The Authenticate Player API allows your backend to verify a player’s identity when they attempt to log in to your web store. Appcharge sends a POST request to this API endpoint each time a player initiates a login attempt using any of the supported authentication methods. Your server is expected to validate the player and respond with either the player details or an authentication error. If authentication is successful, the player is granted access to the web store.

Before you begin

It’s important to note the following points before starting to code:
  • Make sure you’ve completed the player authentication setup in the Publisher Dashboard.
  • The token property has different values depending on the login method:
    • SSO Login: The authentication token returned by the SSO provider.
    • Player ID Login: The Player ID entered by the player in the login page.
  • For both Pre-Authenticated Login and Game Redirect Login, Appcharge sets authMethod: "otp".
  • The otp object contains authentication tokens required for both methods:
    • Pre-Authenticated Login: Appcharge extracts the player code and access token from the deeplink your game provides and includes them in the API call.
    • Game Redirect Login: Appcharge first calls your Initiate Game Auth API to retrieve the access token and a deeplink to redirect the player to your game. Your game generates a 4- or 6-digit player code and then redirects the player back to your web store using a URL that includes both the player code and token. Appcharge extracts those values from the URL and sends them in a POST request to your Authenticate Player API.

      For a detailed explanation of this flow, see About Game Redirect Login.