Sign In Register

How can we help you today?

Start a new topic
Answered

Question About Authentication Tokens And The REST API

Being new to using Gamesparks and relatively new to BaaS I am finding some confusion about the use of the Authentication Token when using the RestAPI to get player details and log events.


Since I am developing on a platform that does not have a plugin for Gamesparks ( Corona SDK ) I am using the RestAPI from within my app to communicate with Gamesparks and log events, which I have been told is fine since my network requests are light and relatively infrequent. It seems as though all I need is the Player Id in order to get account details, log events, etc, but isn't this less secure since the authentication token is not involved? What purpose does the authentication token serve for my use case? Is there something different that I should be doing or is using the playerId perfectly fine?


Thanks for the help!


Best Answer

Hi Ian


The auth token is used by gamesparks to keep the user logged in for as long as we can until gamesparks is disconnected from the game.

This is mostly used in our SDK's when a games goes into the background.

For your case using the playerId for rest requests is fine.


Regards

Katie





Answer

Hi Ian


The auth token is used by gamesparks to keep the user logged in for as long as we can until gamesparks is disconnected from the game.

This is mostly used in our SDK's when a games goes into the background.

For your case using the playerId for rest requests is fine.


Regards

Katie




Hi Ian 


I just wanted to add that while having the playerId on the client is fine.The credential and secret should always be secured you can find out how to do this using nodeJS here.

Apologies if this was not clear in are documentation.


Regards

Katie

Perfect, thanks for the help Katie!

Login to post a comment