HoneyGate Docs
Pricing Get HoneyGate

REST API

Read your server's gates, members, leaderboard, and audit log over a simple authenticated REST API.

HoneyGate exposes a read-only REST API so you can pull your server's data into your own apps, dashboards, or websites. It's available on every plan (including Free) — it's infrastructure, not an upsell.

Authentication

Create an API key in the admin panel under API Keys (/admin/public-api/). The key is shown once at creation (we only store a hash), so copy it then.

Send it as a Bearer token:

Authorization: Bearer hg2_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

Each key is scoped — you choose what it can read when you create it:

ScopeGrants
gates.readList gates and their conditions
members.readList members (with XP, join dates)
xp.readRead XP totals, rank, and the leaderboard
audit.readRead audit-log entries

A key is tied to one server, and you can have up to 10 active keys per server. Keys can be given an optional expiry.

Base URL & format

All endpoints live under:

https://honeygate.app/api/v1/public-api/<endpoint>

Every response is JSON. Success looks like:

{ "ok": true, "data": { ... }, "request_id": "..." }

Errors look like:

{ "ok": false, "error": { "message": "...", "code": "..." }, "request_id": "..." }

Common status codes: 200 OK, 401 invalid/expired key, 403 missing scope, 404 unknown endpoint, 429 rate-limited.

Rate limit

120 requests per minute per key by default (configurable per key). If you exceed it you'll get a 429; wait and retry.

Endpoints

GET /gatesscope: gates.read

Lists the server's gates, each with its role, logic mode (AND/OR), and conditions.

GET /membersscope: members.read

Lists members with discord_id, username, display name, joined_at, and xp. Supports ?limit= (default 100, max 1000) and ?offset= for paging.

GET /leaderboardscope: xp.read

Top members by XP. Supports ?limit= (default 25, max 500).

GET /rankscope: xp.read

A single member's XP and rank in this server. Requires ?discord_id=; guild_id defaults to the key's server.

GET /userscope: xp.read

A single member's XP in this server (xp, messages_counted, voice_seconds, last_awarded_at). Requires ?discord_id=. Scoped to the key's server — a key only ever reads its own server's data.

GET /auditscope: audit.read

Audit-log entries (role grants/revokes, gate passes, config changes). Supports ?limit= (default 100, max 500) and ?since=<ISO datetime> (default: last 7 days).

Example

curl https://honeygate.app/api/v1/public-api/leaderboard?limit=10 \
  -H "Authorization: Bearer hg2_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"

Want live updates instead of polling?

For push-style integration, use Outbound webhooks — HoneyGate calls your URL when things happen.