"Because the constructed URL can become quite lengthy, the entire request is sent via POST data. If the URL is not too long, you can send it via GET request as well."

This sentence is confusing. I think if it was changed so it said, "the entire request could be sent view POST data" instead. Basically, since the URLs can become lengthy, they can be sent via POST data. However, you're free to also pass it as GET.

I've experienced a strange behavior with unique scores and as it seems I'm not the only one.
If I set "unique scores" to false, everything is working just fine, but if I set it to true, the api always returns no scores. Even the webinterface tells me that there are no scores, which is obviously incorrect, because there are tons of scores if I disable "unique scores".

A call to https://gamejolt.com/api/game/v1_1/scores?game_id=GameID&limit=10&format=json&signature=...
only returns {"response":{"success":"true","scores":""}}

Unless this was present but undocumented in v1.0, it's Sessions#Check is new to me and should be added to the version history.

The title of the second table should read Valid Values for status

Sessions#Ping

I don't know if that's a mistake in the documentation or a inconsistency in the implementation but year, month, day, hour and minute are all singular but seconds is plural.

Get Time

The trophies call returns a string starting with the letter 's' and followed by the expected json.
A call to https://gamejolt.com/api/game/v1_1/trophies?... will result in:

s{
    "response":{
        "success":"true",
        "trophies":[
            {
                "id":"12345",
                "title":"Bronze Trophy",
                "description":"I'm a bronze trophy.",
                "difficulty":"Bronze",
                "image_url":"...",
                "achieved":"false"
            }
        ]
    }
}

When using Sessions Check, it will return {"success":true} when a session is open but {"success":false,"message":""} when there is no open session.

The success key should only be used to indicate whether the request succeeded or failed (like any other API call).

The result of the check should has its own key, e.g. check or has_session_open.

/scores/get-rank/ gives back the same response like /scores/.
It was supposed to give me a single number but instead I get a bunch of score objects.

[already solved!]

Formats should be lowercase. If you pass a non-lowercase format, the API does not return anything.

Based on my experience with the API v1.0, I don't know how v1.2 behave on that regard.

Data entries set with the restriction feature are still overwritable by others.
User X sets a new item with this:
https://gamejolt.com/api/game/v1_1/data-store/set/?game_id=XXX&key=Test&restriction_username=USER_X&restriction_user_token=TOKEN_X&format=json&signature=XYZ (data is provided via POST)
This returns success and I can see the item in the data store, but others are still able to overwrite it:
https://gamejolt.com/api/game/v1_1/data-store/set/?game_id=XXX&key=Test&format=json&signature=XYZ (data is provided via POST)

On the index, the link to batch should be https://github.com/gamejolt/doc-game-api/blob/master/v1.x/batch/index.md

On the users index, the link to fetch should be https://github.com/gamejolt/doc-game-api/blob/master/v1.x/users/fetch.md

On the trophies index, the link to fetch should be https://github.com/gamejolt/doc-game-api/blob/master/v1.x/trophies/fetch.md

On the scores index, the link to fetch should be https://github.com/gamejolt/doc-game-api/blob/master/v1.x/scores/fetch.md

On the get-time index, the link to fetch should be https://github.com/gamejolt/doc-game-api/blob/master/v1.x/get-time/fetch.md

On the data-store index, the link to fetch should be https://github.com/gamejolt/doc-game-api/blob/master/v1.x/data-storage/fetch.md

The api does not report whether a certain trophy is secret or not. It also doesn't report if it is hidden.
To overcome this issue I currently use a local list of secret/hidden trophies to test against, of course it would be much more convenient if the api call just tells me if a trophy is secret/hidden or not.

Each type of game/build gets passed username/token differently. We need to explain it all somewhere. It's really helpful to be auto-logged in while playing games on the site.

The example response is one line below what it should be.

First few lines of the Users#Fetch examples:

--- | --- | --- success | boolean | Whether the request succeeded or failed.
Example: true message | string | If the request was not successful, this contains the error message.
Example: No such user could be found. id | integer | The ID of the user.
...

"true" belongs to the first line with "success | boolean"
"No such user could be found" belongs to the second line with "message | string"
...

The /get-time/ example shows that the only thing you get is a blank page.
Same goes for /sessions/check/.

[Already solved]

It's mentioned in batch/index, but it doesn't give examples. Since the URL encoding is pretty confusing (and possibly one of the most complicated bits of the whole process), I think it deserves some better step-by-step examples of how the URL transforms.

The title of the second table should read Valid Values for operation

DataStore#Update