Skip to main content

Authorization overview

tip

For publisher authorization Elympics endpoints use API Keys provided as a value for Elympics-Publisher-API-Key header.

tip

For player authorization Elympics endpoints use Bearer token authorization with JWT tokens. Should be provided along with API key header.

Inside Telegram Mini App

To authorize the player inside Telegram, Elympics uses Telegram’s initData (detailed here: https://docs.telegram-mini-apps.com/platform/init-data) and Bot id(s) for Telegram Bot(s) where Mini App was registered.

Therefore, Elympics will need:

  • Telegram Bot Id(s) – in order to verify user’s authorization

Publisher (you) will need:

  • Elympics Publisher Api Key (request via private message) (can be provided after sending bot id(s))

Flow description

  1. User opens Mini App.
  2. Use endpoint Telegram Auth V3. Make sure to add an HTTP Header Elympics-Publisher-API-Key with your API key.
  3. Upon successful authorization, you will receive player’s JWT token that can be used in other Elympics endpoints.