Introduction
This resource provides comprehensive documentation for the private API used in Dead by Daylight. Note that the endpoints included here have been specifically captured from the Epic Games version of the game. Availability and functionality may vary in other versions.
The endpoints described here are not officially supported by Behaviour Interactive. This means that they can be changed, disabled, or removed without notice.
Attempting to use these endpoints in live game environments may violate Behaviour Interactive's terms of use agreement. As such, there is a risk of your account being suspended or permanently banned if detected by the game's anti-cheat or security systems.
This documentation is provided for educational purposes only. By using it, you acknowledge that you do so at your own risk and agree that I am not responsible for any consequences that may arise from your actions.
Host Names
The API host name follows the format {subdomain}.live.bhvrdbd.com, where {subdomain} is cdn, egs, or gamelogs.
Server Certificate
The API service uses a wildcard TLS 1.2 certificate to secure multiple subdomains. The certificate's primary domain is for all subdomains of *.live.bhvrdbd.com. Additionally, the certificate includes a Subject Alternative Names (SAN) extension that allows it to cover the subdomains of *.stage.bhvrdbd.com, *.cert.bhvrdbd.com, and *.ptb.bhvrdbd.com as well.
Errors
HTTP Response Status Codes
The API returns different HTTP status codes depending on whether or not the request was successful or resulted in some error.
| Code | Message | Description |
|---|---|---|
| 200 | OK | The request succeeded. |
| 201 | Created | The request succeeded, and a new resource was created as a result. |
| 204 | No Content | The server successfully processed the request and is not returning any content. |
| 400 | Bad Request | The server cannot or will not process the request due to something that is perceived to be a client error. |
| 401 | Unauthorized | The client must authenticate itself to get the requested response. |
| 404 | Not Found | The server cannot find the requested resource. |
| 409 | Conflict | This response is sent when a request conflicts with the current state of the server. |
Error Messages
Error responses contain a JSON object whose structure varies depending on the specific error that occured. Below are some examples.
400 Bad Request
{
"type": "BadRequestException",
"localizationCode": "tokenExpired",
"message": "Invalid input: [EGS] The token has expired"
}
401 Unauthorized
{
"type": "UnauthorizedException",
"localizationCode": "invalidToken",
"message": "Unauthorized, invalid auth token"
}
404 Not Found
{
"message": "Not Found",
"localizationCode": "routeNotFound"
}
409 Conflict
{
"type": "DataConflictException",
"localizationCode": "redeemableCodeExpired",
"message": "Conflict: [RedeemableCodeV2] Redeemable code has expired"
}