Authentication endpoints

Telegram Auth V3

This method authenticates player based on Telegram MiniApp’s init data, using assymetric encryption offered by Telegram account system.

Endpoint specs

• Path: https://api.elympics.cc/v2/auth/user/telegram-auth-v3
• Method: POST
• Headers:
  • Elympics-Publisher-API-Key: YOUR_API_KEY

Example request

{
    "initDataRaw": "string" // initData Mini App receives once it is opened
}

Example 200 response

{
    "jwtToken": "<auth-token>",                 // JWT token generated for the player
    "userId": "<user-id>",                      // Elympics user ID of the player
    "nickname": "<user-nickname>",              // nickname of the player assigned in Elympics system
    "avatarUrl": "https://url-to-users-avatar", // URL of the avatar assigned in Elympics (optional)
    "connectedParent": "<user-id>",             // parent account user ID (optional)
    "twitterNickname": "<twitter-nickname>"     // associated Twitter account name (optional)
}

Ethereum-based auth

Players can also authenticate themselves using their Ethereum wallets. The process is described in a separate article.

Guest auth

Elympics-provided guest account system. Each account is identified by a string secret generated randomly on client instances.

Features offered by other forms of authentication like avatars are missing from the guest auth system.

tip

Making the generated secret persist allows users to keep their account. It is done by Elympics automatically on desktop and mobile builds, but not within Web apps.

As there is no official method of backing up the secret, it is restricted to a single installation (or Web session). If you want your players to keep their achievements across different devices, it's a good idea to offer them other forms of authentication: based on Telegram user ID or Ethereum wallet address.

Endpoint specs

• Path: https://api.elympics.cc/v2/Auth/user/clientSecretAuth
• Method: PUT
• Headers:
  • Elympics-Publisher-API-Key: YOUR_API_KEY

Example request

{
    "clientSecret": "example"  // random string secret
}

Example 200 response

{
    "jwtToken": "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYW1laWQiOiIzZmI5OWJiOC05MTNjLTQwNTAtYmU2ZC0yYWE4NTA3ZTE1MzMiLCJhdXRoLXR5cGUiOiJjbGllbnQtc2VjcmV0IiwibmJmIjoxNzQzNzk5MzcyLCJleHAiOjE3NDM4ODU3NzIsImlhdCI6MTc0Mzc5OTM3Mn0.MNRrOUAxZDD8a9D4_W5Vqj4CyvL1IzPTv7kvhJPybrKb2Hna3zubRyiELlCcUfeQKSLFkNnL9LABhyCzHzWN4vAd9hl4WQd70F6NSmyZsTkP1sCe9BCEl1ceucL0gJBzq7h4_MIoNoMgQWRuKooQKsAm9o-8Tij_GD1Z6dfKUyyfVjOSFf_oh616FOj4CXgdrwjUB_xFqpQo9raNQCINjw8L_P7TQdMoga7HUbmm17JwwaWPfcb1LmT0QwVYap2GgBEl6jzB13seeDzDfykZi9yIUNla3cP9BfMv8-3ZV115A6Ps85Du4aAkwuALJ9y-GneRUX37bTFYi-wodKF8k0CbfM2rECjLlOUvBC2cePJhmPLInzTxjDdTuvBjZ8dxEe7Lxqxa7F_8ya35EhYf2wmdAAxYf2Yql5JT1ImVdSxiSnTJ6LgPScI9DAbXyGjAZiacdG6--JxdeOv2R20nksrapd0Na-I8TZTZYvbidmT9MBC8_FbBEIzVEo3ckB7E0UxJ2lmfaG94otR1xQUASkoGr_CdvCXwGLMuArp0VORBTMvIseYOqLYWQ3MSrFoW-kTlV6w9JtuI0JTlQHeqqGX-SHxxsnM32ouDj-RfHHawRzuYEzsQFiDk_gd8z2qtyVl0X6-6OltzoleM47PP0CG1sbZcmrpOFOCingVrjo0",
    "userId": "3fb99bb8-913c-4050-be6d-2aa8507e1533",
    "nickname": "Guest-46343"
}