Developer API & MCP
Build on GameVerse programmatically. The public REST API lets you read the game catalog and your own account data, open and reply to support tickets, and control your servers. The MCP server exposes the same capabilities to AI assistants such as Claude Desktop.
Overview
The GameVerse public API is a versioned HTTP API served under
/api/v1. It covers the public game catalog and announcements,
plus the authenticated key owner's account: profile, servers, tickets and
subscriptions. All write actions (creating/replying to tickets, sending
server power signals) always act as the key owner — you can never read or
act on another user's data.
Responses are JSON. Reads return their data directly; write endpoints return
the created/updated resource. Browse the machine-readable
openapi.json spec, or the
interactive docs at /api/v1/docs.
Getting an API key
Create a key from your API Keys page. Give it
a name, choose the scopes it needs, and optionally an expiry. The full secret
(gv_live_…) is shown exactly once at creation —
copy it then, because it is never displayed again. Only a short, non-sensitive
prefix is stored for display. You can revoke a key at any time.
A key carries only the scopes you grant it. Request the least it needs:
read:catalog Read the public game and product catalog read:account Read your own account information write:tickets Create and update your support tickets write:servers Manage your game servers Authentication & rate limits
Send your key on every request using either header:
Authorization: Bearer gv_live_…(recommended), orX-API-Key: gv_live_…
Each key is rate limited to 120 requests per minute.
Exceeding it returns 429. Catalog and announcement endpoints
still require a valid key (with read:catalog).
Errors use a consistent envelope with a stable
code and a human-readable message:
{
"error": {
"code": "insufficient_scope",
"message": "The API key lacks the required scope."
}
}
Common codes include unauthorized (401, missing/invalid key),
insufficient_scope (403, key lacks the scope),
not_found (404), bad_request (400) and
rate_limited (429).
Endpoint reference
All paths are relative to /api/v1. Path parameters are shown in
{braces}.
| Method | Path | Scope | Purpose |
|---|---|---|---|
| GET | /catalog/games | read:catalog | List active games with their pricing plans. |
| GET | /catalog/games/{slug} | read:catalog | Get a single game (by slug) with its pricing plans. |
| GET | /announcements | read:catalog | List published, public-safe announcements (paginated). |
| GET | /me | read:account | Get the authenticated key owner's basic profile. |
| GET | /servers | read:account | List the key owner's game servers. |
| GET | /tickets | read:account | List the key owner's support tickets. |
| GET | /subscriptions | read:account | List the key owner's subscriptions (minimal, non-sensitive projection). |
| POST | /tickets | write:tickets | Create a support ticket owned by the key owner. |
| POST | /tickets/{id}/reply | write:tickets | Reply to one of your own support tickets. |
| POST | /servers/{identifier}/power | write:servers | Send a power signal (start / stop / restart) to a server you own. |
POST /servers/{identifier}/power accepts a JSON body
{"signal":"start|stop|restart"}. kill is not
permitted via the public API.
Examples
List the game catalog:
curl -H "Authorization: Bearer gv_live_your_key_here" \
https://gameversehosting.net/api/v1/catalog/games Restart a server you own:
curl -X POST \
-H "Authorization: Bearer gv_live_your_key_here" \
-H "Content-Type: application/json" \
-d '{"signal":"restart"}' \
https://gameversehosting.net/api/v1/servers/abcd1234/power MCP server
The Model Context Protocol (MCP) lets AI assistants call external tools. GameVerse runs a remote MCP server that exposes the same public API as tools, so an assistant can browse the catalog or manage your account on your behalf.
The server speaks streamable HTTP at /mcp
(https://gameversehosting.net/mcp). It is a thin bridge: it
simply forwards your gv_ key to the public API, so the same
authentication, scope enforcement, rate limiting and auditing apply — it
adds no new trust surface. Authenticate with your own API
key as a Bearer token; the key's scopes determine which tools succeed.
Connecting from Claude Desktop
Add an HTTP MCP server pointing at the deployed URL and send your key as a Bearer token:
{
"mcpServers": {
"gameverse": {
"url": "https://gameversehosting.net/mcp",
"headers": {
"Authorization": "Bearer gv_live_your_key_here"
}
}
}
}
Clients without a custom-header UI can connect via any MCP HTTP client/proxy
that lets you set Authorization: Bearer gv_…. If a tool reports
insufficient_scope, add the listed scope to your key on the
API Keys page.
Tools and required scopes
| Tool | Calls | Scope |
|---|---|---|
list_games | GET /catalog/games | read:catalog |
get_game | GET /catalog/games/{slug} | read:catalog |
list_announcements | GET /announcements | read:catalog |
get_my_profile | GET /me | read:account |
list_my_servers | GET /servers | read:account |
list_my_subscriptions | GET /subscriptions | read:account |
list_my_tickets | GET /tickets | read:account |
create_ticket | POST /tickets | write:tickets |
reply_to_ticket | POST /tickets/{id}/reply | write:tickets |
set_server_power | POST /servers/{identifier}/power | write:servers |
set_server_power accepts only start,
stop and restart. Account and write tools always
act as the key owner; acting on a resource you don't own returns
not_found.