Developer Console

Register and Authenticate a Player

You need to register and authenticate each player, using the Game API from your game, before the player can enter any Leaderboards and Tournaments competitions offered by your game.


To register and authenticate players, you need the Game API Key. You can find the game API key in the game settings panel of the Leaderboards and Tournaments Console. It is named Public API Key in the panel. See the following figure:

Register Player

In the Register Player method, provide the Game API key in the header. The encryptedPayload parameter is not required for standard security.

The Register Player response message includes the playerToken in clear text (not encrypted). Store this token for long term use. You will send it in all future Authenticate Player requests for the player.

For additional details, see Register Player in the Game API Reference.

Authenticate the player

Prior to sending Game API requests, the app calls Authenticate Player to create a new player session.

The auth request body includes the player token that the API returned in the Register Player response.

For additional details, see Authenticate Player in the Game API Reference.

The auth response contains the session expiry date (sessionExpirationDate), which you should store. Before you call any of the API methods that require sessionId, check whether the session has expired by comparing sessionExpirationDate with the current date.

If the session has expired, you need to call Authenticate Player to create a new player session, and use the new sessionId when you call the other API methods.

Example request

POST /players/auth
Content-Type: application/json
x-Api-Key: d2d0b961-a5ce-45c7-9dbe-a63061ee229c

Example auth request body

  "payload" : "<player token>",
  "playerName" : "hunkdory",
  "deviceOSType" : "iOS",
  "appBuildType" : "development"

The deviceOSType and appBuildType are both required parameters.

The response to the auth request includes a session API key and the session Id, which the app must include in each subsequent API request.

Example response

  "sessionApiKey" : "9a8f707f-a09e-4710-8cf2-7cb5a7b0de57",
  "sessionExpirationDate": 1607760000000,
  "sessionId" : "034721fb-f384-4cb1-a46d-d96cea8198b6"