Each API endpoint is located under https://www.bungie.net/platform. Some endpoints require you to be authorised and cannot be used without additional parameters being passed to the platform. All endpoints return RESTful JSON .
Minimum Request RequirementsEdit
When making a request to the platform, you must include the following headers in addition to standard HTTP request headers (i.e. Host):
Requests should be made using HTTPS.
Minimum Private Endpoint Requirements Edit
In addition to the minimum request requirements above, private endpoints requiring authentication must provide additional details when making requests to the platform. These include:
- Cookie [see below]
Bungie.net needs to identify which account is making a request, which is of course done using cookies. You will need to provide, at a minimum, the following cookies:
bungles(no longer needed)
You should also provide the following cookies to aid in diagnostic tasks:
Minimum Response DetailsEdit
Each endpoint returns a single JSON-encoded object with at least the following properties:
- ErrorCode (integer)
- ErrorStatus (string)
- Message (string)
- MessageData (object)
- Response (mixed)
- ThrottleSeconds (integer)
If the request returns the error 'WebAuthRequired' you can use the APItest script to find the problem.