installed modules will also made available for further inspection.

Common Parameters

i18n

All API requests accept locale parameter to switch user facing messages to specified language. The value must be a valid language code (ISO 639-1) with optional inclusion of a valid country code (ISO 3166-1 alpha 2) separated by a hyphen ("-"). If no complete match can be found, a language with the same language code (even with different country code) will be used. In the worst case that there are no installed languages of requested language code, the default language will be used. Since api-2015100401.

Fields filtering

For API method with resource data like a forum or a thread, the data can be filtered to get interested fields only. The general format is "key.sub_key.deep_key" if you want to include/exclude a specific field. The including rules take precedence over excluding ones.

  • fields_include: comma-separated list of fields of a resource. For additional fields, it is possible to use wildcard (*) to include all default fields before specifying additional ones.
  • fields_exclude: comma-separated list of fields of a resource to exclude in the response. Since r2016062001, it is possible to use wildcard as a prefix (e.g. "*.key") to exclude the field everywhere.

Resource ordering

For API method with list of resources, the resources can be ordered differently with the parameter order. List of supported orders will be specified for each method. The default order will always be natural. Most of the time, the natural order is the order of which each resource is added to the system (resource id for example).

Encryption

For sensitive information like password, encryption can be used to increase data security. For all encryption with key support, the client_secret will be used as the key. List of supported encryptions:

  • aes128: AES 128 bit encryption (mode: ECB, padding: PKCS#7). Because of algorithm limitation, the binary md5 hash of key will be used instead of the key itself.

Headers

  • Api-Bb-Code-Chr: !youtube: Replace multimedia tags (except youtube) in bbcode html with tools/chr link. Since forum-2018100301.
  • Api-Username-Inline-Style: Return rich username for username fields. Since forum-2018052101.

Content-Type

API always returns the response as application/json (With few exceptions).
You should send requests to API with application/json or application/x-www-form-urlencoded content type.

You can import the API into Postman using this file.