Docs
/Docs
Ctrl K
GitHubDashboard
IntroductionQuick StartInstallationConfigurationSelf-Hosting Guide
Unity SDK(soon)
Unreal SDK(soon)
Godot SDK(soon)
Web SDK
Mobile SDKs(soon)
Authentication(soon)
Player DataCloud Save
Leaderboards(soon)
Economy
Analytics(soon)
Remote Config
Push Notifications(soon)
Friends and Social(soon)
AB Testing(soon)
Player Segments(soon)
REST API
Authentication(soon)
Error CodesRate Limits
Webhooks(soon)
Migrating from Other Services(soon)
Best Practices(soon)
Security(soon)
Testing(soon)

Need help?

Join our Discord community for support and updates.

Join Discord
Docs/API Reference/REST API

REST API

Complete REST API documentation. Use this for custom integrations or platforms without an official SDK.

Base URL

https://api.ondara.io/v1

Authentication

API Key
Include your API key in all requests using the X-API-Key header.
X-API-Key: YOUR_API_KEY
Access Token
After authentication, include the access token for player-specific requests.
Authorization: Bearer ACCESS_TOKEN

Quick Example

1# Authenticate
2curl -X POST https://api.ondara.io/v1/auth/anonymous \
3  -H "X-API-Key: YOUR_API_KEY" \
4  -H "Content-Type: application/json"
5

6# Response
7{
8  "playerId": "pl_abc123",
9  "accessToken": "eyJhbGciOiJSUzI1NiIs...",
10  "refreshToken": "rt_xyz789...",
11  "expiresIn": 3600
12}
13

14# Use the access token for subsequent requests
15curl https://api.ondara.io/v1/players/pl_abc123/data \
16  -H "Authorization: Bearer eyJhbGciOiJSUzI1NiIs..."

Endpoints

Authentication

POST/auth/anonymousCreate anonymous session
POST/auth/email/registerRegister with email
POST/auth/email/loginLogin with email
POST/auth/googleLogin with Google token
POST/auth/refreshRefresh access token
POST/auth/logoutInvalidate session

Player Data

GET/players/{id}/dataGet all player data
GET/players/{id}/data/{key}Get specific key
PUT/players/{id}/data/{key}Set data value
DELETE/players/{id}/data/{key}Delete data key
PATCH/players/{id}/dataBatch update data

Cloud Save

GET/savesList all saves
GET/saves/{key}Get save data
PUT/saves/{key}Create or update save
DELETE/saves/{key}Delete save

Leaderboards

GET/leaderboards/{id}Get leaderboard entries
POST/leaderboards/{id}/scoresSubmit score
GET/leaderboards/{id}/playerGet player entry

Economy

GET/economy/currenciesGet player currencies
POST/economy/currencies/{id}/addAdd currency
POST/economy/currencies/{id}/subtractSubtract currency
GET/economy/inventoryGet player inventory
POST/economy/purchasePurchase item

Response Format

All responses are JSON. Successful responses include the data directly. Error responses follow this format:

1{
2  "error": {
3    "code": "INVALID_TOKEN",
4    "message": "The access token has expired",
5    "details": {}
6  }
7}

Rate Limits

API requests are rate limited per project:

  • Free Plan100 requests/minute
  • Pro Plan1,000 requests/minute
  • EnterpriseCustom limits

Rate limit headers are included in all responses:X-RateLimit-Remaining

DocumentationError Codes