API Integration for Blizzard Services

Hey!

Looking for advice on integrating Blizzard APIs:

How to handle authentication securely?
Tips on dealing with rate limiting?

Thanks for your help!

I’m doing the same (integrating with Blizzard APIs)

How to handle authentication securely?
Tips on dealing with rate limiting?

I do the following:

  1. Us an OAuth2 library you researched and is trust worthy. The ones that are written out there for Go programming language have not been endorsed by Blizzard, so I’m writhing my own wrapper around the Google OAuth2 library. Its not a lot of work to justify using a 3rd party that is not well known or at least endorsed/vetted.
  2. Only store your session ID in the cookies and not anything else. I’m using a MongoDB Atlas (free version for now) to store other data between page loads.
  3. To prevent yourself from being rate limited then reduce making API calls for data that you can cache, like assets.
  4. Also for reduce chances of rate limiting you can set a TTL on data obtained before you ping the API server for fresh data. Like every 60-300 seconds instead of every time you load the page.
  5. If the API is Graph rather than REST technology; then figure out how to make request so you can get data that normally require 2 or more calls with REST.