Upcoming Changes to Battle.net’s API Gateway

Hello Blizzard Community Developers!

Blizzard hosts several APIs on api.blizzard.com that our community developers use to access game data and services. We would like to call your attention to two upcoming changes:

First, it will no longer be permissible to pass OAuth Access Tokens via the URL query string. Instead, these tokens must be included in the HTTP header of the request:

e.g. Authorization: Bearer YOUR_CLIENT_TOKEN

Please review your integration with APIs on api.blizzard.com. If you are currently sending OAuth Access Tokens via the query string you will need to update your integration. This must be done by September 30, 2024, from which point these APIs will reject any requests that do not send access tokens via the HTTP Header.

Further details for this change including technical details of how to send the OAuth Access Token via the HTTP Header are available at Blizzard Battle.net Developer Portal.

Second, Battle.net is moving several of its APIs to cloud infrastructure to improve performance, stability, and scalability. The IP addresses of the API gateway are subject to change, including in the future without prior notification, so using IP addresses in outbound allow-listing for interacting with Battle.net is not recommended.

If you need more assistance or have questions, please reply in this thread or reach out in the Blizzard API Community Discord Server.

2 Likes