Developer API & MCP

Build on GameVerse programmatically. The public REST API lets you read the game catalog and your own account data, open and reply to support tickets, and control your servers. The MCP server exposes the same capabilities to AI assistants such as Claude Desktop.

Overview

The GameVerse public API is a versioned HTTP API served under /api/v1. It covers the public game catalog and announcements, plus the authenticated key owner's account: profile, servers, tickets and subscriptions. All write actions (creating/replying to tickets, sending server power signals) always act as the key owner — you can never read or act on another user's data.

Responses are JSON. Reads return their data directly; write endpoints return the created/updated resource. Browse the machine-readable openapi.json spec, or the interactive docs at /api/v1/docs.

Getting an API key

Create a key from your API Keys page. Give it a name, choose the scopes it needs, and optionally an expiry. The full secret (gv_live_…) is shown exactly once at creation — copy it then, because it is never displayed again. Only a short, non-sensitive prefix is stored for display. You can revoke a key at any time.

A key carries only the scopes you grant it. Request the least it needs:

read:catalog Read the public game and product catalog
read:account Read your own account information
write:tickets Create and update your support tickets
write:servers Manage your game servers

Authentication & rate limits

Send your key on every request using either header:

Each key is rate limited to 120 requests per minute. Exceeding it returns 429. Catalog and announcement endpoints still require a valid key (with read:catalog).

Errors use a consistent envelope with a stable code and a human-readable message:

{
  "error": {
    "code": "insufficient_scope",
    "message": "The API key lacks the required scope."
  }
}

Common codes include unauthorized (401, missing/invalid key), insufficient_scope (403, key lacks the scope), not_found (404), bad_request (400) and rate_limited (429).

Endpoint reference

All paths are relative to /api/v1. Path parameters are shown in {braces}.

Method Path Scope Purpose
GET /catalog/games read:catalog List active games with their pricing plans.
GET /catalog/games/{slug} read:catalog Get a single game (by slug) with its pricing plans.
GET /announcements read:catalog List published, public-safe announcements (paginated).
GET /me read:account Get the authenticated key owner's basic profile.
GET /servers read:account List the key owner's game servers.
GET /tickets read:account List the key owner's support tickets.
GET /subscriptions read:account List the key owner's subscriptions (minimal, non-sensitive projection).
POST /tickets write:tickets Create a support ticket owned by the key owner.
POST /tickets/{id}/reply write:tickets Reply to one of your own support tickets.
POST /servers/{identifier}/power write:servers Send a power signal (start / stop / restart) to a server you own.

POST /servers/{identifier}/power accepts a JSON body {"signal":"start|stop|restart"}. kill is not permitted via the public API.

Examples

List the game catalog:

curl -H "Authorization: Bearer gv_live_your_key_here" \
  https://gameversehosting.net/api/v1/catalog/games

Restart a server you own:

curl -X POST \
  -H "Authorization: Bearer gv_live_your_key_here" \
  -H "Content-Type: application/json" \
  -d '{"signal":"restart"}' \
  https://gameversehosting.net/api/v1/servers/abcd1234/power

MCP server

The Model Context Protocol (MCP) lets AI assistants call external tools. GameVerse runs a remote MCP server that exposes the same public API as tools, so an assistant can browse the catalog or manage your account on your behalf.

The server speaks streamable HTTP at /mcp (https://gameversehosting.net/mcp). It is a thin bridge: it simply forwards your gv_ key to the public API, so the same authentication, scope enforcement, rate limiting and auditing apply — it adds no new trust surface. Authenticate with your own API key as a Bearer token; the key's scopes determine which tools succeed.

Connecting from Claude Desktop

Add an HTTP MCP server pointing at the deployed URL and send your key as a Bearer token:

{
  "mcpServers": {
    "gameverse": {
      "url": "https://gameversehosting.net/mcp",
      "headers": {
        "Authorization": "Bearer gv_live_your_key_here"
      }
    }
  }
}

Clients without a custom-header UI can connect via any MCP HTTP client/proxy that lets you set Authorization: Bearer gv_…. If a tool reports insufficient_scope, add the listed scope to your key on the API Keys page.

Tools and required scopes

Tool Calls Scope
list_games GET /catalog/games read:catalog
get_game GET /catalog/games/{slug} read:catalog
list_announcements GET /announcements read:catalog
get_my_profile GET /me read:account
list_my_servers GET /servers read:account
list_my_subscriptions GET /subscriptions read:account
list_my_tickets GET /tickets read:account
create_ticket POST /tickets write:tickets
reply_to_ticket POST /tickets/{id}/reply write:tickets
set_server_power POST /servers/{identifier}/power write:servers

set_server_power accepts only start, stop and restart. Account and write tools always act as the key owner; acting on a resource you don't own returns not_found.