API Discussion

Oct 8 Blizzard Battle.net Developer Portal Quick Start Guide Whether you're a new developer or one migrating from our old API portal, the following steps will help you get up and running with minimal fuss. Check out the What's changed? section for important details on how the new Developer Portal handles requests and authorization. Quick Start Follow the steps below to begin making API requests. 1. Log in to the Developer Portal or create a Blizzard Account. 2. Create a client on the API Access page. 3. Get your client ID and client secret. Note: Clients may require up to 10 minutes before they can make requests after creation. 4. Make a request. In this example, an application is making a GET /tokenindex request to get the price of a WoW Token. 5. Construct a request URI. Blizzard URI paths follow a standard syntax using this format: {region}.api.blizzard.com/{API path} The URI for this request is: https://us.api.blizzard.com/data/wow/token/?namespace=dynamic-us 6. Get your access token via the OAuth client credentials flow: curl -u {client_id}:{client_secret} -d grant_type=client_credentials "https://us.battle.net/oauth/token" 7. Finally, make your GET /tokenindex request using that access token: curl -H "Authorization: Bearer {access_token}" "https://us.api.blizzard.com/data/wow/token/?namespace=dynamic-us" What's changed? We've made the following changes in creating the new developer portal. Host names have changed Requests to the old API portal used {region}.api.battle.net. The new developer portal uses {region}.api.blizzard.com. Blizzard APIs now use Access tokens We no longer use API keys; instead, requests use access tokens acquired via either the OAuth client credentials flow or authorization code flow. Expiration time Access tokens expire after 24 hours. What kind of access token do I need? The client credentials flow is used for almost all Blizzard API requests. The authorization code flow currently provides access tokens for the following requests: GET /oauth/userinfo GET /wow/user/charactersWhere do I submit an access token? Access tokens submitted as a query parameter follow this format: https://<request URI>/?access_token={token} Access tokens submitted in cURL requests follow this format: curl --header "Authorization: Bearer <access_token>" <REST API URL> Crambone0 Oct 8
Oct 5 Blizzard Battle.net Developer Portal FAQ Why is Blizzard switching to a new developer portal? From a practical standpoint, launching the Blizzard Battle.net Developer Portal brings efficiency to our developer platform, such as converting to Blizzard single-sign on, managing API clients better, and using our existing account security. Our strategy is to build on our developer platform. Our new portal is a native platform that’s setting the foundation for working with you to introduce new ways to create amazing content for our players. Why is Blizzard requiring that my application use OAuth (and not just API key)? OAuth is the industry standard for sensitive data and among the best solutions currently available for external applications. The decision to make OAuth our primary authentication method with our new system was made after much consideration. That said, we are always open to discussion and even changing course for the right reasons. Please share your feedback on this forum. When is the transition to the Blizzard Developer Portal taking place? We’re already asking developers to transition over to the Blizzard Battle.net Developer Portal. The old portal will no longer be available after January 6, 2019. What happens if I don’t move my account over to the Blizzard Developer Portal? If you use Blizzard APIs and don’t transition over to our new developer portal by January 6, 2019, you will no longer be able to authenticate and receive game data from any Blizzard games. Will this affect guild sites and other sites that allow users to log in using their Blizzard Battle.net account? Whether this affects guild and community sites depends on the way the site administrators implemented the ability for users to log in using Blizzard Battle.net credentials. We encourage you to please contact the owner or administrator of the site you’re using and direct them to this post. Is this a platform to develop games for Battle.net; what exactly is the Blizzard Developer Portal? We do not currently support independent game development for Blizzard Battle.net. The Blizzard Battle.net Developer Portal is a single place for our community of app developers to gain access to Blizzard player data and learn about APIs for fan sites or tools for World of Warcraft®, StarCraft II®, and Diablo III®. What is GDPR? The General Protection Data Regulation (GDPR) went into effect on May 25, 2018. If you are not familiar with GDPR and its impact, we recommend contacting your legal department, consult with your Data Protection Officer, or reference the following sites for more information: https://eugdpr.org/ http://www.privacy-regulation.eu/en/index.htm What if my question isn’t answered here? Please go to our Blizzard Battle.net Developer API discussion forum https://us.battle.net/forums/en/bnet/15051532/ for more information.Alerikon0 Oct 5
Oct 1 Announcing our new Developer Portal! Greetings Developers! The Blizzard Battle.net Developer Portal is a native Blizzard API service. On our portal, you can find updated documentation and register for access using a Blizzard Account. We see the portal as the next chapter in our support of community developers, starting a journey where we discover and introduce new ways to create amazing content for our players. With the launch of our portal, you'll see both familiar and new members of our team engaging on the forum. Feel free to say hi and introduce yourself! We're here to help and answer any questions you may have. Cheers!Alerikon1 Oct 1
Feb 27 [Showcase] Post your app! No result about to find a "showcase post" investigation on this forum, so I decided to create this thread. (Maybe i missed the post, hope no). First at all, this forum is dedicated to help users of the Battle.net API to perform and fix their projects for Blizzard games communities. I'm really interested to see what you guys created with the Battle.net API (Guilds feeds, Roster management, etc). Template to use: Name: App name URL: App URL or Download link Platform: Web/Mobile/etc Code: Language used (Java, PHP, etc) Functions: The main purpose of your app UPDATE: My project is no more, so I have nothing to share with you guys: <Gym99 Feb 27
6h OAuth 2 Community Implementation Examples Members of the developer community have requested examples for OAuth implementations in different languages. We've created a few examples which can be found here, but in recognition of the talented developers in our community, we wanted to invite you to share your own! Feel free to contribute your own examples of OAuth Client Credentials flow in this thread!Veltarii1 6h
Feb 1 Blizzard Battle.net Developer Portal Updates Greetings Developers! We hope you're enjoying the Blizzard Battle.net Developer Portal. To better serve the needs of our community, we're working to continuously improve the portal. So what's changed? • The portal now supports all WoW APIs. • Try It feature is now available. • SC2 APIs are coming soon, oops, pardon our slip! We'll continue to post updates as information comes in, so check back!Alerikon6 Feb 1
Dec 7 Blizzard API Keys and Google Spreadsheet Functionality Greetings Developers! Friendly Reminder The Mashery portal will be disabled on January 6th, 2019. At that time, clients will only be able to access our APIs through the Developer Portal. To better serve the needs of our community, please remember that the use of our API keys to create auto-updating spreadsheets will not function through the Developer Portal without changes to support OAuth. In the future, we may be exploring other options. For additional information, please refer to this post!Veltarii0 Dec 7
Nov 27 Simple Mashery Migration Guide I found Blizzard's documentation difficult to understand regarding what's changing in this migration away from Mashery. I put together this document as a reference for current API users in case they needed to see it another way, as I did. https://gist.github.com/erorus/6c08227921ff99d93295fa9f91c7fd70erorus3 Nov 27
Nov 19 Community Created Libraries & Resources (updated 2017/03/13) A number of our the developers in our community have put together resources, libraries, and other tools that you may find helpful when developing against the Battle.net APIs. API Forums erorus's RSS blue trackers for the API Discussion and Bug Report forums (post) API Tools By Language PHP Ulminia's OAuth library (post, GitHub) DaPimpShied's Sample API Calls (post) jyggen's Battle.net API lib for PHP 5.4+ (post, GitHub) Acoon's WoW Battle.net Armory API (SourceForge) KwarK's Battle.net API library (GitHub) msuBREAKER's Composer package for the Diablo III API (post, GitHub) AJH's PHPBB extension (post, GitHub) Logans' Blizzard API PHP client (post, GitHub, Packagist) Fireblade's PHP API Reader (post, GitHub) Xklusive's Battle.net API package for Laravel 5 (post, Packagist GitHub) Python Shadow's Django OAuth2 lib (post, GitHub) lockwooddev's Python World of Warcraft Community API Wrapper (Bitbucket) Dorwido's World of Warcraft API module (GitHub) Lazerhawk05's Python wrapper for the SC2 API (post, GitHub) Scala Borak's API Client lib (post, GitHub) HntD's D3 Leaderboard (maybe all-Battle.net) API library (post, GitHub) Java Raffy's WarKit lib - for all your WoW data needs (post 1, post 2, GitHub) Dementhius' OAuth 2.0 library for Android (post, GitHub) Arjun's WoW Community API library (post, GitHub) Puntr's Java wrapper for WoW APIs, wow4j (GitHub) JavaScript Billi's guide for using passport-bnet with multiple regions (post) Gewd's AngualrJS wrapper (post, GitHub) skt's Battle.net API wrapper (GitHub, npm, post) uskimptoc's World of Warcraft API wrapper (GitHub) Crowz's auth package for Meteor JS (GitHub, Atmosphere) C# / .Net KetaSwe's contributed a Battle.net module to OwinOAuthProviders (GitHub) Tok's Diablo III API Wrapper (GitHub) bpfz's strongly-typed C# library for Diablo 3 (GitHub) Hellparsley's strongly typed wrapper for the Diablo III API (site) TiaqoY0's (self-proclaimed) super awesome library (post, GitHub) roncli's strongly typed LibWowAPI (GitHub) NOT MAINTAINED Ruby Frey's Ruby wrapper for Battle.net APIs (GitHub, RubyGems) Milhouse's Ruby wrapper for Battle.net APIs (post, GitHub, RubyGems) Game-specific Resources Hearthstone vamp's hearthstoneapi.com provides a public API (post, site) World of Warcraft Eleadon's spreadsheets for pets, items, realms, spells, and more (post, GitHub) erorus's Random Enchant Suffix List (post, GitHub) erorus's shared info about Battle Pet BreedIDs (post) erorus's table of PvP ladder specs IDs to class and spec name (post) Ulminia's quick guide to exporting WoW icons (post) Ulminia's dump of spell/item icons and talent BGs for 6.0.3 (post) Talonos created a dump of all Battle Pets (post, PasteBin) Ulminia's JSON dictionary to convert enchant IDs to en_US strings (post, Gist) Gluttony's SQL table that maps enchant effectid, spellid, and itemid to slot and name (post, Gist) AresBale's list of item stats (post) MightyOrh's Item Dump (JSON & CSV) (post, DropBox) thedeadwalkk's Item Dump (TXT, SQLite 3) (post, BitBucket) erorus's 6.2 item bonus list dump (Gist, post) dos's SQL table maps enchantIds to descriptions (post, Gist) erorus' map of artifact traits and ranks to spell IDs (post, Gist) vamp's guide for tracking Mythic+ Dungeons (post) erorus' Uncommon Tooltips (post, Github) Game-specific Examples World of Warcraft Kamenitxan's forum signature generator (GitHub) Kamenitxan's HTML guild roster generator (GitHub) AresBale put together a PHP class to help get started with the WoW API (post) Vilepickle created a guild progress widget in PHP (post, GitHub) Throkwa's WordPress plugin for fetching character and Guild data (post, WordPress) Aurifex91 Nov 19
Oct 12 GET /account/user has migrated to GET /oauth/userinfo Greetings, Developers! In the course of migrating to the new Developer Portal, the GET /account/user endpoint has migrated to GET /oauth/userinfo. Note that, currently, all OAuth endpoints require the OAuth authorization code flow. This includes the following endpoints: • GET /oauth/userinfo: this endpoint uses {region}.battle.net as the host for requests. • GET /wow/user/characters: this endpoint uses {region}.api.blizzard.com as the host for requests.Crambone0 Oct 12
Oct 3 Unofficial Blizzard API Discord In an effort to improve the community of 3rd party developers working with the battle.net APIs and provide a platform for more real-time discussion, I've created a Discord server. My hope is that this Discord is used for sharing our experiences with the battle.net APIs, supporting each other in building awesome things using the APIs, and generally discussing related technologies. Invite link: https://discord.gg/CVxtmes This server is not official, nor is it controlled or endorsed by Blizzard. Anybody is welcome to join though!Sapu17 Oct 3
10h OAuth 2 Documentation Updates Greetings Developers! There have been numerous community requests for more clarification in our guides regarding the new OAuth flow, and we're happy to share that we've updated our OAuth Client Credentials Flow documentation with some examples. We hope the community as a whole finds these examples to be helpful, especially new developers. We encourage all members of the community to share more examples and learn and grow together! If you wish to contribute examples, please go here!Ralangee0 10h
11h Documentation for OWL api? I ran across this the other day, api.overwatchleague.com. Is this something we have documentation for? I'm able to figure out a few endpoints on my own.oneHP21 11h
15h Canno't get the generate token c# Hi, I would like play with the blizzard API but I cannot connect to the API. I'm trying to make an iOS application in c# (Xamarin.iOS), i don't know what is the problem. I use OpenID.AppAuth nuget which is a port of AppAuth. The login works, I think, because I receive a mail from blizzard "You have granted [...] access to some of your Blizzard Account information." But I'm not able to get the token. I explain what I made: In my iOS app, tap on button launch `AuthWithAutoCodeExchange` method. I set my redirect URI => http://localhost:5000/api/values/ I made a web service in C# which just redirect to my url scheme : -> return Redirect("myurlscheme://"); But the callback is not catch by the AppDelegate of my app. I do not go into the `public override bool OpenUrl(UIApplication application, NSUrl url, string sourceApplication, NSObject annotation)` method. The `public override bool FinishedLaunching(UIApplication application, NSDictionary launchOptions)` method is here. I don't know what I'm doing wrong. Thank you in advance, HawksylverHawkSylver0 15h
2d WoW call for rolecheck status I'm trying to find a way to see if all the other party members have already selected a role (or roles) and also clicked the Accept button in a Join as Group dialog when I'm the party leader. Anyone know if there's a function call to return the current party's rolecheck / applied status? Thanks!FuryusSvětlo0 2d
2d WoW mythic+ keystone profile - missing run.members data ... Response to this request returns run[n].members.length=0 for specific runs. I believe it's always the same runs which contains no data for run.members. Not sure if this a bug or expected behaviour for specific runs or mb technical feature. Just reporting :) upd. Not sure, but seems like this problem exists only on eu.api region. I checked out us.api and it seems ok.Gittax0 2d
4d WoW Battleground Stats (eu) For a simple stats overview I am collecting the battleground data of (atm) approx. 1.2mio players from german and english (eu) realms. I noticed 2 Problems: Problem 1: Seething Shore. The Data for Seething Shore is completely off and completely impossible. I have over 77k players in my Database that have more victories than matches played. Here a few examples: https://worldofwarcraft.com/en-gb/character/eu/blackrock/d%C3%AAxzx/pvp https://worldofwarcraft.com/en-gb/character/eu/burning-blade/feonni/pvp https://worldofwarcraft.com/en-gb/character/eu/laughing-skull/fightmypala/pvp Some have more than 1000% winrate in Seething Shore. I first noticed this phenomenon with Eye of the Storm, (more on that in Problem 2) so I thought, okay, this is an old BG, maybe there was a bug and since they did not want to reset the data the data is now off for some players. But Seething Shore is the brand new BFA BG.... Problem 2: Eye of the Storm Okay, so, as I said before, Eye of the Storm has the same Problem as Seething Shore. Over 50k players from my sample have more Eye of the Storm victories than matches played. (if you want examples for that, you have to do api calls for the statistics of those players. For example: Inzzy - Tarren Mill, Ariana - Executus, nerastos - Lightning's blade) When I tried to look those players up on the WoW Website, (like I did for Seething Shore) I noticed that the Eye of the Storm stats don't look off on the Website. But then I noticed something else.. Problem 2.5: Eye of the Storm Website Data As I mentioned, I noticed the Eye of the Storm Stat Problem before I noticed that there is a Problem with Seething Shore as well. So I attempted to calculate the actual Eye of the Storm stats by adding together the stats for all other BGs and subtracting those from the "Total BG" value (Which is actually now pointless, because the Seething Shore Data is also wrong..). I noticed that the Eye of the Storm Data I calculated is an _EXACT MATCH_ with the Eye of the Storm Data on the World of Warcraft Website. That should be impossible. To me that means, that someone working on the Website probably noticed that the Eye of the Storm Data is wrong and actually calculates the Data for Eye of the Storm the same way I do. Which means that the Eye of the Storm Data on the Website is not the actual data but only what remains when you subtract all other BG data from the BG Total value.... Sorry that my explanation is hard to follow. If you do the Api calls on the players I mentioned you can see this for yourself... It's an extremely frustrating issue ... Thanks for reading!Wamtwo0 4d
4d Slow US api call Hello fellow developers! I am making a website that uses the AH api. At the moment, I can completely call/loop and insert a complete realm into my database within 10 seconds (about 150.000 rows). However, when I try to do this on any US realm, the call to get the AH data takes about 1 minute (50-70 seconds). Can you guys please help me :) If I have to import all US realms with a 60 second call the server is not gonna like it. Am I missing something? /love GrumpymuppetGrumpymuppet3 4d
4d OAuth Error - Invalid callback URL 400 Hey folks, So I've been working on a node.js web app for a few days and everything has worked as intended when running my server on localhost. I'm able to login to my battlenet account using OAuth and everything. I then hosted my app to heroku and added a new redirect URI, while keeping the localhost URI as well. However, whenever I try to login to battlenet through my heroku hosted app, I get an OAuth error saying my callback URL is incorrect. It's not incorrect. I've checked it multiple times, the URL is exactly what it needs to be. The dev portal says that it can take up to 10min for changes to take affect, but at this point it's been about 16 hours and it still doesn't work. Thoughts?Ulthric1 4d
5d Can I access calendar data? Hi, I'd like to be able to progamatically get access to the guild calendar events, and wondered if this was possible or not? Would the new OAUTH allow that? I want to see who is signed up for guild raids.Whisperer86 5d
5d What is the policy on branding the login button? Hello, I noticed in the license for the product, it is said that applications should not claim to have association with blizzard (understandable). I made an OAuth library, and I was wondering if it is okay to use battlenet assets and branding? Sort of like using that little bird for "log in with twitter", using the battlenet symbol and a blue gradient for "log in with battlenet" I could understand if bnet would be against this, just thought I'd ask.Crowz11 5d
5d Plugins for Battle.net launcher? Hi. I was wondering if there is a way to create plugins for the battle.net launcher, for customization and such. I'm looking to implement a "time remaining: xx min xx sec" to the launcher as I feel like it's missing and would help me with the headache of having to calculate how long my downloads will take every single time. But I would also be very interested in customizing how the launcher looks in theme and such. I hope you guys can help me! :) Br, MymaqnMymaqn0 5d
5d D3 API-how to get all heroes? I found that “/d3/profile/{account}/”only return recently active heroes. Is there any way to get the id of all heroes in the account?Squall2 5d
5d Mythic Leaderboard Missing Profile Names Character Names are missing from certain Mythic Leaderboards currently https://us.api.blizzard.com/data/wow/connected-realm/11/mythic-leaderboard/353/period/685?namespace=dynamic-us&locale=en_US US Region all maps and realms that I have tried for periodid 685 onlyMAJ1 5d
Mar 12 API doesn't get all character titles for World of Warcraft While calling the character endpoint with fields "titles" not all titles are returned by API. Sometimes there is over 40+ titles, but some characters seems to have only 1 or 2 attached, while in-game they have several dozen of achievements. Have anyone seen this behaviour?Dlugi1 Mar 12
Mar 12 Guild Progress Hello, Is there any new API for guild progress in the new API or should we continue fetching character data and analyzing it? Thanks...Nhea3 Mar 12
Mar 12 API coder wanted (Diablo III) Looking for an API coder for a project similar to Diablofans: Diablo III class build tool. Forum integration Blizzard OAuth login Direct Message me on Twitter: @blizzplanetcomBlizzplanet0 Mar 12
Mar 11 KR Region Auction House API broken The KR region AH APIs have been broken for about 4 days now. > GET /wow/auction/data/garona?namespace=dynamic-kr&locale=en_US&access_token=USxxxxxxxxxxxxxx HTTP/1.1 > Host: kr.api.blizzard.com > User-Agent: curl/7.58.0 > Accept: */* > < HTTP/1.1 500 Internal Server Error < Date: Mon, 11 Mar 2019 13:49:27 GMT < Server: Apache-Coyote/1.1 < content-type: text/plain;charset=utf-8 < content-length: 16 < x-trace-traceid: 1584ec70-8b28-a1e0-bdd3-fa167ac307ec < x-trace-spanid: 1584ec70-8b28-a320-bdd3-fa167ac307ec < x-trace-parentspanid: 1584ec70-8b28-a2f0-bdd3-fa167ac307ec < x-frame-options: SAMEORIGIN < X-Content-Type-Options: nosniff < connection: keep-alive < Downstream Error See https://does.theapi.work/ for latest status.erorus1 Mar 11
Mar 9 Node.js/express 400 error Hello! I am trying to figure out how to build a basic node.js/express backend for oauth. I have never used express before so this is new to me. I am following the node.js/express bnet strategy https://www.npmjs.com/package/passport-bnet and I am also following this guide by Uglyer https://us.battle.net/forums/en/bnet/topic/20767577109?page=1#post-4 When I run my server (assuming I have it even set up correctly) and try to hit localhost:8000/auth/bnet I get a 400 error 'The redirect_uri parameter must be a valid URI' and a URL of https://us.battle.net/oauth/authorize?response_type=code&client_id=29a27f8c46ba464fb3826384e7ed6d7c Here is my server.js file require('dotenv').config(); process.env.NODE_ENV= "development"; const express = require('express'); const passport = require('passport'); const constants = require('constants'); const BnetStrategy = require('passport-bnet').Strategy; const app = express(); const port = process.env.PORT || 8000; app.listen(port, () => { console.log('Server started!'); }); // ROUTES //instance of router const router = express.Router(); router.use((req, res, next) => { console.log(req.method, req.url); next(); }); // home page router.get('/', (req, res) => { res.send('I am the home page'); }); /*========================= // Bnet OAuth2 Navigate to // ===========================*/ // Authenticate Requests router.get('/auth/bnet', (req, res, next) => { passport.authenticate('bnet', (err, user, info) => { if (err) { return next(err) } })(req, res, next); }); //*============================ // Bnet OAuth2 Callback Route // ==============================* router.get('/auth/bnet/callback', (req, res, next) => { passport.authenticate('bnet', { failureRedirect: constants.DOMAIN + '/loginFailure' }, (err, user, info) => { if (err) { return next(err); } console.log(user); res.redirect(constants.DOMAIN + '/loginSuccess' ); })(req, res, next); }); // handle CORS const cors = require('cors'); // apply routes to app app.use('/', router, cors()); // Use the BnetStrategy within Passport. passport.use(new BnetStrategy({ grant_type: 'authorization_code', clientID: process.env.BNET_ID, clientSecret: process.env.BNET_SECRET, callbackURL: constants.CALLBACKURL, region: 'us' }, (accessToken, refreshToken, profile, done) => { // Profile returns the Bnet Id, Battletag return done(null, profile); })); Here is my .env file BNET_ID='myID' BNET_SECRET='mySecret' Here is my constants file let constants = {}; if (process.env.NODE_ENV === 'production') { constants.DOMAIN = ''; constants.CALLBACKURL = 'https://localhost:8000/auth/bnet/callback' } else { constants.DOMAIN = 'https://localhost:' + 4200; constants.CALLBACKURL = 'https://myBackendApp.localtunnel.me/auth/bnet/callback' } module.exports = constants; As I said I am new to to express. I'm sure I could move some of this stuff to separate files and clean up some areas, but at the moment I just want to make sure things are in order, as I'm aware code order matters greatly in express, and if I've set up things in a way that should be working as I intend. On my front end I have a button with the tag <a href="https://myBackendApp.localtunnel.me/auth/bnet/"> that returns a 404 but that is another issue I can solve later. I just want to figure out the node.js/express stuff. Thanks for taking the time to read this!Isadore0 Mar 9
Mar 9 SC2 EU Ladder API returning outdated data The StarCraft 2 ladder api endpoint is currently returning outdated data(4 or so days old now). The responses are 200s but they do not accurate reflect the current ladder standings for a given ladder id(I have only tested grandmaster). Here is an example of a player's win/loss count being out of date in the api vs in game. API: https://imgur.com/S7SHFvT.png shows 129-49 in game: https://imgur.com/7A9YXD0.png shows 157-56 I should also note that the NA server IS returning up to date data as expected. It is only Europe I seeing this behavior on and have confirmed it with 3-4 other app developers and they are seeing the same behavior. According to one of the devs, this behavior started on Monday(they said after maintenance?). Hopefully that is helpful. Thanks so much. I would really appreciate if this could be looked into asap since I think a lot of devs have had their apps working off out of date data for the past 4-5 days.feardragon5 Mar 9
Mar 8 Nodejs Express OAuth2 Guide OAuth2 can be kind of confusing at times, especially in the development environment. Please, allow me to try to alleviate some of your frustration setting up and testing Bnet OAuth2 in your app. This guide is mainly going to focus on how to get a development environment running. As a result, the production side will come to life as well. I used this guide by Billi to get all set up myself. https://us.battle.net/forums/en/bnet/topic/14881218054 I am only going to cover bnet-us, please refer to Billi's guide to have more than just the US region. A little disclaimer is that I don't claim for this to be the best method but it is one that worked very well for me in testing and production. I work in Windows and use the Windows Subsystem for Linux. https://docs.microsoft.com/en-us/windows/wsl/install-win10 I will be writing Linux commands because I am assuming you will also be using this tool. I will also be assuming that you have a front end client running on a different port than your backend. Let's start with what packages you need (after you already have node and express running). https://www.npmjs.com/package/passport npm install --save passport https://www.npmjs.com/package/passport-bnet npm install --save passport-bnet https://www.npmjs.com/package/dotenv npm install --save dotenv https://www.npmjs.com/package/localtunnel npm install -g localtunnel I will only be going over how to connect passport to bnet and authentication routes. For more information on hooking up passport to your app please refer to the passport docs. http://www.passportjs.org/docs/ Let's start by setting up your environment. Go ahead and create your .env file in your root directory and as early as possible in your application, require and configure dotenv. require('dotenv').config() Inside of your .env file create these variables. Remember to never push this up to your repository to protect your keys. BNET_ID='insertKeyHere' BNET_SECRET='insertSecretHere' Create a constants file (constants.js) and let's define your domains. The Callback URL is https (localtunnel allows this) because that's what Blizzard requires. let constants = {}; if (process.env.NODE_ENV === 'production') { constants.DOMAIN = ''; constants.CALLBACKURL = '/auth/bnet/callback' } else { constants.DOMAIN = 'http://localhost:' + frontEndPort; constants.CALLBACKURL = 'https://myapp.localtunnel.me/auth/bnet/callback' } module.exports = constants; Ok, your domains are setup. Let's now look at our routes. The first route is going to be what your application redirects to when a user clicks the login button. It will handle the redirect to Bnet. The second route (callback) is what Bnet is looking for after the user has entered their credentials. In this callback route you will decide where the user is redirected to after they login through Bnet. const passport = require('passport'); const constants = require('/path/to/constants.js'); /*========================= Bnet OAuth2 Navigate to ===========================*/ router.get('/auth/bnet', (req, res, next) => { passport.authenticate('bnet', (err, user, info) => { if (err) { return next(err) } })(req, res, next); }); /*============================ Bnet OAuth2 Callback Route ==============================*/ router.get('/auth/bnet/callback', (req, res, next) => { passport.authenticate('bnet', { failureRedirect: constants.DOMAIN + '/loginFailure' }, (err, user, info) => { if (err) { return next(err); } console.log(user); res.redirect(constants.DOMAIN + '/loginSuccess' ); })(req, res, next); }); Now that the routes are all setup, we need to configure passport-bnet. After you have setup your initial passport (look at passport guides) we will configure the BnetStrategy. const constants = require('/path/to/constants.js'); const passport = require('passport'); const BnetStrategy = require('passport-bnet').Strategy; passport.use(new BnetStrategy({ clientID: process.env.BNET_ID, clientSecret: process.env.BNET_SECRET, callbackURL: constants.CALLBACKURL, region: 'us' }, (accessToken, refreshToken, profile, done) => { // Profile returns the Bnet Id, Battletag return done(null, profile); })); Alright, good work. On your website you will create a button or an a tag with an href pointing to your '/auth/bnet' route. However, in your development build, this needs to point to the URL that localtunnel gives you. I will show you how to run localtunnel after you create this button. In production, it will just point to your normal URL with the /auth/bnet route. <a href="https://myapp.localtunnel.me/auth/bnet/">Login with Bnet</a> Let's startup localtunnel. Open your bash shell (using the Windows Subsystem for Linux) and run lt --port 8080 --subdomain myapp A few things to keep in mind. This port needs to be your backend port. The subdomain also must be unique throughout the world. If you all use 'myapp', only one person is actually going to get the myapp subdomain. Now open up another bash shell and startup your node server with this command. NODE_ENV=development node app.js When it's production you will use this command instead. NODE_ENV=production node app.js When you click your button, it doesn't work. Wtf, Uglyer I followed your guide to the T! Don't panic, we just need to tell Bnet what our Callback URL is. You need to login to your dev.battle.net portal and follow these steps. Click on My Account -> Applications -> Edit -> scrolldown and enter your Callback URL (the same from the constants file depending on whether you are in development or production) into that textbox and hit save. It might take a few minutes to update on Bnet's side. A few things to remember is that if you do not use a constants file on your front end you will need to change the link on your button to be your Production URL when you deploy. The other place that is not dynamic will be the Callback URL on dev.battle.net, this will also need to be manually changed as you deploy your app. I hope this made sense and actually helps a few of you! Let me know what questions you have or if I've just messed up completely :P EXTRA: Get a user's WoW characters. Let's take a look back at the passport-bnet configuration. It gives us an Access Token to be used to gain information about the user. Let's use it to get the user's WoW characters. To make http requests from the server I use the package axios. https://www.npmjs.com/package/axios npm install --save axios I'm going to rewrite the passport-bnet config code here. Notice in the options portion of the BnetStrategy that I add a 'scope' parameter. Also, if you have any information coming from the request, you can pass it into your callback function with the 'passReqToCallback' parameter. const constants = require('/path/to/constants.js'); const passport = require('passport'); const BnetStrategy = require('passport-bnet').Strategy; const axios = require('axios'); passport.use(new BnetStrategy({ clientID: process.env.BNET_ID, clientSecret: process.env.BNET_SECRET, scope: 'wow.profile', callbackURL: constants.CALLBACKURL, region: 'us', passReqToCallback: true, }, (req, accessToken, refreshToken, profile, done) => { axios({ method: 'get', url: 'https://us.api.battle.net/wow/user/characters', headers: { 'Authorization': 'Bearer ' + accessToken } }) .then(response => { // Info about the user console.log(response.data); // User's characters console.log(response.data.characters); }) .catch(err => { return done(err); }); }));Uglyer3 Mar 8
Mar 8 401 bad client credential hi blizzard, i cant sync my twitch desktop app with my battle.net account, i always got error 401 bad client credentialsdraknar5 Mar 8
Mar 5 Open Source C# project example I have been maintaining https://wowloremaster.com for about a year now, but I will not be renewing my hosting contract. I loved working on the project, but I was never able to get the kind of traffic to monetize the site. I have decided to release the code on GitHub under the MIT license in the hopes that someone else may be able to make something out of it, or at least serve as an example of production code interfacing with the Blizzard APIs in C#. In the project you can find examples of how to perform user authentication and the client credential workflow for getting character data. (There are also some fine examples of how NOT to use jQuery . . ) For now I will host a copy of the app on my main website https://croncosoftware.com/loremaster, but I will no longer be maintaining either the internal build or the public build. The GitHub repo is https://github.com/Cronco-Software/Wow-Loremaster. I hope someone finds it useful!Delzune0 Mar 5
Mar 3 Starcraft 2 Achievements Heya. How do I know which of the things listed under the sc2 achievements list are actual achievements? WARCHESTSEASON2CONSOLETERRANRW with id:91475325922456 for example doesn't seem to me like a real achievement. Also, what are the flags? Their distribution is as follows: 2: 903 4: 70 0: 635 320: 34 256: 366 49154: 22 258: 151 12: 38 260: 10 2048: 15 2304: 35 4108: 52 16386: 5 8448: 6 64: 3 So I guess it's a bitfield? But what does the individual bits mean?primalr0 Mar 3
Mar 3 API for Overwatch Hi, Blizzard and free developers! I can't find any information about API's for Overwatch statistics. I tried to find information in developer site, but it has only classic game apis (Wow, D3, SC2 etc.) I want to create a tools which will help to compare your current statics with TOP players, right now in the game interface and in the portal (playoverwatch.com) it is not easy. Dear Blizzard, could you say where I can find API's if it created, or tell any information about this feature In the future? Thank you a lot!UnrealSPh0 Mar 3
Mar 1 Warfront Contributions in API Since it is changing daily now, is it possible to get this information via the API? Are there plans to provide this information via the API?ihsw1 Mar 1
Mar 1 Log in with Battle.net on third-party sites Many Warcraft fan sites are offering contests that use the log in with Battle.net OAuth approval to enter. https://dev.battle.net/docs/read/log_in_with_bnet When you go through the process it asks for approval to give the 3rd party access to- "Your Battle.net Account ID and BattleTag". http://i.imgur.com/bfDdSrK.jpg What exactly is your Battle.net Account ID? real name? email? It is not immediately obvious to me what this is. On the Warcraft login screen and on the Battle.net account services webpage it refers to your email address as your "Account Name". Your real name is referred to as "Name". I value privacy and would like clarification on what specific information the Battle.net login authorizes for 3rd parties. For other Battle.net users- How comfortable are you with letting 3rd party websites build databases on your Battle.net account information? Should parental controls be able to restrict this type of "Login with Battle.net" to protect the privacy of children who can't necessarily make informed decisions about their privacy?Reddrake13 Mar 1
Feb 27 worldofwarcraft.com character profiles URL pattern change Greetings developers, While we do not normally announce changes to the worldofwarcraft.com website on this forum, we have recently released a change that will likely impact many community websites. With this release, we have made changes to the URL pattern for the character profiles on worldofwarcraft.com. If you are linking to the official game site (worldofwarcraft.com) from your community site or other experiences, we recommend updating any URLs appropriately. Old pattern: https://worldofwarcraft.com/:locale/character/:realm-slug/:character-name Example: https://worldofwarcraft.com/en-us/character/illidan/Snutzr New pattern: https://worldofwarcraft.com/:locale/character/:region/:realm-slug/:character-name Example: https://worldofwarcraft.com/en-us/character/us/illidan/Snutzr While you update your applications and experiences, we have included redirects for requests which do not explicitly include a region. In these cases, we will use the region based on the locale of the request. Original request: https://worldofwarcraft.com/en-us/character/illidan/Snutzr Redirected to: https://worldofwarcraft.com/en-us/character/us/illidan/Snutzr The main benefit of this update is that character profiles are no longer attached to specific locales, allowing you to link and view profile pages of characters on German realms (for example) without also having to view those characters using the German locale (de-DE). For example, an EU character can now be viewed in the ko-KR locale (https://worldofwarcraft.com/ko-kr/character/eu/ravencrest/Chas). Thanks for your time, - MaguthulMaguthul0 Feb 27
Feb 27 Concerns/Issues with Client Secret Requirement for Community APIs It appears the client_secret is required for any use of the new APIs. This results in several types of applications becoming either 1) invalid under the API terms or 2) overly complex for users and developers. There are two connected questions that many developers are already very worried about, especially with only 3 months before the existing API cutoff: Can I choose to publish my client_secret knowing the risks? Will there be a method to get an access token without a client secret? If so, will this be available before Jan 6, 2019? Off the top of my head, there are several types of applications that are facing these issues: Static website Local application Standalone native application Shared/copyable web application (Google Sheets, Glitch, etc) Basically, any application that doesn't have their own dedicated backend will be facing these issues. To note upfront, the Battle.net authorization for users of these systems does not address these issues as it requires the application to get an access_token which requires the client_secret. Requiring "normal" users to generate and enter their own developer clients is also highly undesirable. As far as I can tell, the risks to exposing your client_secret are rate limit denial of service or unauthorized use of your client. I believe many developers would explicitly choose this tradeoff for the significant simplification for themselves and their users. Many of these applications must use this approach right now and large projects like SimC have not had issues with those vectors of attack. Based on the terms and current API authentication design, many existing applications or app features will not be allowed/possible with the new API system.seriallos22 Feb 27
Feb 25 question about the new api systems Hello dear developers, i do programming as a hobby (i started it 2 years ago...) and i had a small wow app in the apple app store which i pulled off a few months ago since i didn't have any time to update it. now i have finally the time to get back to programming and i would love to update my app. Since the apikey system is gone i have 2 questions: i understand that i need to get an access token, the access token is only good for 24 hours. Does this mean i have to do a tokenrequest in the app on the customer device with my personal blizzard account client id & secret id to get the token to get access to the api system? (i am using only public api) do you have a separate blizzard developer account? thank you in advanceWizz6 Feb 25
Feb 24 Overwatch API Hello, I have a little question for the Overwatch developers. I'm aware that not much info has been released about Overwatch, but I'd really like to know if you're planning on releasing the API on launch or shorty after? The Hearthstone situation really worries me, since an API for that still hasn't been released. Thank you, sprEEEzysprEEEzy26 Feb 24
Feb 24 Missing the Overwatch API Please add Overwatch to the API list, maybe also StarCraft Remastered :) I would like to see some statistics based on the played games, could be the ones shown when you hit tab in the game. E.g. how much did you heal, blocking damage, or medals. It may only be for the last week or month, it would just be nice to have access some information. Diablo 3, StarCraft 2, World of Warcraft, has API endpoints, why not Overwatch? ThanksLogifire5 Feb 24
Feb 21 avatarUrl in Profile API Metadata is not working. "avatarUrl" in "Profile API Metadata" returns incorrect data for profile avatar. Avatars in "https://starcraft2.com/en-us/profile///profileid" is not working to. Avatar looking like black square or jast a random picture. How to fix it or get correct information about profile's avatar using profile id?Anton0 Feb 21
Feb 20 D3 - 500 Server Internal Error Hello people, Just wondering if anybody was looking into fixing the global issue which has to do with D3 profile information. From what I have experience, at least in EU there is a global issue affecting both the Community API and Blizzard's own website when displaying profile / hero information. This is saddening to see no visible reaction about this. It's been 2 days. OscarChocopipe3 Feb 20
Feb 19 C# Api Access I try to get an access token and I following this guide https://develop.battle.net/documentation/guides/getting-started: Here is my code: using (var httpClient = new HttpClient()) { using (var request = new HttpRequestMessage(new HttpMethod("POST"), "https://eu.battle.net/oauth/token")) { var base64authorization = Convert.ToBase64String(Encoding.ASCII.GetBytes("{client_id}:{client_secret}")); request.Headers.TryAddWithoutValidation("Authorization", $"Basic {base64authorization}"); request.Content = new StringContent("grant_type=client_credentials", Encoding.UTF8, "application/x-www-form-urlencoded"); var response = System.Threading.Tasks.Task.Run(()=>httpClient.SendAsync(request)).Result; test = response.RequestMessage.Headers.Authorization.Parameter; } using (var request = new HttpRequestMessage(new HttpMethod("GET"), "https://eu.api.blizzard.com/data/wow/token/?namespace=dynamic-eu")) { request.Headers.TryAddWithoutValidation("Authorization", "Bearer "+ test ); var response = System.Threading.Tasks.Task.Run(() => httpClient.SendAsync(request)).Result; } } The first part to get an Authoriyation Parameter works. But if I try the request I got an 401 Unauthorized error.Innoszorn0 Feb 19
Feb 18 De-authorize API? Is it possible to de-authorize a user API connection? Currently the user authenticates to battle.net and if that user decides to no longer participate I would like to save them the step of having to go into their connected apps and removing that authentication and just do it for them. Just sort of cleaning up after myself if they don't want to be part of what I created.Mutfico2 Feb 18
Feb 17 Understanding Character Audit API Call I apologize if this was already addressed but I was wondering if someone could help explain how to handle the Character Audit API. What are the significance of the numbers both on the left and right within the "slots", "unenchantedItems", "missingExtraSockets", etc.. objects. For example it says "2:2". What does each number mean?Grepster1 Feb 17
Feb 16 401 bad client credentials im trying to link my twitch with my blizzard account and im getting this error message.Puddingkup1 Feb 16
Feb 16 401 I'm actually not sure if this is the right place, sorry if its not in advance. Ive been trying to connect my twitch to my blizzard account using the twitch desktop app. The problem comes when i click sync and the twitch desktop app opens up battle(dot)net it gives me a OAuth Error 401 bad client credentials. Below is the URL idk if that helps lol. https://us.battle.net/oauth/authorize?response_type=code&client_id=rwxqwwfmdtpefymfjw4hssw4y6sa3rrc&redirect_uri=https://sync-v1.curseapp.net/oauth/battlenetcallback/callback&scope=wow.profile&state=8840c09a4a414f0c81699d60f0c32252Redemption1 Feb 16
Feb 15 Game Stats Integration Hello, does Overwatch dev team has any plans to provide something like Valve’s Game Stats Integration for CS:GO? https://developer.valvesoftware.com/wiki/Counter-Strike:_Global_Offensive_Game_State_Integration Accordingly to doc from mentioned link: ... P.S. i know that this forum mostly about WEB API, neither game engine related stuff. Thought it's better place then general discussion of overwatch forum. Furthermore i already tried to post in mentioned thread: https://us.forums.blizzard.com/en/overwatch/t/game-stats-integration/289595?u=%D0%B1%D0%B0%D1%82%D1%8F%D0%B4%D0%B6%D0%B5%D1%84%D0%B0-2717БатяДжефа0 Feb 15