Skip to main content

Base URL

EnvironmentURLStatus
Devhttps://wave-api.playwave.dev/v1Available
QAhttps://wave-api-qa.playwave.dev/v1Coming soon
Livehttps://wave-api.playwave.io/v1Coming soon

Authentication

All requests require the X-Api-Key header.
X-Api-Key
string
required
Per-game API Key. The server matches the of the key to the game configuration.
API Keys are currently issued by the PlayWave operations team. Contact your PlayWave representative to request a key for your game.
Content-Type
string
required
Must be application/json.
API Key must only be used server-side. If exposed to clients, regenerate it immediately from the console.

Response format

Success response

{
  "success": true,
  "request_id": "req_abc123",
  "data": {
    // Endpoint-specific response data
  }
}

Error response

{
  "success": false,
  "error": {
    "code": "INVALID_API_KEY",
    "message": "API Key is invalid or inactive",
    "timestamp": "2026-03-06T12:00:00.000Z"
  }
}

Endpoints

The game server calls 3 APIs.
MethodPathDescription
POST/v1/game/session/verify verification + game session creation
PATCH/v1/game/session/heartbeatGame session heartbeat (every 2 min)
DELETE/v1/game/session/endGame session termination

Common error codes

CodeHTTPDescription
BAD_REQUEST400Request body validation failed
INVALID_API_KEY401Invalid API Key
RATE_LIMITED429Request rate limit exceeded
INTERNAL_ERROR500Internal server error