Requesting Access
Users do not receive API keys by default. Request access from account settings.
- Pending requests appear in the admin backend.
- Admins can approve, revoke, allocate plans, and override quotas.
- Users are notified when API access is granted or removed.
Using The API
The public API is documented separately with examples and the local demo key.
- Use Authorization: Bearer YOUR_API_KEY for protected API routes.
- Public JSON and calendar feeds do not require API keys.
- Quota usage resets monthly.
- Thumbnail URLs are returned as full downloadable URLs.
Public Feeds
Machine-readable event feeds are available for integrations that only need public schedule data.
- Use /event-feed.json and /channel-feed.json for JSON integrations.
- VRChat event and channel group links are exposed as normalized vrc.group URLs when present.
- Use /calendar.ics and /channels/{channel}/calendar.ics for calendar subscriptions.
- Use /account/calendar.ics only with the private tokenized link shown in Account Settings.
- Users can reset their private calendar token without changing API keys or passwords.
Local Demo Key
The API documentation includes a local demo key for development and testing.
- The demo key is intended for localhost or private development hosts.
- It is protected by demo throttling and rotation behavior.
- Production integrations should request a normal API key from account settings.
Keeping Keys Safe
API keys should be treated like passwords because they identify the calling account or integration.
- Do not paste private keys into public event descriptions, channel pages, or client-side code.
- Revoke keys you no longer use.
- Use labels so you can identify which integration owns each key.