#Rocket League API
All requests seem to be to the domain https://psyonix-rl.appspot.com. There are several endpoints on this domain.
Endpoint | Purpose |
---|---|
/callproc105/ | Leaderboard, player statistics |
/Population/GetPopulation/ | Player counts/regions |
/login105/ | Authentication, obtaining session ids |
/Population/UpdatePlayerCurrentGame/ | Tell the population tracker where the player currently is playing? |
Some of these endpoints, like /callproc105/ can perform multiple function depending on the parameters passed.
Most of the endpoints seem to be called with the same headers set. Some of these may not be required.
Name | Value | Note |
---|---|---|
Host | psyonix-rl.appspot.com | |
User-Agent | UE3-TA,UE3Ver(10897) | |
Cache-Control | no-cache | |
Content-Type | application/x-www-form-urlencoded | |
DBVersion | 00.03.0011-00.01.0011 | |
DB | BattleCars_Prod | |
SessionID | your current session id | Obtained from the /login105/ endpoint. This is obviously unique for each session. Seems to expire if unused for a while. |
CallProcKey | your call proc key | I am unsure what this does and if it's sensitive or not. It seems to be the same for every session. |
Authentication endpoint.
This endpoint needs the header LoginSecretKey. I am unsure if this is confidential or not.
Send a POST request to this endpoint containing the parameters in the table below (url encoded). If successful, the response content will be "1", and a SessionID will be returned as a header.
Parameter | Description |
---|---|
PlayerName | Steam (or psn?) name of the player |
PlayerID | Steam (or psn? idklol) name of the player |
Platform | Steam,PSN |
BuildID | Rocket league build id? (144590275 in rocket league) |
AuthCode | Can be omitted. On PC this might be the token from SteamWorks InitGameConnection. |
Multi purpose endpoint.
Proc | Arguments | Description |
---|---|---|
GetSkillLeaderboard | leaderboardId | Gets skill for a ranked leaderboard. leaderboardId: 10: 1v1, 11: 2v2, 12: 3v3s, 13: 3v3 |
GetSkillLeaderboardValueForUserSteam | steamId, leaderboardId | |
GetSkillLeaderboardRankForUsersSteam | leaderboardId, steamId(needs exactly 100, pad with 0s) | |
GetSkillLeaderboardRankForUsersPSN | leaderboardId, psnId(needs exactly 100, pad with 0s) | |
GetLeaderboard | leaderboardId, count?(always 100) | Gets a stats leaderboard. leaderboardId: Wins,Assists,Shots,Saves,MVPs,Goals |
GetLeaderboardValueForUserSteam | steamId, leaderboardId | |
GetLeaderboardRankForUsersSteam | leaderboardId, steamId(needs exactly 100, pad with 0s) | |
GetLeaderboardRankForUsersPSN | leaderboardId, psnId(needs exactly 100, pad with empty strings) | |
GetRegionList | ???(is INTv2 for me) | |
GetSeasonalRewards | ||
GetGenericDataAll | ||
GetPlayerTitlesSteam | steamId | |
GetPlayerProductAwardsSteam | steamId |
17-12-2015: Changes to the login mechanism. The auth endpoint URL has changed. Checking if there is anything else.
The responses all have PsySig headers as well. However, there's also a PsyTime header on those which is a unix timestamp. If you get two of the exact same responses back within the same second, the PsySig is the same.
However, I'm not sure this "PsyTime" is part of the client-side hashing since it's not included as a header and the server would have no way to validate it without doing a ton of different hashes of times. Requests that I replay stay valid for a long time.