API v2

OPSkins API v2

The v2 OPSkins API is a successor to our earlier API, which was inconsistent and difficult to maintain. It uses a consistent, unified request and response system, and it supports versioning. You can find the old API's documentation here, although we highly discourage use of the old API.

Terms of Use

The OPSkins API is provided by OPSkins on an “as is” and “as available” basis. OPSkins makes no representations or warranties of any kind, express or implied, as to the operation of the OPSkinss API. OPSkins will not be liable for any damages of any kind arising from the use of, or inability to use the OPSkins API; including, but not limited to: direct, indirect, incidental, punitive, and consequential damages, whether in contract, tort, or otherwise. Your API key may be revoked at any time for any reason at the discretion of the OPSkins staff. You are responsible for the security of the API key that you are provided; you may not share it with anyone. If you feel your API key has been compromised, revoke and change it immediately. All other OPSkins Terms still apply.

SDKs

Requests

Much like Steam's WebAPI, requests to our API use the format https://api.opskins.com/IInterfaceName/MethodName/v1/. Most requests should use the GET method, but some (specially marked) methods require POSTs.

Most requests require authentication, and those that don't are marked. To authenticate, you'll need your API key from your account page. We prefer that you send your key as your username in HTTP Basic authorization, but you can also supply it as a key GET or POST parameter (depending on the request method).

For GET requests, you should pass your input in the query string (e.g. https://api.opskins.com/IExample/ExampleMethod/v1/?foo=bar&bar=11&baz=22). If a particular method requires POST requests, then ALL of your input parameters (including your key, if not supplying it using HTTP basic authorization) MUST be sent in the request body in standard urlencoded format (the same format used by HTTP when posting an HTML <form>).

If you are currently logged in on opskins.com, then your login cookies will be used to authenticate your requests. All calls to the API should use your API key, however, as cookie authentication is only meant for internal use by OPSkins. Your API key will override any login cookies.

All requests MUST be made over HTTPS. HTTP is not supported and will redirect to HTTPS.

Responses

The API's response encoding can be controlled by the format input parameter. Currently, these formats are supported:

Requests which are unauthenticated, malformed, or otherwise incorrect will result in non-200 HTTP response codes. Successful requests (wherein "successful" means that your input was well-formed, not that the requested operation succeeded) will result in 200 status codes. Non-200 responses are not guaranteed to be encoded in your desired format, and will most likely be HTML instead.

These are the top-level properties which may be defined in the response object for responses bearing a 200 HTTP response code:

Example Output

Example of a successful request to ITest/TestAuthed/v1:

{
    "status": 1,
    "time": 1498104663,
    "balance": 5124,
    "credits": 0,
    "response": {
        "uid": 12345,
        "id64": "76561197960287930"
    }
}

Example of a failed request to ISales/EditPrice/v1 due to attempt to update an item's price to the same price it's already listed at:

{
    "status": 2012,
    "time": 1498105136,
    "message": "Price has not changed."
}

Headers

The X-Queries-Remaining header contains the number of API queries that you're allowed to make with your API key today. This isn't defined if your API key has no daily query limit. This number resets daily at midnight EDT.

Some API methods may be cached for a period of time. For methods which are cached, X-Cache-Status may be either fresh or cached, depending on whether the data is fresh.

Interfaces

API interfaces which are currently available are listed here.

This article has been viewed 109,611 times.