Authentication
Auth
The Authentication endpoints provide an effective mechanism to authenticate the players towards our platform. The players can be authenticated in multiple ways — Using device ID, Facebook, Google, or Apple accounts. The authentication is separated per game, making it game-specific.
Linking Socials: Players can link and unlink their social media and log in with their linked social accounts.
User Authentication: The users can be authenticated in two ways — With Device ID, or through social OAuth.
Device login can be done by sending the unique device ID to the server in the auth endpoint. This ID allows us to uniquely identify and authenticate the device.
Social login can be done by sending the user’s authentication token (e.g., from Facebook or Google) to the server so that we can authenticate the user in our server.
In either cases the server will respond with the user’s token (JSON Web Token) and the expiry time in seconds. There are other side effects that are related to auth, like assigning the configured stats, tasks, etc. that our backend asynchronously perform in the background.
Base Endpoint: /api/v1/auth
Option to set provider
as Facebook
, Apple
, GooglePlay
or Device
.
Available Endpoints
1. Gamer Login
- Method & Path:
POST /login
- Description: Endpoint for gamers to log in using a social account. It requires the access token from the social provider.
- Headers:
x-game-id
: Unique identifier for the game.
- Query Parameters:
provider
: The social provider used for login
- Request Body:
accessToken
: The access token provided by the social login provider.
- Response Body:
accessToken
: Access token in the format of JSON Web Token(JWT) for the gamer to use for authenticated requests. Valid for 24 hours.expiresIn
: The duration in seconds for which the access token is valid.
cURL Command
curl --request POST \
--url 'https://api.yarsaplay.com/api/v1/auth/login?provider=Device' \
--header 'Content-Type: application/json' \
--header 'X-Game-Id: '
Response Body
{
"expires": "<number>",
"token": "<string>",
"type": "<string>"
}
2. Link Social Account
- Method & Path:
PATCH /socialLink
- Description: Allows a user to link a social account to their main account. This can be used for adding additional methods of login.
- Headers:
Authorization
: Bearer token for user authentication.
- Query Parameters:
provider
: The social provider to link
- Request Body:
accessToken
: The access token provided by the social login provider.
- Response Body:
message
: Confirmation message indicating the successful linking of the account
cURL Command
curl --request PATCH \
--url 'https://api.yarsaplay.com/api/v1/auth/socialLink?provider=Device' \
--header 'Authorization: Bearer YOUR_SECRET_TOKEN' \
--header 'Content-Type: application/json'
Response Body
{
"message": "<string>"
}
3. Unlink Social Account
- Method & Path:
PATCH /unlink
- Description: Allows a user to unlink a social account from their main account. The social provider to be unlinked must be specified in the URL.
- Headers:
Authorization
: Bearer token for user authentication.
- URL Parameters:
provider
: The name of the social provider to unlink
- Response Body:
message
: Confirmation message indicating the successful unlinking of the account.
cURL Command
curl --request PATCH \
--url 'https://api.yarsaplay.com/api/v1/auth/unlink?provider=Device' \
--header 'Authorization: Bearer YOUR_SECRET_TOKEN'
Response Body
{
"message": "<string>"
}