> ## Documentation Index
> Fetch the complete documentation index at: https://docs.appcharge.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Initiate Game Auth Callback

> > **Warning:** This API endpoint is only relevant for the Game Redirect Login method.

> **Note:** This is a callback API. Appcharge calls this endpoint on your server when specific events occur.
Notifies your system to initiate an authentication session in your game.

Appcharge calls this endpoint when a player attempts to log in via [Game Redirect Login](/../../guides/webstore/player-authentication/game-redirect-login/about-game-redirect-login). Your server responds with either the data needed to redirect the player to your game for authentication, or an error.


<RequestExample>
  ```bash Initiate Game Auth - Mobile theme={"system"}
  curl -X POST \
    'https://{YOUR_INITIATE_GAME_AUTH_ENDPOINT}' \
    -H 'Content-Type: application/json' \
    -H 'x-publisher-token: <x-publisher-token>' \
    -H 'signature: <signature>' \
    -d '{
      "device": "MOBILE",
      "date": "2023-11-07T05:31:56Z"
    }'
  ```

  ```bash Initiate Game Auth - Desktop theme={"system"}
  curl -X POST \
    'https://{YOUR_INITIATE_GAME_AUTH_ENDPOINT}' \
    -H 'Content-Type: application/json' \
    -H 'x-publisher-token: <x-publisher-token>' \
    -H 'signature: <signature>' \
    -d '{
      "device": "DESKTOP",
      "date": "2023-11-07T05:31:56Z"
    }'
  ```
</RequestExample>

<ResponseExample>
  ```json Initiate Game Auth - Mobile theme={"system"}
  {
    "deepLink": "https://my-awesome-game/2298/bv45d674?key=549bc5151667f6216629efe46vf7bacd2812d82298",
    "accessToken": "9ac8883227afa33412197b",
    "desktopAutoRedirect": false
  }
  ```

  ```json Initiate Game Auth - Desktop theme={"system"}
  {
    "deepLink": "https://my-awesome-game/auth?key=549bc5151667f6216629efe46vf7bacd2812d82298",
    "accessToken": "9ac8883227afa33412197b",
    "desktopAutoRedirect": true
  }
  ```

  ```json 400 theme={"system"}
  {
    "error": "Invalid signature"
  }
  ```

  ```json 401 theme={"system"}
  {
    "error": "Unauthorized"
  }
  ```

  ```json 403 theme={"system"}
  {
    "error": "Parameters not correct"
  }
  ```
</ResponseExample>


## OpenAPI

````yaml openapi-initiate-game-auth-callback.json POST /{YOUR_INITIATE_GAME_AUTH_ENDPOINT}
openapi: 3.1.0
info:
  title: Initiate Game Authentication API
  version: 1.0.0
servers: []
security: []
paths:
  /{YOUR_INITIATE_GAME_AUTH_ENDPOINT}:
    post:
      tags:
        - Authentication
      summary: Initiate Game Auth
      description: >-
        <Warning> This API endpoint is only relevant for the Game Redirect Login
        method. </Warning> <Note> This is a callback API. Appcharge calls this
        endpoint on your server when specific events occur. </Note> Notifies
        your system to initiate an authentication session in your game. <br />
        <br /> Appcharge calls this endpoint when a player attempts to log in
        via [Game Redirect
        Login](/../../guides/webstore/player-authentication/game-redirect-login/about-game-redirect-login).
        Your server responds with either the data needed to redirect the player
        to your game for authentication, or an error.
      operationId: game-authentication-endpoint
      parameters:
        - name: x-publisher-token
          in: header
          description: Publisher token.
          schema:
            type: string
        - name: signature
          in: header
          description: The signed payload.
          schema:
            type: string
      requestBody:
        content:
          application/json:
            schema:
              type: object
              properties:
                device:
                  type: string
                  enum:
                    - DESKTOP
                    - APPCHARGE
                  description: |-
                    Device the player used to log in. 
                     
                      + `DESKTOP`: PCs and laptops. 
                     + `APPCHARGE`: Mobile.
                  example: DESKTOP
                date:
                  type: string
                  format: date-time
                  description: >-
                    Date in [ISO 8601](https://en.wikipedia.org/wiki/ISO_8601)
                    format.
                  example: '2023-11-07T05:31:56Z'
      responses:
        '200':
          description: OK
          content:
            application/json:
              schema:
                type: object
                required:
                  - deepLink
                  - accessToken
                properties:
                  deepLink:
                    type: string
                    description: >-
                      Deeplink for redirecting the player to your game for
                      authentication.
                    example: >-
                      https://my-awesome-game/2298/bv45d674?key=549bc5151667f6216629efe46vf7bacd2812d82298
                  accessToken:
                    type: string
                    description: Player access token.
                    example: 9ac8883227afa33412197b
                  desktopAutoRedirect:
                    type: boolean
                    default: false
                    description: >-
                      Whether players logging into the web store on desktop are
                      redirected to the deepLink URL instead of being shown a QR
                      code.


                      When `false` or omitted, these players see a QR code of
                      the deeplink and must scan it with their phone to open the
                      game.
                    example: true
        '400':
          description: Invalid signature
        '401':
          description: Unauthorized
        '403':
          description: Parameters not correct

````