Source

Endpoints

Each API endpoint is located under https://www.bungie.net/Platform. Some endpoints require you to be authorised and cannot be used without additional parameters being passed to the platform. All endpoints return RESTful JSON.

Minimum Request Requirements

When making a request to the platform, you must include the following headers in addition to standard HTTP request headers (i.e. Host):

Requests should be made using HTTPS.

Minimum Private Endpoint Requirements

In addition to the minimum request requirements above, private endpoints requiring authentication must provide additional details when making requests to the platform. These include:

Headers

Cookies

Bungie.net needs to identify which account is making a request, which is of course done using cookies. You will need to provide, at a minimum, the following cookies:

  • bungleatk
  • bungled
  • bungles (no longer needed)

You should also provide the following cookies to aid in diagnostic tasks:

Minimum Response Details

Each endpoint returns a single JSON-encoded object with at least the following properties:

{
    "Response": 0,
    "ErrorCode": 1,
    "ThrottleSeconds": 0,
    "ErrorStatus": "Success",
    "Message": "Ok",
    "MessageData": {}
}