The Web API is the most commonly used resource at constelia.ai. Not only do members of the community use this for their third-party programs or Lua scripts, but fantasy.cat solutions use this as well.
Calling a method from
api.php requires 2 parameters.
key: Your raw license key.
cmd: The method.
Most methods will return JSON data with a code and message. The JSON codes are standard to HTTP response status codes. Refer to the table below for an explanation for specific error messages:
|invalid api key||The key used for your
|authorization denied by server||You're banned from the API|
|this key does not have access to this method||Secret key is method invoking is invalid.|
|... not an active Session||See
|... enable 2-step on your forum account||See
|... hash not matching||See
|parameter is invalid or missing||You didn't provide the required arguments for the method. Refer to the documentation of the method you're trying to use.|
|invalid API command||The command you requested in
The JSON data that is returned can appear squished or hard to read. If you pass
&beautify as a parameter, it will beautify the JSON data automatically. Try adding it to the example shown earlier on this page:
If you open that in your browser, you will see how much easier the output is to read due to
beautify being added.
The API will not work if the one of the following conditions are present:
- You are not a member.
- You do not have two-step authorization enabled.
- You are banned from fantasy.cat.
- You do not have a valid hash.
- You have not shown forum activity in 72 hours.
All API attempts are logged for administrator viewing purpose. However your
key parameter is hidden in the logs to protect any leaked keys.
To protect outsiders or members who have their license key stolen or leaked, the Web API automatically sets a salted hash on the member's account per successful Session authorization. If the hashes do not match, API methods will not authorize. Read more about this here.
To further protect members from abuse, the API will not work if your Session is expired or your license key has not seen recent activity. You need to have an active Session to use the API. To also prevent stolen license keys, if the forum account associated with the key has not seen activity in 72 hours, API requests will be blocked.
The Web API is a privilege and can be specifically revoked for any member.