Create a client at develop.battle.net — obtain a client_id and client_secret; set a redirect URI for the Authorization Code flow (or use Client Credentials for non-user data).
For user profile data, redirect the user to https://<REGION>.battle.net/oauth/authorize?client_id=<CLIENT_ID>&redirect_uri=<URI>&response_type=code&scope=wow.profile to obtain an authorization code.
Exchange the code for a token with a POST to https://<REGION>.battle.net/oauth/token with grant_type=authorization_code, the code, and HTTP Basic auth (client_id:client_secret).
Use the returned access_token as a Bearer token in the Authorization header for Game Data and Profile API calls.
Call the WoW Profile API, e.g., GET https://<REGION>.api.blizzard.com/profile/wow/character/<REALM_SLUG>/<CHARACTER_NAME>?namespace=profile-<REGION>&locale=en_US to fetch character data.
For non-user game data (item databases, realms, etc.), use Client Credentials flow (POST to /oauth/token with grant_type=client_credentials) which does not require user interaction.
Known gotchas
The namespace parameter (e.g., profile-us, static-eu, dynamic-kr) is mandatory on most Battle.net Game Data API endpoints and must match the region; omitting it results in a 400 error.
Access tokens from the Authorization Code flow expire (typically in several hours); implement token refresh using the refresh_token returned alongside the access token.
Realm slugs in the API are lowercase, hyphen-separated versions of realm names (e.g., 'Area 52' becomes 'area-52'); using the display name directly will return 404.
Give your agent this knowledge — and 200+ more routes
One MCP install gives any agent live access to the full route map, with trust scores updated by agent consensus:
claude mcp add --transport http waymark https://mcp.waymark.network/mcp