This endpoint is used to authenticate a user and obtain an authentication token.
-
Request:
{ "username": "example_username", "password": "base64_encoded_password", "nonExpiringToken": false } -
Response:
{ "authToken": "example_token", "uuid": "example_user_uuid" }
This endpoint is used to invalidate an authentication token.
-
Request:
{ "authToken": "example_token" } -
Response:
{ "message": "Logout successful" }
This endpoint is used to refresh an authentication token.
-
Request:
{ "authToken": "example_token" } -
Response:
{ "authToken": "refreshed_token", "uuid": "example_uuid", "username": "example_username" }
This endpoint provides functionalities using an Application Token. Both Admin and Non-Admin Tokens can use this.
-
View User Data
-
Request:
{ "appToken": "example_app_token", "action": "viewUserData", "username": "example_username" } -
Response:
{ "data": { "email": "example_email@example.com" } }
-
-
Modify User Data
-
Request:
{ "appToken": "example_app_token", "action": "modifyUserData", "username": "example_username", "dataKey": "credentials", "modifiedData": { "email": "new@example.com" /* Additional modified data */ } } -
Response:
{ "success": true }
-
-
Delete Account
-
Request:
{ "appToken": "example_app_token", "action": "deleteAccount", "username": "example_username" } -
Response:
{ "success": true }
-
-
Change Password
-
Request:
{ "appToken": "example_app_token", "action": "changePassword", "data": { "username": "example_username", "newPassword": "new_example_base64_encoded_password" } } -
Response:
{ "success": true }
-
-
Change Username
-
Request:
{ "appToken": "example_app_token", "action": "changeUsername", "data": { "username": "example_username", "newUsername": "new_example_username" } } -
Response:
{ "success": true }
-
This endpoint provides account-related functionalities using an Authorization Token.
-
Create Account
-
Request:
{ "action": "createAccount", "username": "example_username", "password": "base64_encoded_password" } -
Response:
{ "success": true /* request token by login */ }
-
-
Delete Account
-
Request:
{ "authToken": "example_auth_token", "action": "deleteAccount", "data": { "username": "example_username" } } -
Response:
{ "success": true }
-
-
Update User Data
-
Request:
{ "authToken": "example_auth_token", "action": "updateUserData", "data": { "username": "example_username", "dataKey": "credentials", "modifiedData": { /* max 1024 bytes, overwrites full key */ "email": "new@example.com" /* Additional modified data */ } } } -
Response:
{ "success": true }
-
-
Get User Data
-
Request:
{ "appToken": "example_token", "action": "getUserData", "data": { "username": "example_username", "dataKey": "example_key" /* optionally, otherways it will respond all saved data */ } } -
Response:
{ "userData": { "email": "example_email@example.com" }, "uuid": "example_user_uuid" }
-
-
Change Password
-
Request:
{ "authToken": "example_auth_token", "action": "changePassword", "data": { "username": "example_username", "newPassword": "base64_encoded_new_password" } } -
Response:
{ "success": true }
-
-
Change Username
-
Request:
{ "authToken": "example_auth_token", "action": "changeUsername", "data": { "username": "example_username", "newUsername": "new_example_username" } } -
Response:
{ "success": true }
-
This endpoint provides general information.
-
Request:
{ "appToken": "example_app_token", /* must be admin token */ "username": "example_username" } -
Response:
{ "username": "example_username", "password": "****************", "data": { "example_key": { "example_value": "example_string" } } }
-
Admin Token:
- Used to perform administrative actions.
- Example:
{ "token": "example_admin_token" }
-
Non-Admin Token:
- Used for standard user actions.
- Example:
{ "token": "example_non_admin_token" }
In a game, you can use these endpoints for user authentication, saving game progress, and loading user data.
- The game collects the user's username and password (base64 encoded).
- The game sends a request to
/loginto authenticate the user and obtain an authentication token. - The game stores the authentication token securely for future requests.
- The game collects the user's game progress data.
- The game sends a request to
/account/updateUserDatawith the appropriate authentication token to update the user's game progress data. It is recommended to ALWAYS use a JSONObject as modifiedData.
- The game sends a request to
/api/applicationwith the appropriate application token and actionviewUserDatato retrieve the user's data. - The game uses the received user data to personalize the gaming experience.
/login: Authenticate and obtain an authentication token./logout: Invalidate an authentication token./refresh: Refresh an authentication token./api/application: Perform actions using an Application Token (view user data, modify user data, delete account)./account: Perform account-related actions using an Authorization Token (create account, delete account, update user data).
Note: Passwords must be Base64 encoded when included in the request payloads to ensure secure transmission and storage. Failure to encode passwords may result in them being saved as-is, compromising security.