Question About Authentication Tokens And The REST API
I
Ian Dunbar
started a topic
almost 5 years ago
Being new to using Gamesparks and relatively new to BaaS I am finding some confusion about the use of the Authentication Token when using the RestAPI to get player details and log events.
Since I am developing on a platform that does not have a plugin for Gamesparks ( Corona SDK ) I am using the RestAPI from within my app to communicate with Gamesparks and log events, which I have been told is fine since my network requests are light and relatively infrequent. It seems as though all I need is the Player Id in order to get account details, log events, etc, but isn't this less secure since the authentication token is not involved? What purpose does the authentication token serve for my use case? Is there something different that I should be doing or is using the playerId perfectly fine?
Thanks for the help!
Best Answer
C
Customer Support
said
almost 5 years ago
Hi Ian
The auth token is used by gamesparks to keep the user logged in for as long as we can until gamesparks is disconnected from the game.
This is mostly used in our SDK's when a games goes into the background.
For your case using the playerId for rest requests is fine.
The auth token is used by gamesparks to keep the user logged in for as long as we can until gamesparks is disconnected from the game.
This is mostly used in our SDK's when a games goes into the background.
For your case using the playerId for rest requests is fine.
Regards
Katie
Customer Support
said
almost 5 years ago
Hi Ian
I just wanted to add that while having the playerId on the client is fine.The credential and secret should always be secured you can find out how to do this using nodeJS here.
Apologies if this was not clear in are documentation.
Ian Dunbar
Being new to using Gamesparks and relatively new to BaaS I am finding some confusion about the use of the Authentication Token when using the RestAPI to get player details and log events.
Since I am developing on a platform that does not have a plugin for Gamesparks ( Corona SDK ) I am using the RestAPI from within my app to communicate with Gamesparks and log events, which I have been told is fine since my network requests are light and relatively infrequent. It seems as though all I need is the Player Id in order to get account details, log events, etc, but isn't this less secure since the authentication token is not involved? What purpose does the authentication token serve for my use case? Is there something different that I should be doing or is using the playerId perfectly fine?
Thanks for the help!
Hi Ian
The auth token is used by gamesparks to keep the user logged in for as long as we can until gamesparks is disconnected from the game.
This is mostly used in our SDK's when a games goes into the background.
For your case using the playerId for rest requests is fine.
Regards
Katie
- Oldest First
- Popular
- Newest First
Sorted by Oldest FirstCustomer Support
Hi Ian
The auth token is used by gamesparks to keep the user logged in for as long as we can until gamesparks is disconnected from the game.
This is mostly used in our SDK's when a games goes into the background.
For your case using the playerId for rest requests is fine.
Regards
Katie
Customer Support
Hi Ian
I just wanted to add that while having the playerId on the client is fine.The credential and secret should always be secured you can find out how to do this using nodeJS here.
Apologies if this was not clear in are documentation.
Regards
Katie
Ian Dunbar
Perfect, thanks for the help Katie!
-
Documentation Notes
-
Design issues with user events
-
Using NoSQL
-
Runtime Collections vs Metadata Collections
-
Anonymous authentication from browser app
-
Modules
-
Movement With Unity
-
Problem with url parameters for downloadables
-
Querying NoSql GameSparks database
-
Challenge accesType
See all 2486 topics