Authentication API
POST /user/login/google
Description: Redirects to Google’s embedded Oauth login page (which redirects back to /user/validate/google after login).
Query Parameters:
| NAME | DESCRIPTION | REQUIRED |
|---|---|---|
| csrf | CSRF token | yes |
POST /user/login/facebook
Description: Redirects to Facebook’s embedded Oauth login page (which redirects back to /user/validate/facebook after login).
Query Parameters:
| NAME | DESCRIPTION | REQUIRED |
|---|---|---|
| csrf | CSRF token | yes |
POST /user/validate/google
Description: Returns the user key of the Google account on the ApiUser object after successful login. On the web version of the game, the returned HTML sends an onLoginSuccess message to the client with the login user data and csrf token to origin. On the Windows client it sends a GET request (localhost:7163/?userKey={0}&csrf={1}) to login with user key through a gateway image in HTML.
Query Parameters:
| NAME | DESCRIPTION | REQUIRED |
|---|---|---|
| code | Code token | yes |
| scope | Scope | yes |
| authuser | ”0” | yes |
| prompt | ”none” | yes |
POST /user/validate/facebook
Description: Returns the user key of the Facebook account on the ApiUser object after successful login. On the web version of the game, the returned HTML sends an onLoginSuccess message to the client with the login user data and csrf token to origin. On the Windows client it sends a GET request (localhost:7163/?userKey={0}&csrf={1}) to login with user key through a gateway image in HTML.
Query Parameters:
| NAME | DESCRIPTION | REQUIRED |
|---|---|---|
| code | Code token | yes |
| state | State token | yes |
POST /api/validate/apple
Description: Deprecated. Unknown.
POST /api/validate/device/:deviceId:
Description: Creates a device account (or signs in) and returns a new user key on the ApiUser object. Device accounts are only usable from iOS and Android versions of the game.
Query Parameters:
| NAME | DESCRIPTION | REQUIRED |
|---|---|---|
| deviceId | String identifier (format [not enforced]: {platform}-{uuid}) | yes |
POST /api/validate/discord/:authToken:
Description: Takes a Discord Oauth Bearer Authorization Token and returns ApiUser object.
Query Parameters:
| NAME | DESCRIPTION | REQUIRED |
|---|---|---|
| authToken | Token | yes |
POST /api/validate/facebook/:accessToken:
Description: Deprecated.
Query Parameters:
| NAME | DESCRIPTION | REQUIRED |
|---|---|---|
| accessToken | Token | yes |
POST /api/validate/google/:authCode:
Description: Deprecated.
Query Parameters:
| NAME | DESCRIPTION | REQUIRED |
|---|---|---|
| authCode | Token | yes |
POST /api/validate/gamecenter
Description: Deprecated. Unknown.