Welcome to the comprehensive developer guide for the posts endpoints in the HL Gaming Official API. This suite of operations gives your application full lifecycle control over “Post” resources: from creation and bulk retrieval, through advanced search filtering, precise record updates, to secure deletion. Whether you’re powering a community feed, integrating dynamic news content into your platform, or building moderation tools, these endpoints provide the flexibility, performance, and security you need.
Seven Key Operations:
create– Publish a brand‑new post with title, content, media attachments, tags, and visibility settings.fetch– Retrieve the complete collection of posts you own, sorted most‑recent first.search– Perform case‑insensitive keyword searches combined with numeric, date, tag, and flag filters to pinpoint exactly the posts you need.detail– Retrieve the full details of a single post by its identifier, ideal for edit screens or deep‑linking.listIds– Obtain just the list of all your post identifiers, enabling lightweight pagination or batch operations.update– Make partial or complete updates to existing posts—modify titles, content, media links, tags, flags, SEO keywords, visibility, and more.delete– Permanently remove a post, with strict ownership checks to ensure only the creator can delete.
type parameter alongside your authentication credentials.
Authentication & Security:
Every API call requires your unique useruid and secret api key. These credentials are validated on every request, and any mismatch immediately returns an HTTP 4xx error without performing the operation. Additionally, all operations enforce ownership: you can only view, modify, or delete posts that you yourself created.
Quota & Usage Tracking:
To ensure fair and reliable service, each developer account is assigned a daily request limit. After each successful call, the response includes a usage object that shows:
usedToday– how many requests you’ve made so far todaydailyLimit– your total allowed calls per dayremainingToday– how many you have left before rate‑limiting
Best Practices:
- Use Filters in
search: combining keyword, tag, date, and numeric filters reduces payload size and improves performance. - Leverage
listIdsfor Pagination: fetch identifiers first, then load full records for only the posts you need to display. - Cache Wisely: store recent results client‑side and only refresh when necessary to conserve your quota.
- Use Appropriate HTTP Verbs: in production, prefer POST/PUT/DELETE for create/update/delete to keep sensitive parameters out of URL logs.
- Handle Rate Limits Gracefully: detect HTTP 429 responses and implement exponential back‑off or alert your users when your quota is near exhaustion.
All requests to the posts endpoints share these core parameters. Where a parameter is only relevant for certain operations, its “When” column indicates which type values require or allow it.
| Parameter | When / Required | Type & Format | Description & Constraints |
|---|---|---|---|
sectionName |
Always (all types) | stringfixed value |
Must be exactly "posts".
Identifies which API module you are calling.
|
useruid |
Always (all types) | stringalphanumeric |
Your unique developer identifier. Ensures you only operate on your own posts. |
api |
Always (all types) | stringsecret key |
Your API key. Keep it confidential—never embed in public client code. |
type |
Always (all types) | string |
Operation to perform. Valid values:create, fetch, search, detail, listIds, update, delete.
|
title |
create, update Required for create |
stringMax 150 characters |
The post’s headline. Must be non‑empty when creating. On update, setting to an empty string is not allowed. |
content |
create, update Required for create |
stringHTML allowed |
Main body of the post. May include sanitized HTML tags for formatting or embedding media. Cannot exceed 50 KB in length. |
imageUrl |
create, update |
string (URL) |
HTTPS link to an image (JPEG/PNG).
Optional; omit or set to null if none.
Max size: 5 MB.
|
videoUrl |
create, update |
string (URL) |
HTTPS link to a video file (MP4/WebM).
Optional; omit or set to null if none.
Max length: 10 minutes.
|
link |
create, update |
string (URL) |
External reference URL. Optional; used for related articles or resources. |
allowLikes, allowDislikes |
create, update |
boolean |
Toggle user reactions.
Defaults to true on create if omitted.
|
hashtags |
create, update, search |
stringcomma‑separated |
List of tags for categorization (e.g. Gaming,Update).
Server splits into an array.
Max 10 tags, each ≤ 30 chars.
|
publicFeedback |
create, update, search |
boolean |
If true, shows likes/dislikes publicly.
If false, reaction counts hidden.
|
seo |
create, update |
string |
Comma‑separated SEO keywords. Max 64 chars total. |
visibility |
create, update, search |
string“public”/“private” |
Access level.
public: anyone can fetch;
private: only owner.
|
Fetch: type=fetch requires only the four core parameters above.
|
|||
q |
search |
string |
Case‑insensitive keyword. Matches anywhere in title or content. |
minLikes, maxLikes |
search |
integer |
Filters posts with like count ≥ minLikes and/or ≤ maxLikes.
|
dateFrom, dateTo |
search |
YYYY-MM-DD |
Inclusive date range filter on creation date. Example: 2025-06-01.
|
Detail: type=detail + postId returns one detailed record.ListIds: type=listIds returns an array of all your post IDs.
|
|||
postId |
detail, update, delete Required |
string |
Unique identifier of the post to target. Must reference a post you own. |
Note: Omit parameters marked “n/a” or not required for your chosen type.
Supplying extraneous fields will be ignored.
Be sure to URL‑encode any values sent via GET.
Every posts endpoint returns or accepts a JSON object with the fields described below. Use the table for a quick reference and the detailed paragraphs for guidance on how to set or interpret each field when calling our API at https://hl-gaming-official-main-api-v2-upgraded-iota.vercel.app/.
| Field | Type | Required / Read‑only | Constraints | Default |
|---|---|---|---|---|
title |
string |
Create/Update | 1–150 chars, non‑empty on create | — |
content |
string (HTML) |
Create/Update | Max 50 KB, sanitized | — |
imageUrl |
string (URL) |
Create/Update | HTTPS, max 5 MB | null |
videoUrl |
string (URL) |
Create/Update | CORS‑accessible, ≤ 10 min | null |
link |
string (URL) |
Create/Update | Valid URL | "" |
allowLikes |
boolean |
Create/Update | True/False | true |
allowDislikes |
boolean |
Create/Update | True/False | true |
hashtags |
string (comma‑sep) |
Create/Update/Search | ≤ 10 tags, each ≤ 30 chars | "" |
publicFeedback |
boolean |
Create/Update/Search | True/False | true |
seo |
string |
Create/Update | ≤ 64 chars | "" |
visibility |
string |
Create/Update/Search | public / private |
public |
createdAt |
timestamp |
Read‑only | ISO 8601 | server‑generated |
views |
number |
Read‑only | ≥ 0 | 0 |
likes |
number |
Read‑only | ≥ 0 | 0 |
dislikes |
number |
Read‑only | ≥ 0 | 0 |
title
A short, clear headline that describes the content of the post.
This is the primary title displayed in feeds, search previews, and link previews. It should be brief but descriptive enough to clearly represent what the post is about. Good titles improve visibility and click-throughs.
Constraints: Maximum 150 characters. Must be supplied when creating a post. The API will return an error if this is missing during creation.
Best Practices: - Capitalize main words for readability. - Avoid emojis or excessive punctuation. - Keep critical keywords toward the beginning.
Example: "Phonk Soundtrack Compilation – Vol. 2"
content
The full body of the post, allowing safe HTML for formatting, images, and embedded media.
This is where the main message lives. You can structure it using basic HTML (like paragraphs, lists, bold text, and embedded videos). The system sanitizes all HTML on the backend using strict XSS-safe rules to remove JavaScript, unsafe attributes, and unapproved tags.
It supports the following tags:
<p>, <ul>, <ol>, <li>, <b>, <i>, <img>, <video>, <iframe> (selectively)
For media, include only direct URLs to CDN-hosted content. Inline scripts, event handlers (like `onclick`), and untrusted iframes are stripped.
<p>Enjoy our new update:</p> <ul> <li>Dark theme support</li> <li>Cross-platform sync</li> </ul> <video controls><source src="https://cdn.site.com/demo.mp4"></video>
imageUrl & videoUrl
Optional fields to display visual content as featured media in your post.
These fields accept HTTPS URLs linking to publicly viewable media files. They're used as "hero images" or preview thumbnails. On supported clients, video can auto-preview or be embedded inline.
imageUrl: Use JPEG/PNG/WebP. Max size: 5MB. Must use HTTPS.videoUrl: Use MP4/WebM. Max duration: 10 minutes. File must be hosted with proper MIME type headers.
Example:
"https://cdn.hlgaming.com/media/post-banner.jpg""https://cdn.hlgaming.com/media/teaser.mp4"
link
Optional external reference. Appears as a 'Read More' or 'Source' link below the post.
Used to point users to a full article, source documentation, press release, or related webpage. The client may render it as a button or link. This is not validated for uptime, so ensure the URL is permanent and correct.
Example: "https://hlgamingofficial.com/blog/new-patch"
allowLikes & allowDislikes
Booleans that determine if like/dislike buttons are shown to users.
If set to false, the UI will hide the reaction buttons entirely. Default is true for both.
This is useful for official statements, patch logs, or protected notices where reactions are irrelevant or undesired.
Tip: Use together with publicFeedback=false to completely suppress engagement metrics.
Example: { allowLikes: false, allowDislikes: false }
hashtags
Tags used to group and categorize posts for filtering and searching.
Tags help users find relevant content. Sent as a comma-separated string like "Gaming,Patch,News",
but stored internally as an array of up to 10 lowercase strings.
Tags are case-insensitive. Avoid special characters or emojis. Clients may let users filter by multiple hashtags in an AND-style search.
Example: "Racing,PCUpdate,DevBlog"
publicFeedback
Controls visibility of engagement metrics (likes, dislikes) to the public.
This lets you display or hide the public reaction counts on your frontend.
Set to false if you want to avoid influencing perception or generating backlash on sensitive posts.
Example: publicFeedback=false
seo
Comma-separated SEO keywords used in meta tags and link previews.
This enhances search engine discoverability. Used in the <meta name="keywords"> tag.
Stick to 3–6 keywords, under 64 characters total. Words should relate to the content, brand, or category.
Example: "hlgaming,patch,update,gaming-news"
visibility
Access level for the post: either public or private.
public: anyone can retrieve this post if they have the right API keys and parameters.private: only the original owner (authenticated by UID) can view this post.
Default: "public"
createdAt
Read-only timestamp indicating when the post was created.
Automatically generated in UTC in ISO 8601 format. This timestamp cannot be changed. Useful for sorting posts by freshness or determining activity.
Example: "2025-06-19T22:56:42.000Z"
views, likes, dislikes
Read-only integer counters reflecting user engagement.
views: increments every time the full post is retrieved from the API.likes/dislikes: updated via client reactions, if allowed.
These counters are automatically managed server-side and cannot be edited manually.
Example: { views: 128, likes: 24, dislikes: 2 }
Create (type=create)
Purpose: Publish a brand‑new post in your account namespace. This operation records your content, media links, tags, visibility settings, and initializes all engagement counters.
Authentication:
Must include valid useruid and api parameters. If either is missing or invalid, the call rejects with HTTP 401/403 and no data is written.
Required Parameters:
title– non‑empty string (1–150 chars).content– HTML‑sanitized string (max 50 KB).
Optional Parameters (with defaults):
imageUrl(string URL, default:null)videoUrl(string URL, default:null)link(string URL, default:"")hashtags(comma‑separated string, default:"")allowLikes(boolean, default:true)allowDislikes(boolean, default:true)publicFeedback(boolean, default:true)seo(string, default:"")visibility(string:publicorprivate, default:public)
System Behaviors:
- Generates
createdAttimestamp (UTC ISO 8601) automatically. - Initializes
views,likes, anddislikesto 0. - Parses
hashtagsinto an array (up to 10 tags, each ≤ 30 chars). - Sanitizes
contentto remove unsafe HTML (scripts, inline event handlers). - Computes and stores lowercase indexes (
titleLower,contentLower) for efficient search. - Enforces maximum lengths and valid URL schemes (HTTPS) on media/link fields.
Edge Cases & Errors:
- Missing
titleorcontent→ HTTP 400 with error “Missing required fields.” title> 150 chars orcontent> 50 KB → HTTP 413 Payload Too Large.- Invalid URL formats → HTTP 400 “Invalid URL for imageUrl/ videoUrl/ link.”
- Quota exceeded → HTTP 429 with upgrade link.
Integration Tips:
- URL‑encode all parameters or use POST with JSON body to avoid URL length limits.
- Validate media file sizes client‑side before uploading to your CDN.
- Use
visibility=privatefor draft or internal posts.
Example GET Request:
GET https://hl-gaming-official-main-api-v2-upgraded-iota.vercel.app/api
?sectionName=posts
&useruid=YOUR_UID
&api=YOUR_API_KEY
&type=create
&title=Patch+3.5+Notes
&content=New+features+and+bug+fixes
&hashtags=update,patch
&allowLikes=true
&allowDislikes=true
&publicFeedback=true
&visibility=publicExample Response:
{
"source": "HL Gaming Official",
"endpoint": "posts/create",
"result": {
"message": "Post created",
"postId": "abc123XYZ"
},
"usage": {
"usedToday": 10,
"dailyLimit": 1000,
"remainingToday": 990
}
}
Fetch (type=fetch)
Purpose: Retrieve the complete list of posts you have created, sorted by most recent first.
Authentication & Authorization:
- Requires valid
useruidandapiparameters; otherwise returns HTTP 401 or 403. - Only returns posts belonging to the authenticated
useruid.
Request Parameters:
No additional fields beyond the four core parameters (sectionName=posts, useruid, api, type=fetch).
System Behavior & Response Structure:
- Performs a Firestore query for all documents under
C-Posts/{useruid}/posts. - Sorts results by
createdAtdescending (newest→oldest). - Maps each document to a JSON object containing all standard fields:
id, title, content, imageUrl, videoUrl, link, createdAt, likes, dislikes, views, allowLikes, allowDislikes, hashtags, publicFeedback, seo, visibility. - Wraps the array under the top‑level key
postsinsideresult. - Always returns HTTP 200 on success, even if the array is empty.
Edge Cases & Errors:
- No posts found → returns
{ "posts": [] }inresultwith HTTP 200. - Database connectivity issues → HTTP 500 with
{ "error": "Failed to fetch posts. Please try again later." }. - Quota exceeded → HTTP 429 with upgrade link.
Performance & Pagination Tips:
- This endpoint may return large payloads if you have many posts—consider implementing client‑side pagination or using
listIds+ batcheddetailcalls. - Cache responses locally and only refetch when you detect a new
createdAttimestamp beyond your last sync.
Example GET Request:
GET https://hl-gaming-official-main-api-v2-upgraded-iota.vercel.app/api
?sectionName=posts
&useruid=YOUR_UID
&api=YOUR_API_KEY
&type=fetchExample Response:
{
"source": "HL Gaming Official",
"endpoint": "posts/fetch",
"result": {
"posts": [
{
"id": "abc123XYZ",
"title": "Patch 3.5 Notes",
"content": "New features and bug fixes",
"imageUrl": null,
"videoUrl": null,
"link": "",
"createdAt": "2025-07-01T15:20:30Z",
"likes": 5,
"dislikes": 0,
"views": 120,
"allowLikes": true,
"allowDislikes": true,
"hashtags": ["update","patch"],
"publicFeedback": true,
"seo": "",
"visibility": "public"
},
{
"id": "def456UVW",
"title": "Server Maintenance",
"content": "Scheduled downtime at midnight.",
"imageUrl": null,
"videoUrl": null,
"link": "",
"createdAt": "2025-06-28T08:10:00Z",
"likes": 2,
"dislikes": 0,
"views": 200,
"allowLikes": true,
"allowDislikes": true,
"hashtags": ["maintenance"],
"publicFeedback": true,
"seo": "",
"visibility": "public"
}
]
},
"usage": {
"usedToday": 11,
"dailyLimit": 1000,
"remainingToday": 989
}
}
Search (type=search)
Purpose: Perform advanced, case‑insensitive searches across your posts using keywords and multiple filter criteria.
Authentication & Authorization:
- Requires valid
useruidandapi; otherwise returns HTTP 401/403. - Searches only within the posts owned by the authenticated
useruid.
Supported Query Parameters:
| Parameter | Type | When | Description |
|---|---|---|---|
q |
string |
search | Keyword search against title and content (case‑insensitive). |
minLikes, maxLikes |
integer |
search | Filter posts with likes ≥ minLikes and/or ≤ maxLikes. |
dateFrom, dateTo |
YYYY-MM-DD |
search | Inclusive creation date range for createdAt. |
hashtags |
string (comma‑sep) |
search | Only return posts containing all specified tags. |
visibility |
public/private |
search | Filter by post visibility. |
publicFeedback |
boolean |
search | Match on publicFeedback flag (true or false). |
Execution Steps & System Behavior:
- Initial Scan: Retrieves all documents for the user.
- Keyword Filtering: Matches
qwithin stored lowercase fields (titleLower,contentLower). - Numeric Filtering: Applies
minLikes/maxLikesconstraints in-memory. - Date Range: Filters posts where
createdAtfalls betweendateFromanddateTo. - Tag Matching: Ensures each post’s
hashtagsarray includes every tag in thehashtagsparameter. - Flag & Visibility: Applies
visibilityandpublicFeedbackfilters if provided. - Sorting: Final result sorted by
createdAtdescending.
Edge Cases & Errors:
- No matches → HTTP 200 with
"posts": []and result message "No posts match these criteria." - Invalid date format → HTTP 400
{ "error": "Invalid date format for dateFrom/dateTo" } - Non‑numeric
minLikes/maxLikes→ HTTP 400 with explanatory error. - Quota exceeded → HTTP 429 with upgrade instructions.
- Missing
qbut other filters present → searches by filters only.
Performance & Best Practices:
- Combine multiple filters to reduce in-memory result size quickly.
- For large datasets, prefer client‑side pagination with
listIds+ batcheddetailrequests. - Cache common search queries and results to avoid repeated full scans.
- Use sparse filters (e.g., only
kwargsyou need) to minimize CPU on server.
Example GET Request:
GET https://hl-gaming-official-main-api-v2-upgraded-iota.vercel.app/api
?sectionName=posts
&useruid=YOUR_UID
&api=YOUR_API_KEY
&type=search
&q=patch
&minLikes=3
&hashtags=update,patch
&visibility=publicExample Response:
{
"source": "HL Gaming Official",
"endpoint": "posts/search",
"result": {
"posts": [
{
"id": "abc123XYZ",
"title": "Patch 3.5 Notes",
"content": "New features and bug fixes",
"createdAt": "2025-07-01T15:20:30Z",
"likes": 5,
"dislikes": 0,
"views": 120,
"hashtags": ["update","patch"],
"visibility": "public"
}
]
},
"usage": {
"usedToday": 12,
"dailyLimit": 1000,
"remainingToday": 988
}
}
Detail (type=detail)
Purpose:
Retrieve the complete and exact data for a single post using its unique postId. This is used for viewing or editing a specific post in full detail in your client application.
Authentication & Authorization:
- Requires valid
useruidandapi. - Only allows fetching of posts belonging to the given
useruid.
Required Parameters:
sectionName=posts– must be set for routing.useruid– your unique Firebase user ID.api– your API key for authentication.type=detail– tells the server to run the single-post detail logic.postId– the exact ID of the post you want to retrieve.
System Behavior & Internal Flow:
- The server will fetch the document under path:
C-Posts/{useruid}/posts/{postId} - If the document exists and belongs to the authenticated user, its full data will be returned inside a
postobject. - If the document does not exist or the postId is incorrect, a descriptive error will be returned.
Returned Fields (in result.post):
id– the internal ID of the post (same as postId).title,content– full text content.imageUrl,videoUrl,link– optional media fields.createdAt– original creation time (ISO 8601).likes,dislikes,views– counters.allowLikes,allowDislikes,publicFeedback– boolean flags.hashtags– array of tags.seo,visibility– metadata fields.
Error Responses:
- Post not found → HTTP 404 with message:
{ "error": "Post not found or does not belong to this user." } - Missing or invalid
postId→ HTTP 400. - Unauthorized user or API key → HTTP 403.
- Database/server failure → HTTP 500.
Use Cases:
- View full post before rendering on detail page.
- Pre-fill edit form in CMS or admin interface.
- Support modal previews or full-screen views.
Example GET Request:
GET https://hl-gaming-official-main-api-v2-upgraded-iota.vercel.app/api
?sectionName=posts
&useruid=YOUR_UID
&api=YOUR_API_KEY
&type=detail
&postId=abc123XYZExample Successful Response:
{
"source": "HL Gaming Official",
"endpoint": "posts/detail",
"result": {
"post": {
"id": "abc123XYZ",
"title": "Patch 3.5 Notes",
"content": "New features and bug fixes",
"imageUrl": null,
"videoUrl": null,
"link": "",
"createdAt": "2025-07-01T15:20:30Z",
"likes": 5,
"dislikes": 0,
"views": 120,
"allowLikes": true,
"allowDislikes": true,
"hashtags": ["update","patch"],
"publicFeedback": true,
"seo": "",
"visibility": "public"
}
},
"usage": {
"usedToday": 13,
"dailyLimit": 1000,
"remainingToday": 987
}
}
List IDs (type=listIds)
Purpose: Fetch an array of all your post identifiers without retrieving full post content. Perfect for syncing, pagination, and batch operations.
Authentication Required:
Every request must include a valid useruid and api key.
Access is strictly limited to the authenticated user's own post IDs.
Behavior:
- Returns only unique IDs of the posts you’ve created.
- Does not include post titles, content, or metadata.
- Always returns a JSON array under the
postIdsfield. - If no posts exist, the array will be empty, but the response will still be successful (HTTP 200).
Common Use Cases:
- Build custom pagination on the frontend by slicing IDs.
- Perform batch operations (e.g. fetch, update, delete) using known IDs.
- Implement client-side caching based on post ID changes.
Error Handling:
- Missing or invalid API credentials will return a
403 Forbiddenerror. - Exceeding your request quota returns
429 Too Many Requests.
Example GET Request:
GET https://hl-gaming-official-main-api-v2-upgraded-iota.vercel.app/api
?sectionName=posts
&useruid=YOUR_UID
&api=YOUR_API_KEY
&type=listIdsExample Response:
{
"source": "HL Gaming Official",
"endpoint": "posts/listIds",
"result": {
"postIds": ["abc123XYZ", "def456UVW", "ghi789RST"]
},
"usage": {
"usedToday": 14,
"dailyLimit": 1000,
"remainingToday": 986
}
}
Update (type=update)
Purpose: Update one or more fields of an existing post you’ve created. Use this to revise content, change visibility, update media links, or correct typos without needing to delete and recreate a post.
Authentication Required:
You must provide a valid useruid, api key, and a valid postId that belongs to your account.
Attempts to modify posts you do not own will be rejected.
Accepted Fields:
titlecontentimageUrl,videoUrllinkhashtags,seovisibilityallowLikes,allowDislikespublicFeedback
Important Behavior:
- Any field not included in the request remains unchanged.
- Updating
titleorcontentwill automatically re-index internal lowercase versions for searching (no manual action needed). - If
postIdis missing or invalid, the API will return a400or404error.
Common Use Cases:
- Fixing spelling or formatting in a published post.
- Hiding a post by changing
visibilitytoprivate. - Updating SEO metadata or tag keywords.
Example GET Request:
GET https://hl-gaming-official-main-api-v2-upgraded-iota.vercel.app/api
?sectionName=posts
&useruid=YOUR_UID
&api=YOUR_API_KEY
&type=update
&postId=abc123XYZ
&title=Patch+3.5+Hotfix
&visibility=privateExample Response:
{
"source": "HL Gaming Official",
"endpoint": "posts/update",
"result": {
"message": "Post updated",
"postId": "abc123XYZ"
},
"usage": {
"usedToday": 15,
"dailyLimit": 1000,
"remainingToday": 985
}
}
Delete (type=delete)
Purpose: Permanently remove a post that belongs to you. Once deleted, the post becomes completely inaccessible and cannot be recovered via the API.
Authentication Required:
You must provide a valid useruid, api key, and the postId of a post you own.
Deletion attempts for posts you do not own will be blocked with appropriate error messaging.
Behavior:
- The post is fully removed from your feed and search results.
- Post ID will no longer be returned in
type=listIdsortype=fetchoperations. - There is no "trash" or soft-delete system — deletion is final.
Safeguards:
- Requires
postId— omitting it will result in a400 Bad Request. - If the ID is invalid or already deleted, the API returns a clear
404 Not Foundmessage. - No other fields are needed or accepted in this request beyond
sectionName,useruid,api,type, andpostId.
Use Cases:
- Remove outdated or incorrect announcements.
- Clean up test content or posts no longer relevant to your users.
Example GET Request:
GET https://hl-gaming-official-main-api-v2-upgraded-iota.vercel.app/api
?sectionName=posts
&useruid=YOUR_UID
&api=YOUR_API_KEY
&type=delete
&postId=abc123XYZExample Response:
{
"source": "HL Gaming Official",
"endpoint": "posts/delete",
"result": {
"message": "Post deleted",
"postId": "abc123XYZ"
},
"usage": {
"usedToday": 16,
"dailyLimit": 1000,
"remainingToday": 984
}
}
# ✅ Create a new post curl -G "https://hl-gaming-official-main-api-v2-upgraded-iota.vercel.app/api" \ --data-urlencode "sectionName=posts" \ --data-urlencode "useruid=YOUR_UID" \ --data-urlencode "api=YOUR_KEY" \ --data-urlencode "type=create" \ --data-urlencode "title=Patch 3.5 Live" \ --data-urlencode "content=We’ve launched new features in this update." \ --data-urlencode "hashtags=Update,Features" \ --data-urlencode "allowLikes=true" \ --data-urlencode "allowDislikes=true" \ --data-urlencode "visibility=public" # 🔍 Search posts with filters curl -G "https://hl-gaming-official-main-api-v2-upgraded-iota.vercel.app/api" \ --data-urlencode "sectionName=posts" \ --data-urlencode "useruid=YOUR_UID" \ --data-urlencode "api=YOUR_KEY" \ --data-urlencode "type=search" \ --data-urlencode "q=patch" \ --data-urlencode "minLikes=5" \ --data-urlencode "dateFrom=2025-06-01" \ --data-urlencode "dateTo=2025-06-30" \ --data-urlencode "hashtags=Update" # 📥 Fetch all your posts curl -G "https://hl-gaming-official-main-api-v2-upgraded-iota.vercel.app/api" \ --data-urlencode "sectionName=posts" \ --data-urlencode "useruid=YOUR_UID" \ --data-urlencode "api=YOUR_KEY" \ --data-urlencode "type=fetch" # 🔎 Get detail for one post curl -G "https://hl-gaming-official-main-api-v2-upgraded-iota.vercel.app/api" \ --data-urlencode "sectionName=posts" \ --data-urlencode "useruid=YOUR_UID" \ --data-urlencode "api=YOUR_KEY" \ --data-urlencode "type=detail" \ --data-urlencode "postId=abc123XYZ" # 📋 List only post IDs curl -G "https://hl-gaming-official-main-api-v2-upgraded-iota.vercel.app/api" \ --data-urlencode "sectionName=posts" \ --data-urlencode "useruid=YOUR_UID" \ --data-urlencode "api=YOUR_KEY" \ --data-urlencode "type=listIds" # ✏️ Update an existing post curl -G "https://hl-gaming-official-main-api-v2-upgraded-iota.vercel.app/api" \ --data-urlencode "sectionName=posts" \ --data-urlencode "useruid=YOUR_UID" \ --data-urlencode "api=YOUR_KEY" \ --data-urlencode "type=update" \ --data-urlencode "postId=abc123XYZ" \ --data-urlencode "title=Patch 3.5 Hotfix" \ --data-urlencode "visibility=private" # 🗑️ Delete a post by ID curl -G "https://hl-gaming-official-main-api-v2-upgraded-iota.vercel.app/api" \ --data-urlencode "sectionName=posts" \ --data-urlencode "useruid=YOUR_UID" \ --data-urlencode "api=YOUR_KEY" \ --data-urlencode "type=delete" \ --data-urlencode "postId=abc123XYZ"
A. ✅ Create Success
{
"source": "HL Gaming Official",
"endpoint": "posts/create",
"result": {
"message": "Post created",
"postId": "abc123XYZ"
},
"usage": {
"usedToday": 4,
"dailyLimit": 1000,
"remainingToday": 996
}
}
B. 📥 Fetch All Posts
{
"source": "HL Gaming Official",
"endpoint": "posts/fetch",
"result": {
"posts": [
{
"id": "abc123XYZ",
"title": "Patch 3.5 Notes",
"content": "New features and bug fixes",
"imageUrl": null,
"videoUrl": null,
"link": "",
"createdAt": "2025-07-01T15:20:30Z",
"likes": 5,
"dislikes": 0,
"views": 120,
"allowLikes": true,
"allowDislikes": true,
"hashtags": ["update", "patch"],
"publicFeedback": true,
"seo": "",
"visibility": "public"
},
{
"id": "def456UVW",
"title": "Server Maintenance",
"content": "Scheduled downtime at midnight.",
"createdAt": "2025-06-28T08:10:00Z",
"likes": 2,
"dislikes": 0,
"views": 200,
"allowLikes": true,
"allowDislikes": true,
"hashtags": ["maintenance"],
"publicFeedback": true,
"visibility": "public"
}
]
},
"usage": {
"usedToday": 11,
"dailyLimit": 1000,
"remainingToday": 989
}
}
C. 🔍 Search Results
{
"source": "HL Gaming Official",
"endpoint": "posts/search",
"result": {
"posts": [
{
"id": "abc123XYZ",
"title": "Patch 3.5 Notes",
"content": "New features and bug fixes",
"createdAt": "2025-07-01T15:20:30Z",
"likes": 15,
"dislikes": 1,
"views": 230,
"hashtags": ["update", "patch"]
}
]
},
"usage": {
"usedToday": 8,
"dailyLimit": 1000,
"remainingToday": 992
}
}
D. 🔍 Search – No Matches
{
"source": "HL Gaming Official",
"endpoint": "posts/search",
"result": {
"message": "No posts match these criteria.",
"posts": []
},
"usage": {
"usedToday": 9,
"dailyLimit": 1000,
"remainingToday": 991
}
}
E. 🔎 Detail View
{
"source": "HL Gaming Official",
"endpoint": "posts/detail",
"result": {
"post": {
"id": "abc123XYZ",
"title": "Patch 3.5 Notes",
"content": "New features and bug fixes.",
"imageUrl": null,
"videoUrl": null,
"link": "",
"createdAt": "2025-07-01T15:20:30Z",
"likes": 5,
"dislikes": 0,
"views": 120,
"allowLikes": true,
"allowDislikes": true,
"hashtags": ["update", "patch"],
"publicFeedback": true,
"seo": "hlgaming,patch",
"visibility": "public"
}
},
"usage": {
"usedToday": 12,
"dailyLimit": 1000,
"remainingToday": 988
}
}
F. 📋 List Post IDs
{
"source": "HL Gaming Official",
"endpoint": "posts/listIds",
"result": {
"postIds": ["abc123XYZ", "def456UVW", "ghi789RST"]
},
"usage": {
"usedToday": 14,
"dailyLimit": 1000,
"remainingToday": 986
}
}
G. ✏️ Update Success
{
"source": "HL Gaming Official",
"endpoint": "posts/update",
"result": {
"message": "Post updated",
"postId": "abc123XYZ"
},
"usage": {
"usedToday": 10,
"dailyLimit": 1000,
"remainingToday": 990
}
}
H. 🗑️ Delete Confirmation
{
"source": "HL Gaming Official",
"endpoint": "posts/delete",
"result": {
"message": "Post deleted",
"postId": "abc123XYZ"
},
"usage": {
"usedToday": 13,
"dailyLimit": 1000,
"remainingToday": 987
}
}
useruid and api key during the registration process. These credentials authenticate your requests and ensure that you only manage your own posts.
| Credential | Description |
|---|---|
useruid |
Your unique developer ID used for API authentication and tracking your API calls. Only posts created with this useruid are accessible through the endpoints. |
api |
Your secret API key. Keep this confidential and do not expose it in any client-side code. |
All API responses return a predictable and structured format. If an operation fails, the response will include a top-level "error" field. This section documents all known error types, their causes, and examples for proper implementation and handling.
Authentication & Access Errors
- Invalid or Missing User ID
This occurs when theuseruidis missing or does not match any registered user in the system.{ "error": "Auth Failed! Check your user ID." } - Invalid API Key
This is returned when the providedapikey is invalid or does not belong to the given user ID.{ "error": "Invalid API key." }
Post-Specific Errors
- Post Not Found
Returned when a requested post (fordetail,update, ordelete) does not exist or the post ID is invalid.{ "error": "Post not found." }
Server-Side Errors
- Internal Server Error
This means an unexpected issue occurred on the server. This is not caused by client input, but may affect availability or reliability.500 Server ErrorAction: Wait and retry later. If persistent, report to HL Gaming support.
Developer Notes
- Always check for the presence of an
"error"field in the response to detect and handle failures. - Successful responses do not contain the
"error"key. - Error messages are consistent, short, and written for developers to understand and debug quickly.
- Make sure all required parameters (such as
useruid,api, andtype) are sent correctly with each request.
type=search) takes a query parameter (q) and matches it against the lower-cased values of both the title and content of your posts. This ensures case‑insensitive matching. Optionally, the fields parameter lets you restrict the response to only certain fields. This is useful for lightweight queries or when you need to display a summary.
useruid. This guarantees that only posts created by you are returned or allowed to be modified/deleted.
usage object detailing your daily limit, the number of calls used, and the remaining quota. Monitor this object to prevent exceeding your daily limit. In addition, secure your credentials by making all calls from your server-side code.
- Never expose your
useruidorapikey in client-side code; always store credentials securely on your server. - Cache common requests and responses to minimize calls and reduce latency.
- Ensure that deletion and other destructive operations are only carried out after confirming the post ownership.
- Implement graceful error recovery and informative user feedback when an error is encountered.
- Monitor usage statistics to optimize your application’s API call patterns and avoid service disruption.
Contact: Developers | Support
