Warning: REST API requests should be sent from the server, not the client / browser


The link you should be posting to would be:


Please note that you can replace the /xml/ with /json/ if you want JSON encoded data returned instead of XML encoded data.

You will need to replace the [APP_ID] with your app ID . The request signature is an MD5 encoded version of your params encoded using the function below. This should be sent as part of your query string named 'signature'.

The function to generate this signature (written in PHP below):

 * Generate the API request signature
 * @param array $params Parameters for the API method
 * @param string $app_secret Your app's secret key
 * @return string The signature parameter used for this API request
function sign($params, $app_secret)
	if (!empty($params) && is_array($params)) {
		foreach ($params as &$value) {
			if (is_bool($value)) {
				$value = !empty($value) ? 'true' : 'false';

	$query_string = http_build_query($params);

	return md5($app_secret . (!empty($query_string) ? '&' . $query_string : null));

This function uses your secret key and your params and returns an MD5 string. We use the same function on our end to validate the request and make sure it hasn't become corrupted. You also need to send one of the methods listed above e.g. 'Products/UserHasItem'. This is also a query string variable, and should be sent as 'method'.

Finally you need to send the parameters. These need to be sent as a JSON encoded query string variable called 'params'. For example:

Here's a complete example which uses the sign function to create a URL for the Api/GetTokenByUserId method.


// Update with your app details
$app_id = 0;
$app_secret = 'itsasecrettoeverybody';

// Fill in the API method and any required parameters
$method = 'Api/GetTokenByUserId';
$params = array('user_id' => 1, 'app_id' => $app_id);

// Remember to convert boolean values to string
foreach ($params as &$value) {
	if (is_bool($value)) {
		$value = !empty($value) ? 'true' : 'false';

// Sign the request and create query string
$signature = sign($params, $app_secret);
$query_string = http_build_query(array(
	'method' => $method,
	'params' => json_encode($params),
	'signature' => $signature,

// This is the URL for your API call
echo 'https://api.miniclip.com/json/?app_id=' . $app_id . '&' . $query_string;