Explore all guides

Connect your Network

Build mobile experiences, community tools, and thoughtful integrations for the people who gather in your Network.

Built for your Network

Use this API to create mobile apps, community tools, and thoughtful integrations for the people who gather in your Network. Network settings, domains, billing, and administrators stay in the Customer Portal.

Start here

Make your first request

Every request uses HTTPS, JSON, and a Sanctum bearer token for a Subscriber who belongs to your Network.

Base URL https://<your-network-domain>/api/v1
Content type application/json
cURL
BASE="https://play.yournetwork.example"

TOKEN=$(curl -s -X POST "$BASE/api/v1/login" \
  --header "Accept: application/json" \
  --header "Content-Type: application/json" \
  --data '{"email":"player@example.com","password":"secret"}' \
  | jq -r '.token')

curl -s "$BASE/api/v1/account/me" \
  --header "Accept: application/json" \
  --header "Authorization: Bearer $TOKEN"

Reach your community

Choose the right Network

Call the API on the hostname your community already uses. Astarium resolves the Network from that host so every response stays inside your brand.

1

Your Network domain

Prefer your verified primary hostname — for example https://play.yournetwork.example. That is the natural home for apps and integrations built around your community.

2

Optional Network header

On a shared product origin, send X-Tenant: <network-slug> to select the Network. The header keeps its original name for compatibility; think of it as a Network selector.

Keep each API in its place

Use your verified Network domain for product API calls. api.astarium.net is reserved for Astarium platform operations and is not a Network product endpoint.

Authentication

Welcome people in safely

Subscribers authenticate with email and password. A successful login returns a Sanctum token scoped to your Network. Send it on every authenticated request.

POST /api/v1/login

Sign in

Returns a bearer token and the Subscriber account for the resolved Network.

POST /api/v1/register

Create an account

Welcomes a new Subscriber into your Network when registration is open.

POST /api/v1/token

Issue a service token

Same credentials as login, intended for machines and long-running integrations.

POST /api/v1/logout

Sign out

Revokes the current bearer token so the journey can end cleanly.

Authenticated request
Authorization: Bearer <token>
Accept: application/json

Access gates

  • Most routes require a valid bearer token.
  • Game sessions and several social surfaces also require a verified email.
  • Play and social journeys expect completed onboarding — check hasCompletedOnboarding on /account/me.

Explore the API

Shapes for meaningful moments

These families cover the experiences people create together in your Network. Paths below are relative to /api/v1.

POST /api/v1/login
GET /api/v1/account/me
GET /api/v1/app/config

Account

Sign Subscribers in, read preferences, manage devices, and stay present with heartbeats and notifications.

GET /api/v1/challenges
GET /api/v1/sessions
POST /api/v1/sessions

Play

Browse challenges and playlists, open game sessions, invite friends, and keep every response and vote in motion.

GET /api/v1/profiles/discover
GET /api/v1/squads
POST /api/v1/chat/sessions/direct

Social

Discover profiles, grow Squads, exchange messages, and celebrate progress on leaderboards.

GET /api/v1/activity-stream/for-you
GET /api/v1/activity-stream/following
POST /api/v1/activity-stream/{uuid}/reactions

DareStream

Follow moments as they unfold — For You, Following, session streams, reactions, and comments.

GET /api/v1/faq
GET /api/v1/knowledge
GET /api/v1/knowledge/{topic}/{article}

Knowledge

Surface your Network FAQ and guides so people can find their way without leaving the experience.

POST /broadcasting/auth

Realtime

Keep sessions, chat, and notifications moving live with the same bearer token.

Success shape
{
  "success": true,
  "message": "Successfully logged in",
  "token": "<sanctum-plain-text-token>",
  "user": {
    "uuid": "9d5f6f8a-19e0-4db4-bc47-f2cdbf20ce61",
    "email": "player@example.com",
    "hasCompletedOnboarding": true
  }
}

Live experiences

Stay with the moment

Authenticate private channels with the same bearer token at POST /broadcasting/auth, then listen for session turns, chat messages, notifications, and DareStream updates as they happen.

  • private-user.{userUuid} — personal notifications and presence
  • private-game.session.{uuid} — live session state
  • private-chat.session.{uuid} — conversation updates
  • private-activity-stream.{profileUuid} — DareStream moments as they appear

Conventions

Know what needs attention

401The token is missing or invalid.
403Email verification or onboarding still needs finishing.
404The resource was not found in this Network.
422A field needs changing before the request can continue.
  • Prefer public UUID identifiers where models expose them.
  • Dates use ISO 8601.
  • List endpoints typically return Laravel pagination.
  • Validation errors include a message and an errors object keyed by field.

What stays in the Customer Portal

Branding, custom domains, administrators, billing, storage, and authentication providers are configured in your Network settings — not through this product API.