Documentation

Public API

Read-only endpoints for game data — no key, no signup required.

Base URL

https://shrouded.tools

Authentication

The endpoints listed below are public: no API key, no signup, no required headers. Write endpoints (POST/DELETE) and /api/v1/admin/* are session-cookie protected and LAN/tailnet-only — not publicly accessible.

CORS

The endpoints don't currently send Access-Control-Allow-Origin headers, so cross-origin browser fetches are blocked. Server-side use (curl, Python, Node, Bun, Deno) works fine. For browser-side use, open an issue on Forgejo and I'll allowlist your origin.

Rate limits

Nginx enforces 60 req/min/IP with a burst of 30 (public_api zone). More than enough for normal browsing. Above that you get HTTP 429. If you need a higher quota for a legitimate use (mod, third-party app), get in touch.

Full dumps (static snapshot)

For one-shot full catalog access, pre-built JSON files are also served statically:

/assets/wiki/items.json — 3526 items
/assets/wiki/recipes.json — 1951 recipes
/assets/wiki/bestiary.json — 331 enemies
/assets/wiki/perks.json — 233 perks
/assets/wiki/quests.json — 168 quests
/assets/wiki/lore.json — 283 lore entries
/assets/map/markers.json — 1323 map markers
/assets/map/chests.json — 2579 chests with drops

Endpoints

Items

GET /api/v1/items

List all items. Optional filters: kind, slot, q (search).

curl https://shrouded.tools/api/v1/items?kind=weapon

GET /api/v1/items/{code}

Single item by its code (debug_name).

curl https://shrouded.tools/api/v1/items/WeaponIronSword

Recipes

GET /api/v1/recipes

List of all recipes (cooking + crafting + upgrades).

curl https://shrouded.tools/api/v1/recipes

GET /api/v1/recipes/{code}

Single recipe by its code.

Skill tree

GET /api/v1/skills/tree

Full tree: 12 sub-classes, ~150 nodes, edges. Single request.

curl https://shrouded.tools/api/v1/skills/tree

GET /api/v1/skills/paths

List the paths (warrior / ranger / mage / hub).

GET /api/v1/skills/nodes/{code}

Single node by its code.

Shared builds

GET /api/v1/builds/{slug}

Fetch a skill build shared via the planner's "Share" button.

curl https://shrouded.tools/api/v1/builds/abc123

Health

GET /api/v1/health

Status check (200 OK when the backend is up).

Attribution & license

The site and code are licensed AGPL-3.0. Data extracted from Enshrouded (© Keen Games GmbH) is provided for educational / community purposes with no official affiliation. If you reuse the JSON dumps, please credit shrouded.tools and respect AGPL if you distribute your service.

OpenAPI (internal)

The full OpenAPI spec lives at /api/v1/openapi.json but is LAN/tailnet-only (security audit phase 5). For typed clients, work from the doc above or open an issue for an export.