Authentication — Roanuz Cricket API
Overview
All Roanuz API access requires an access token obtained via API key authentication.
Step 1: Create Project
Get your project key and API key from the Roanuz Project Console.
Step 2: Create Token
Endpoint
POST https://api.sports.roanuz.com/v5/core/{project_key}/auth/
Request
{
"api_key": "YOUR_API_KEY"
}
Response
{
"status_code": 200,
"data": {
"token": "eyJhbG...",
"expires": "1711234567.89"
}
}
token— Access token stringexpires— Unix timestamp (float) when the token expires
Code Example (Node.js)
const response = await axios.post(
`https://api.sports.roanuz.com/v5/core/${projectKey}/auth/`,
{ api_key: apiKey },
{ headers: { 'Content-Type': 'application/json' } }
);
const { token, expires } = response.data.data;
Step 3: Use Token
Pass the token via the rs-token header on all subsequent API calls:
GET https://api.sports.roanuz.com/v5/cricket/{project_key}/{endpoint}/
Headers:
rs-token: <your_token>
Code Example (Node.js)
const response = await axios.get(
`https://api.sports.roanuz.com/v5/cricket/${projectKey}/featured-matches-2/`,
{ headers: { 'rs-token': token } }
);
Token Lifecycle
- Tokens have an expiration timestamp
- Refresh before expiry (Hannibal refreshes when < 5 minutes remain)
- One token can be used across multiple concurrent requests
- No rate limit on auth endpoint itself (but don't spam it)
Hannibal Implementation
See RoanuzDataAdapter.ts:
refreshToken()— POST to auth endpoint, store token + expiryensureValidToken()— Check expiry, auto-refresh if < 5min remainingmakeRequest()— Addsrs-tokenheader to all API callswsManager.updateToken()— Updates WebSocket manager when token refreshes