Guides

Authentication API

Suggest Edits

Neon's authentication API allows you to sign players into the shop from within the game using a single API call. Use this guide for an overview of the API and testing. You can also reference the /auth/token endpoint documentation for more details.

Overview

  1. The player initiates log in on the shop. Neon generates a "code" for them.
  2. The player enters the code in your game. Neon supports redirecting directly to the game using a deep link, scanning a QR code that deep links into the game, or a manual flow where the player enters the code manually in the game.
  3. Once the game knows the currently signed in player and Neon code, the game server can make a request to the /auth/token endpoint with the code and player information.
  4. The /auth/token endpoint will return a token. You can use this token to redirect the player back to the shop by setting it as a query parameter to the shop URL (e.g. https://shop.mygame.com?token=abcde...). You can also ignore this token and the player's existing shop session will be signed in.

/auth/token Endpoint

The endpoint takes four fields as inputs, summarized here. See the full API reference for details.

  • code: The player's temporary auth code, allowing you to authenticate an existing shop session. If you don't include a code you'll still receive a token which you can use to redirect the player to a pre-authenticated shop session.
  • accountId: This is the player's account ID (a.k.a. user ID, player ID) used to identify the player in your system. This is used to fulfill the items the player purchased in the game.
  • accountDisplayName: This is a display name for the player's account. This can be something like a player defined gamer tag or just their name
  • metadata: This is arbitrary metadata added to the player's session. It is included in analytics events and purchase related webhooks (e.g. the externalMetadata field in purchase.completed)

Generate pre-authenticated storefront URLs

Want to link to your storefront from inside your game? You can call the /auth/token endpoint above without a code; just make sure to pass everything else in as-is. This will return a pre-authenticated storefront URL, so that your users don't have to log in to their accounts again.

Deep Link

If you're using a deep link into your game with our authentication API we'll pass the following query parameters as part of the deep link URL

  • code: This is the temporary auth code (e.g. code=ABC123)
  • redirect: Set to true if we recommend that you redirect the user back to the shop after auth. If unset or set to anything other than true then you should not redirect (i.e. when they scan the QR code)

End-to-End Testing

You can use the authentication API for handling log in for your own end to end tests that involve the shop.

  1. Using your sandbox API key, make an API request to the /auth/token endpoint to receive a token.
  2. Load the shop using your sandbox shop URL with the token as a query parameter. For example if your token is abcd123 and sandbox shop is at https://sandbox.mygame.neonpay.com you should open the URL https://sandbox.mygame.neonpay.com?token=abcd123
  3. Your shop will be loaded and the session automatically authenticated. You can now continue your end to end test.

Updated 12 days ago