Authentication

The GGChest Seller API uses API Key authentication. All requests must include an X-API-KEY header with your personal API key.

Getting Your API Key

To obtain a personal API key:

Contact customer support at [email protected]
Provide your registered email address
The support team will generate a key and send it to your email

In the future, sellers will be able to generate and manage their API keys independently from their dashboard.

Using Your API Key

Include your API key in the X-API-KEY header for all requests:

curl -X GET https://sellerapi.ggchest.com/v1/games \
  -H "X-API-KEY: your-api-key-here"

Error Responses

If authentication fails, you will receive one of the following responses:

401 Unauthorized

{
  "message": "Unauthorized"
}

403 Forbidden

{
  "message": "Forbidden"
}

Security Best Practices

Never expose your API key in client-side code or public repositories
Store API keys securely using environment variables or secure key management systems
Rotate your API key if you suspect it has been compromised
Use HTTPS only - all API requests must be made over HTTPS

Rate Limiting

API rate limits may apply. If you exceed the rate limit, you will receive a 429 Too Many Requests response. Contact support if you need higher rate limits for your use case.

Getting Your API Key​

Using Your API Key​

Error Responses​

401 Unauthorized​

403 Forbidden​

Security Best Practices​

Rate Limiting​