Skip to main content

Authentication

Auth

The Authentication endpoints provide an effective mechanism to authenticate the players towards our platform. The players can be authenticated in multiple ways — Using device ID, Facebook, Google, or Apple accounts. The authentication is separated per game, making it game-specific.

Linking Socials: Players can link and unlink their social media and log in with their linked social accounts.

User Authentication: The users can be authenticated in two ways — With Device ID, or through social OAuth.

Device login can be done by sending the unique device ID to the server in the auth endpoint. This ID allows us to uniquely identify and authenticate the device.

Social login can be done by sending the user’s authentication token (e.g., from Facebook or Google) to the server so that we can authenticate the user in our server.

In either cases the server will respond with the user’s token (JSON Web Token) and the expiry time in seconds. There are other side effects that are related to auth, like assigning the configured stats, tasks, etc. that our backend asynchronously perform in the background.

info

Base Endpoint: /api/v1/auth

note

Option to set provider as Facebook, Apple, GooglePlay or Device.

Available Endpoints

1. Gamer Login

  • Method & PathPOST /login
  • Description: Endpoint for gamers to log in using a social account. It requires the access token from the social provider.
  • Headers:
    • x-game-id: Unique identifier for the game.
  • Query Parameters:
    • provider: The social provider used for login
  • Request Body:
    • accessToken: The access token provided by the social login provider.
  • Response Body:
    • accessToken: Access token in the format of JSON Web Token(JWT) for the gamer to use for authenticated requests. Valid for 24 hours.
    • expiresIn: The duration in seconds for which the access token is valid.

cURL Command

curl --request POST \
--url 'https://api.yarsaplay.com/api/v1/auth/login?provider=Device' \
--header 'Content-Type: application/json' \
--header 'X-Game-Id: '

Response Body

{
"expires": "<number>",
"token": "<string>",
"type": "<string>"
}
  • Method & PathPATCH /socialLink
  • Description: Allows a user to link a social account to their main account. This can be used for adding additional methods of login.
  • Headers:
    • Authorization: Bearer token for user authentication.
  • Query Parameters:
    • provider: The social provider to link
  • Request Body:
    • accessToken: The access token provided by the social login provider.
  • Response Body:
    • message: Confirmation message indicating the successful linking of the account

cURL Command

curl --request PATCH \
--url 'https://api.yarsaplay.com/api/v1/auth/socialLink?provider=Device' \
--header 'Authorization: Bearer YOUR_SECRET_TOKEN' \
--header 'Content-Type: application/json'

Response Body

{
"message": "<string>"
}
  • Method & PathPATCH /unlink
  • Description: Allows a user to unlink a social account from their main account. The social provider to be unlinked must be specified in the URL.
  • Headers:
    • Authorization: Bearer token for user authentication.
  • URL Parameters:
    • provider: The name of the social provider to unlink
  • Response Body:
    • message: Confirmation message indicating the successful unlinking of the account.

cURL Command

curl --request PATCH \
--url 'https://api.yarsaplay.com/api/v1/auth/unlink?provider=Device' \
--header 'Authorization: Bearer YOUR_SECRET_TOKEN'

Response Body

{
"message": "<string>"
}