- REST API —
https://whistle.huddleup-sports.com/api/v1— a bearer-authenticated, server-to-server JSON API. - MCP server —
https://whistle.huddleup-sports.com/api/mcp— a remote HTTP Model Context Protocol endpoint exposing the same capabilities as 20 tools for AI agents.
Looking for help using the Whistle app as an official or league organizer? See the Whistle FAQ — this section is for developers and AI agents building integrations.
Who this is for
- League management systems syncing schedules into Whistle so officials can claim and get paid (HuddleUp itself is the first consumer of this API).
- Partner automations and AI agents that import game schedules, roster officials, monitor assignments, and reconcile payouts.
Base URLs
| Surface | URL |
|---|---|
| REST API | https://whistle.huddleup-sports.com/api/v1 |
| MCP (HTTP transport) | https://whistle.huddleup-sports.com/api/mcp |
source namespace: you see and mutate only leagues you created (plus any explicitly granted to your key), so your test data is isolated, and stable externalIds let you re-run imports idempotently.
Prerequisites
- A partner API key (
whk_…). Keys are issued by the Whistle team — email tommy@huddleup-sports.com. There is no self-service key portal yet. The key is shown once at issuance; store it in a secret manager. - A server-side caller. The API sends no CORS headers, so browsers can’t call it directly — integrate from your backend (or an MCP client, which connects server-to-server).
Safe onboarding path
Store your key as an environment variable
Never hardcode it. Examples in these docs use
$WHISTLE_API_KEY.Make your first call — the authenticated index
GET /api/v1 returns a self-describing index (endpoints, webhook events, contract notes). It’s read-only and the recommended smoke test. See the REST quickstart.Create your own league before writing anything else
Create a league with your
source + externalId, then import games into it. Start with reads and idempotent upserts; review the error and agent-safety guide before wiring any destructive call (cancel, remove, unassign, delete).Integration status
Where to go next
Authentication
Bearer keys, handling, rotation, and 401 behavior.
REST quickstart
First authenticated call in two curl commands.
MCP quickstart
Connect Claude Code or any MCP client.
Task recipes
End-to-end flows: import games, manage officials, webhooks.
API reference
Every endpoint, generated from the OpenAPI spec.
Errors & agent safety
Error codes, retries, and confirmation rules for agents.

