League OS

API Reference

Integrate standings, schedules, rosters, teams, and tournaments into your own apps and sites. All endpoints require an API key issued from your league admin panel.

Authentication

Include your API key in the X-API-Keyrequest header. API keys are managed in your league admin panel under Settings > API Docs.

curl -H "X-API-Key: pgc_your_key_here" \
  "https://your-domain.com/api/v1/standings?leagueSlug=your-league"

Endpoints

GET/api/v1/standings

League standings grouped by division with full stat columns.

Parameters

leagueSlugrequiredYour league slug
seasonIdoptionalSeason UUID (defaults to current)
curl -H "X-API-Key: pgc_your_key_here" \
  "https://your-domain.com/api/v1/standings?leagueSlug=your-league"
GET/api/v1/schedule

Game schedule with teams, venues, scores, and status.

Parameters

leagueSlugrequiredYour league slug
seasonIdoptionalSeason UUID (defaults to current)
divisionIdoptionalFilter by division UUID
curl -H "X-API-Key: pgc_your_key_here" \
  "https://your-domain.com/api/v1/schedule?leagueSlug=your-league"
GET/api/v1/roster

Team roster with eligible, registered players.

Parameters

leagueSlugrequiredYour league slug
teamIdrequiredTeam UUID
curl -H "X-API-Key: pgc_your_key_here" \
  "https://your-domain.com/api/v1/roster?leagueSlug=your-league"
GET/api/v1/teams

All active teams with division, tier, logo, colors, and player count.

Parameters

leagueSlugrequiredYour league slug
seasonIdoptionalSeason UUID (defaults to current)
curl -H "X-API-Key: pgc_your_key_here" \
  "https://your-domain.com/api/v1/teams?leagueSlug=your-league"
GET/api/v1/tournaments

Tournament brackets, teams, and game results.

Parameters

leagueSlugrequiredYour league slug
curl -H "X-API-Key: pgc_your_key_here" \
  "https://your-domain.com/api/v1/tournaments?leagueSlug=your-league"

Webhooks

Subscribe to real-time events via webhooks. When an event occurs, League OS sends an HTTPS POST to your registered URL with a signed JSON payload. Requires API key authentication.

Event Types

game.createdNew game scheduled
game.updatedScore update or status change
game.completedFinal score recorded
roster.updatedPlayer added or removed from roster
standings.updatedStandings recalculated
registration.submittedNew registration submitted
registration.approvedRegistration approved
team.updatedTeam info changed
schedule.publishedSchedule made public

Management Endpoints

GET/api/v1/webhooksList your webhook subscriptions
POST/api/v1/webhooksCreate a webhook subscription
GET/api/v1/webhooks/:idSubscription details and recent deliveries
PATCH/api/v1/webhooks/:idUpdate subscription (URL, events, active state)
DELETE/api/v1/webhooks/:idRemove a subscription
POST/api/v1/webhooks/:id/testSend a test event to verify your endpoint

Create a Webhook

curl -X POST "https://your-domain.com/api/v1/webhooks" \
  -H "X-API-Key: pgc_your_key_here" \
  -H "Content-Type: application/json" \
  -d '{"url": "https://your-site.com/webhook", "events": ["game.completed", "standings.updated"]}'

Payload Format

{
  "event": "game.completed",
  "timestamp": "2026-03-28T12:00:00.000Z",
  "league_id": "uuid",
  "data": {
    "game_id": "uuid",
    "home_score": 4,
    "away_score": 2,
    "overtime": false
  }
}

Signature Verification

Every delivery includes an X-LeagueOS-Signature header containing an HMAC-SHA256 hex digest of the request body, signed with the secret returned at subscription creation. Verify this signature to confirm the payload is authentic.

const crypto = require('crypto');
const signature = crypto
  .createHmac('sha256', webhookSecret)
  .update(requestBody)
  .digest('hex');
const isValid = signature === request.headers['x-leagueos-signature'];

Delivery Headers

X-LeagueOS-EventThe event type (e.g., game.completed)
X-LeagueOS-SignatureHMAC-SHA256 hex digest for verification
X-LeagueOS-DeliveryUnique delivery UUID for deduplication
Content-Typeapplication/json

Subscriptions are automatically deactivated after 10 consecutive delivery failures. Use the PATCH endpoint to reactivate.

Rate Limits

All endpoints are rate-limited per API key. Exceeded limits return HTTP 429. Contact your league administrator to request a higher limit.

League OS API v1. API keys are issued per league from the admin portal.