# Client Authorization The SDK exposes a limited set of in-game functionality to the user. If an activity requires a signed wallet transaction, then it has to happen through a browser dashboard. Every action performed by the SDK is attributed to a specific game and/or user. Both are identified by the parameters passed in the OAuth authorization header. It is important therefore that: * The user has permissions for what they are trying to achieve with their calls. * The user is active as no calls can be made from a non-existent/disabled/deleted user. After completing the steps in the [Getting Started](/getting-started.md) section, you will receive a CLIENT ID and CLIENT SECRET key pair. Each game needs these to access CGC's API. Once these key pairs have granted, each game will be able to construct a authorization header to meet our OAuth protocol requirements. ```typescript const cgcSdk = new CatheonGamingSdk( "773124bb-57cf-4eae-a7be-980c76ccd340", // client id "1qaz2wsx", // client secret true // dev mode enabled ); ``` ## Access Token Management {% hint style="info" %} Please note that the following methods are automatically handled when you instantiate a new CatheonGamingSDK object, so you do not need to worry about them. We have listed them below for informational purposes only. {% endhint %} ### RequestAccessToken If clientId and clientSecret are provided correctly, you can request an access token from the CGC API. This is required to identify your game against our services for security purposes. ```typescript const cgcTokenResponse = await cgcSdk.requestAccessToken(); ``` **Response:** ``` Event: { string access_token, int64 expiry_access_date, string refresh_token, string token_type } ``` ### RenewAccessToken After receiving your token, you can request that it be renewed. ```typescript const cgcTokenResponse = await cgcSdk.renewAccessToken() ``` **Params:** `string refreshToken` **Response:** ``` Event: { string access_token, int64 expiry_access_date, string refresh_token, string token_type } ``` ### RevokeAccessToken After receiving your token, you can request that it be revoked. ```typescript const cgcTokenResponse = await cgcSdk.revokeAccessToken() ``` **Response:** ``` Event: { string status, int statusCode, string message, } ``` --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.catheongaming.com/client-authorization.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.