Client Authorization

The SDK exposes a limited set of in-game functionality to the user. If an activity requires a signed wallet transaction, then it has to happen through a browser dashboard.

Every action performed by the SDK is attributed to a specific game and/or user. Both are identified by the parameters passed in the OAuth authorization header.

It is important therefore that:

• The user has permissions for what they are trying to achieve with their calls.

• The user is active as no calls can be made from a non-existent/disabled/deleted user.

After completing the steps in the Getting Started section, you will receive a CLIENT ID and CLIENT SECRET key pair. Each game needs these to access CGC's API.

Once these key pairs have granted, each game will be able to construct a authorization header to meet our OAuth protocol requirements.

const cgcSdk = new CatheonGamingSdk(
                "773124bb-57cf-4eae-a7be-980c76ccd340", // client id 
                "1qaz2wsx", // client secret
                true // dev mode enabled
               );

Access Token Management

RequestAccessToken

If clientId and clientSecret are provided correctly, you can request an access token from the CGC API. This is required to identify your game against our services for security purposes.

const cgcTokenResponse = await cgcSdk.requestAccessToken();

Response:

Event: { 
    string access_token, 
    int64 expiry_access_date, 
    string refresh_token, 
    string token_type 
}

RenewAccessToken

After receiving your token, you can request that it be renewed.

const cgcTokenResponse = await cgcSdk.renewAccessToken()

Params: string refreshToken

Response:

Event: {  
    string access_token, 
    int64 expiry_access_date, 
    string refresh_token, 
    string token_type 
}

RevokeAccessToken

After receiving your token, you can request that it be revoked.

const cgcTokenResponse = await cgcSdk.revokeAccessToken()

Response:

Event: { 
    string status,
    int statusCode,
    string message,
}