Market

API Reference: https://api.opengameprotocol.com/api-reference

Authentication

Generate HMAC Signature

POST /user/hmac-signature

Generate an HMAC signature for authenticating API requests. This endpoint is used to generate the Authorization header required for protected endpoints.

Request Body:

{
  "secretKey": "your-secret-key",
  "method": "POST",
  "path": "/games",
  "apiKey": "your-api-key"
}

Response:

{
  "data": {
    "signature": "HMAC-SHA256 apiKey=your-api-key signature=abc123... timestamp=1234567890"
  }
}

Example:

Games Endpoints

Get All Games

GET /games

Retrieve a list of all games with optional pagination, sorting, and filtering.

Query Parameters:

  • limit (optional, default: 50, max: 100) - Number of games to retrieve

  • offset (optional, default: 0) - Number of games to skip for pagination

  • sort (optional, default: 'desc') - Sort order: asc or desc

  • sortBy (optional, default: 'totalRewardsPoolValueUsd') - Field to sort by:

    • totalRewardsAllocatedUsd

    • name

    • createdAt

    • estimatedDailyRewardsUsd

    • totalRewardsPoolValueUsd

  • query (optional) - Search query to filter games by name or description

  • include_extra (optional, default: false) - Include token association information

Example Request:

Example Response:

JavaScript Example:

Register a New Game

POST /games 🔒

Register a new game on the platform. Requires HMAC authentication.

Headers:

Form Data Fields:

  • name (required) - Game name

  • description (required) - Game description

  • gameUrl (required) - URL where the game is hosted

  • platform (required) - Platform type: WEB, DESKTOP, MOBILE, or CONSOLE

  • isHTMLGame (optional) - Whether the game is an HTML5 game

  • iframable (optional) - Whether the game can be embedded in an iframe

  • image (optional) - Game thumbnail image file

  • coverImage (optional) - Game cover image file

  • base64Image (optional) - Base64 encoded game image (alternative to file upload)

  • base64CoverImage (optional) - Base64 encoded cover image (alternative to file upload)

  • twitter (optional) - Twitter/X profile URL

  • discord (optional) - Discord server URL

  • telegram (optional) - Telegram group URL

  • maxScorePerSession (optional) - Maximum points per gaming session

  • maxSessionsPerDay (optional) - Maximum number of sessions per day

  • maxCumulativePointsPerDay (optional) - Maximum total points per day

  • orgRewardsSplit (optional) - Organization rewards split configuration (see detailed explanation below)

  • jwksUrl (optional) - JSON Web Key Set URL for authentication

Image Upload (image and coverImage)

Games require at least one image (thumbnail). You can provide images using either file uploads or base64 encoded strings.

Option 1: File Upload (Recommended for larger images)

Upload image files using multipart/form-data:

Option 2: Base64 Encoded Strings (For smaller images or when file upload isn't available)

Provide images as base64 data URIs:

Image Requirements:

  • Required: At least one image must be provided (image file OR base64Image string)

  • Priority: If both image file and base64Image are provided, the file upload takes precedence

  • Formats: jpeg, jpg, png, gif, webp

  • Size Limit (Base64): Maximum 5MB per image when using base64 encoding

  • Size Limit (File Upload): Check API limits (typically larger than base64)

  • Data URI Format: Must be in format data:image/{format};base64,{data}

    • ✅ Valid: data:image/png;base64,iVBORw0KGg...

    • ✅ Valid: data:image/jpeg;base64,/9j/4AAQ...

    • ❌ Invalid: Missing data:image/ prefix

    • ❌ Invalid: Missing ;base64, separator

Example Error Responses:

Missing image:

Invalid base64 format:

Unsupported image format:

Image too large:

Organization Rewards Split (orgRewardsSplit)

The orgRewardsSplit field allows you to distribute creator rewards among multiple team members, developers, or partners. This is useful for games developed by studios, teams, or platforms with multiple contributors.

Format:

Key Concepts:

  1. Basis Points (BPS): Values are expressed in basis points where 10,000 BPS = 100%

    • 10000 BPS = 100%

    • 5000 BPS = 50%

    • 2500 BPS = 25%

    • 100 BPS = 1%

  2. Total Must Equal 10,000: The sum of all basis points must exactly equal 10,000

    • ✅ Valid: { "user1": 6000, "user2": 4000 } (6000 + 4000 = 10000)

    • ❌ Invalid: { "user1": 6000, "user2": 3000 } (6000 + 3000 = 9000, missing 1000)

    • ❌ Invalid: { "user1": 6000, "user2": 5000 } (6000 + 5000 = 11000, exceeds 10000)

  3. User Identifiers: Keys can be in the following formats. Important: All identifiers must correspond to users who have logged into OGP via Privy (or will be created automatically):

    • OGP User IDs (UUID format): "550e8400-e29b-41d4-a716-446655440000" - Direct OGP user ID

    • Privy IDs: "did:privy:abc123..." - Full Privy user ID

    • Solana Wallet Addresses: "sol:9qdvVLY3vLhmvV7uBkLJsQKcHDjxhoUWJ9uZASYEfwwC" or "solana:..." - Wallet linked to a Privy account

    • Ethereum Wallet Addresses: "eth:0x123..." or "ethereum:0x123..." - Wallet linked to a Privy account

    • Email Addresses: "email:[email protected]" - Email linked to a Privy account

  4. Important User Requirements:

    • For wallet/email identifiers: The user must have previously logged into OGP using Privy with that wallet or email, OR the system will automatically create a Privy user for them

    • For OGP User IDs: Must be an existing user in the OGP system

    • For Privy IDs: Must be a valid Privy user ID

    • All team members will receive their split of creator rewards automatically when the game generates revenue

  5. Ownership Verification:

    • If you don't own the game domain (verified via API key meta tag), the orgRewardsSplit will be overridden to 100% to you

    • To use custom splits, you must first claim ownership by adding the verification meta tag to your game

  6. Default Behavior: If not provided or empty, defaults to 100% (10000 BPS) to the game creator

Example: Equal Split Between 3 Developers

Example: Studio + Developer Split (70% / 30%)

Example: Publisher Platform + 5 Game Developers

Common Use Cases:

  • Game Studios: Split rewards between studio owner and developers

  • Publishing Platforms: Take a platform fee and distribute remainder to game creators

  • Collaborative Projects: Fairly distribute rewards among team members

  • Outsourced Development: Pay developers and contractors from game rewards

  • Multi-Team Games: Split between art, programming, and design teams

Error Responses:

Invalid split (doesn't sum to 10000):

Split exceeds 10000:

Invalid user identifier:

Example Response:

Full JavaScript Example:

See register-game-example.md for a complete implementation.

Example with orgRewardsSplit:

Update an Existing Game

POST /games/update/{gameId} 🔒

Update an existing game's metadata and images. Requires HMAC authentication.

Path Parameters:

  • gameId (required) - UUID of the game to update

Headers & Form Data: Same as Register Game endpoint.

Example:

Get Game by ID

GET /games/id/{id}

Retrieve detailed information about a specific game.

Path Parameters:

  • id (required) - UUID of the game

Query Parameters:

  • include_tokens (optional, default: false) - Include associated token information

Example Request:

Example Response:

JavaScript Example:

Get My Games

GET /games/me 🔒

Retrieve games created by the authenticated user. Requires HMAC authentication.

Headers:

Query Parameters:

  • limit (optional, default: 50) - Number of games to retrieve

  • offset (optional, default: 0) - Number of games to skip

  • sort (optional, default: 'desc') - Sort order: asc or desc

  • include_extra (optional, default: false) - Include additional game information

Example Request:

Example Response:

Toggle Game Visibility

POST /games/toggle-visibility/{id} 🔒

Toggle the visibility of a game (show/hide from public listings). Requires HMAC authentication and game ownership.

Path Parameters:

  • id (required) - UUID of the game

Headers:

Example Request:

Example Response:

Claim Game Ownership

POST /games/claim-ownership/{gameId} 🔒

Claim ownership of a game by verifying control of the game's domain. Requires HMAC authentication.

Path Parameters:

  • gameId (required) - UUID of the game to claim

Headers:

How it works:

  1. The game creator must add a verification meta tag to their game's HTML

  2. The verification tag contains the user's API key

  3. This endpoint verifies the tag exists and matches the authenticated user

Example Request:

Verification Meta Tag: Add this to your game's HTML <head> section:

Example Response:

Batch Operations

Get Games by Token IDs

POST /games/batch/token-ids

Retrieve games associated with multiple token addresses in a single request. Maximum 100 token IDs per request.

Request Body:

Example Response:

JavaScript Example:

Get Games by Game IDs

POST /games/batch/ids

Retrieve multiple games by their IDs in a single request. Maximum 100 game IDs per request.

Request Body:

Example Response:

JavaScript Example:

Error Responses

All endpoints may return the following error responses:

400 Bad Request:

401 Unauthorized:

403 Forbidden:

404 Not Found:

500 Internal Server Error:

Rate Limits

The API implements rate limiting to ensure fair usage:

  • Default Rate Limit: 60 requests per minute per IP address

  • Authenticated Endpoints: May have higher limits based on your account

If you exceed the rate limit, you'll receive a 429 Too Many Requests response:

Best Practices

  1. Cache Responses: Cache game data locally to reduce API calls

  2. Use Batch Endpoints: When fetching multiple games, use batch endpoints instead of individual requests

  3. Handle Errors Gracefully: Always implement proper error handling

PreviousGameNextRegister Game Example

Last updated