Developer API Policy
Game Policy
RSO Integration
Getting Help and Staying Up-to-date
Terms  ·   Privacy
© 2021 Riot Games, Inc. All rights reserved. League of Legends and Riot Games are trademarks, service marks, and registered trademarks of Riot Games, Inc.
2XKO

Developer API Policy

Before you begin, read through the General and Game Policies, Terms of Use and Legal Notices. Developers must adhere to policy changes as they arise.

Registration

If your product serves players, you must register it with us regardless of whether or not your product uses official documented APIs. You must make sure its description and metadata are kept up to date with the current version of your product.

Monetization

To monetize your product, you must abide by the following:

  • Your product cannot feature betting or gambling functionality.
  • Your product must be registered on the Developer Portal and your product status is either Approved or Acknowledged.
  • Your product cannot monetize on features that compromise Game Integrity (see the Game Integrity section below)
  • They cannot add a boosting service disguised as coaching/training for example. Or charge for a matchmaking service like FaceIT.
  • You must have a free tier of access for players, which may include advertising.
  • Your content must be transformative if you are charging players for it.
  • What is transformative?
    • Was value added to the original by creating new information, new aesthetics, new insights, and understandings? If so, then it was transformative.
  • Acceptable ways to charge players are:
    • Subscriptions, donations, or crowdfunding.
    • Entry fees for tournaments.
    • Currencies that cannot be exchanged back into fiat.
  • Your monetization cannot gouge players or be unfair, as decided by Riot.

If you are unsure if your monetization platform is acceptable, contact us through the Developer Support Platform.

Security

You must adhere to the following security policies:

  • Do not share your Riot Games account information with anyone.
  • Do not use a Production API key to run multiple projects. You may only have one product per key.
  • Use SSL/HTTPS when accessing the APIs so your API key is kept safe.
  • Your API key may not be included in your code, especially if you plan on distributing a binary.
  • This key should only be shared with your teammates. If you need to share an API key for your product with teammates, make sure your product is owned by a group in the Developer portal. Add additional accounts to that account as needed.

Game Integrity

  • Products cannot alter the goal of the game.
  • Products cannot create an unfair advantage for players, like a cheating program or giving some players an advantage that others would not otherwise have.
  • Products should increase, and not decrease the diversity of game decisions (builds, compositions, characters).
  • Products should not remove game decisions, but may highlight decisions that are important and give multiple choices to help players make good decisions.
  • Products cannot create alternatives for official skill ranking systems such as the ranked ladder. Prohibited alternatives include MMR or ELO calculators.
  • Products cannot identify or analyze players who are deliberately hidden by the game.

Tournament Policies

We understand that the API can be used to make tournaments smoother and more exciting. Please ensure that all products will keep tournament organizers compliant with our 2XKO Community Tournament Guidelines.

Game Policy

Use Cases

Riot analyzes two main factors when evaluating applications:

  • Is the use case good and approved?
  • Does the developer show they will deliver on that use case?

To demonstrate that your app meets the use case, you should have one or more of the following:

  • Be an established brand that wants to add Riot Games to its portfolio.
  • New app that is fully functional and testable by Riot.
  • Prototype that is mostly testable by Riot.
  • Mockups that clearly express your product intent and the user flow.

Riot needs to see the user flow to understand what your intended player experience is, such as account creation process, login pipeline, or queuing up for match pipeline.

You must also send a link to a working site, mockup, prototype, or rendering where it is easy to understand the user flows of the tool.

Examples of Approved Use Cases

Require Player Opt-in

Approved use cases usually contain one or all of the following:

  • Showing player statistics and visualizations.
  • Running tournaments.
  • Training tools that allow players to view their own match histories and aggregate stats.
  • LFG tools.
  • Game overlays that provide static data that is available prior to the game.


Examples of Unapproved Use Cases

The following use cases will not be approved:

  • Aggregating champion and fuse win rate data across a large number of matches and player skill levels.
  • Aggregating match statistics for ranked games
  • Scouting
  • Products that bypass a skill test for the player.
  • Skill tests can include the tracking of diverse information over a short period of time.
  • Apps that provide dynamic, real-time information.
  • Apps that dictate player decisions.

RSO Integration

RSO or Riot Sign On, allows players to safely link their Riot Account to other applications. This access is only available to developers with Production Level API Keys.

Getting a Production Key

Before you can get started with RSO, you will need a production key. If you do not have one, please request one at developer.riotgames.com after reading through our policies. If approved, we will contact you in the developer portal app messaging to kick off the RSO integration process.

Implementing RSO

All 2KXO apps must request that users opt-in to sharing their personal data. To do this, your application will need to verify players using an OAuth flow. This is done through Riot Sign On (RSO) using an RSO Client.

Players should be directed to login at this link:

https://auth.riotgames.com/authorize?client_id=&redirect_uri=&response_type=code&scope=openid+offline_access.

After logging in, players are redirected back to the redirect_uri you specified.

Your RSO client has access to endpoints that will allow you to identify who logged in. For VALORANT, you will use /riot/account/v1/accounts/me:

curl --location --request GET 'https://americas.api.riotgames.com/riot/account/v1/accounts/me' --header 'Authorization: Bearer {accessToken}'
curl --location --request GET 'https://europe.api.riotgames.com/riot/account/v1/accounts/me' --header 'Authorization: Bearer {accessToken}' 
curl --location --request GET 'https://asia.api.riotgames.com/riot/account/v1/accounts/me' --header 'Authorization: Bearer {accessToken}'

Assets

Public Content Catalog

2XKO champion static data can be found at the below link which includes multimedia assets as well as champion IDs which will be necessary to interpret responses from the 2XKO match history API.

https://map.rgpub.io/public/2xko/latest/champions.json

Getting Help and Staying Up-to-date

If you run into any difficulties or are having technical issues, please join Developer Discord for support. Follow our X for the latest updates.

Terms  ·   Privacy
© 2021 Riot Games, Inc. All rights reserved. League of Legends and Riot Games are trademarks, service marks, and registered trademarks of Riot Games, Inc.