Documentation Index
Fetch the complete documentation index at: https://apidocs.erlc.gg/llms.txt
Use this file to discover all available pages before exploring further.
Event webhooks
To receive event webhooks from the game:- Open your private server settings.
- Search for Event Webhook.
- Paste an HTTPS URL that can receive JSON
POSTrequests.
Requirements
Your endpoint must accept
POSTrequests with a JSON body- These headers on every signed request:
X-Signature-Ed25519(hex-encoded Ed25519 signature)X-Signature-Timestamp(Unix timestamp string)
Your endpoint must:
- Read the raw request body bytes exactly as received (do not re-serialize JSON).
- Read
X-Signature-Timestamp. - Read
X-Signature-Ed25519. - Verify the signature over:
( message = timestamp + raw_body )
Where
timestampis the header value as a string, concatenated directly with the raw body bytes. - Return:
- 2xx only if the signature is valid
- 4xx if headers are missing, malformed, or signature verification fails
Public key
Use this Ed25519 Public key (base64, SubjectPublicKeyInfo / SPKI): CopyImplementation Details
Inputs
timestamp: the exact string fromX-Signature-TimestampsigHex: the exact string fromX-Signature-Ed25519(hex)rawBody: raw request bytes
Steps
- Decode
sigHexfrom hex to bytes. - Build
messageas:- bytes of
timestampin UTF-8 - followed immediately by
rawBody
- bytes of
- Verify Ed25519 signature using the public key above.
Common pitfalls
- Do not use a parsed JSON object when verifying. You must use the raw body.
- Do not add separators or whitespace between timestamp and body.
- Treat the signature as hex, not base64.
- Ensure your framework does not auto-consume the body before you capture it.
What events are sent?
Currently, the game will send a webhook for:- Messages starting with ;
- This allows your integration to create custom in-game commands!
- Emergency Calls