Auth
RallyHere Authentication API
This API is used by clients to retrieve an access token to be used when accessing other RallyHere APIs.
User-based Client Logins
The /v1/login endpoint supports user-based authentication for a variety of platforms by "wrapping" a user's platform access token using a multi-step process:
- The client must authenticate the user and retrieve an access token for their respective platform.
- The client must subsequently authenticate the user using the /v1/login endpoint by setting the
grant_typeto the appropriate platform, and setting theportal_access_tokento the access token retrieved above, which will return a new access token to be used for RallyHere APIs.
OAuth
Version 1
The /v1/oauth endpoints support user-based client authentication for a variety of different platforms, utilizing secure redirects to third-party authentication URLs. The OAuth flow allows authentication to the RallyHere APIs without the use of a game client.
Version 2
Currently, the /v2/oauth endpoints only support a grant_type value of client_credentials, for the purposes of
user-less client authentication, utilizing Basic authentication containing a RallyHere client ID and client secret. This
type of authentication enables trusted clients (such as backend game instances) to access the RallyHere APIs without
user-specific authentication.
The /v2/oauth endpoint will be updated in the future to include user-based authentication modes.
📄️ Login
This endpoint is used to authenticate a user and retrieve an access token for use with other RallyHere APIs.
📄️ Get Portal Token Details
Platform-specific token details. Return data that the platform allows for their tokens.
📄️ Logout
Log out a refresh token
📄️ Verify
Verify if an access token is still valid
📄️ Get All Public Keys
Get all current public keys for this auth provider
📄️ Get Public Key By Id
Get a current public key by `key_id` for this auth provider.
📄️ Oauth Login
This endpoint is used to initiate the OAuth authentication flow for a user.
📄️ Oauth Response
Handle OAuth response from the platform. Validates the response, and generates an authorization_code for the user. The authorization_code can be used with the `/users/v1/oauth/token` endpoint to get an access token for the user.
📄️ Oauth Token Exchange
Exchange an authorization_code from the `/users/v1/oauth/response/{platform}` endpoint for an access token and refresh token.
📄️ Token
OAuth2 Token Endpoint. For more information see: <a href='https://datatracker.ietf.org/doc/html/rfc6749#section-3.2' target='_blank'>Token Endpoint Spec</a>.