Skip to main content

Get authorized in OpenAPI

Last updated on October 24, 2024

Overview

OpenAPI is a toolset that simplifies API development by helping you design and document your APIs. AccelByte uses OpenAPI to develop and manage AccelByte Gaming Services (AGS) API endpoints. You can get authorization to use OpenAPI either by using the AGS Admin Portal or by using Curl. This How-to article will walk you each option.

Use the AGS Admin Portal

Follow the steps below to get authorization using the Admin Portal.

  1. On the AGS Admin Portal sidebar, go to Game Setup > Games and Apps

    note

    Take note of the namespace you are in as you will need this information later.

  2. Copy the Client ID of the list of client you'd like to use to access the endpoints.

  3. Open the API endpoint for the service you want to access (e.g., IAM). You can find the list of our services on the API Endpoints page.

  4. Click the Authorize button in the top-right corner of the screen.

  5. Under Basic authorization, paste your Client ID into the Username field and click Authorize.

  6. Type a random sequence of characters in the Password field and then delete them. Click the Authorize button.

    note

    You need to type something into the Password and then delete it before pressing Authorize. Otherwise, OpenAPI will denote the password as undefined rather than an empty string, which will prevent logging in.

  7. Use the https://docs.accelbyte.io/api-explorer/#IAM/TokenGrantV3 endpoint. Click Try it out and then do the following:

    • For Grant Type, select password.

    • For User Name and Password, enter your AGS Admin Portal username and password.

    • Input the namespace that contains the client whose ID you used to authorize.

      When you're finished, click Execute. The access token you need will be returned in the server response.

      Example image of an access token string

  8. Copy the contents of the Response body, starting from { "access_token". This will be a very long string, as seen in the image above.

  9. Click Authorize in the top-right to return to the available authorizations window.

  10. In the authorization (apiKey) section, type the word BEARER, ensuring it's in all capitals, followed by one space. Then, paste your access token and click Authorize.

  11. Click Close in the Basic authorization section. You can now test the API endpoints.

Use Curl

If you use Curl, you can also get an access token for OpenAPI using the code below.

curl -X 'POST' \
'<<base_url>>/iam/v3/oauth/token' \
-H 'accept: application/json' \
-H 'authorization: Basic <<client_credential>>' \
-H 'Content-Type: application/x-www-form-urlencoded' \
-d 'grant_type=password&username=<<username>>&password=<<password>>'

Type the above code into command prompt:

* Replace `<<base_url>>` with your base URL.
* Replace `<<client_credential>>` with your OAuth Token in the format of `client_id:client_secret` in base64 encoding.
* Replace `<<username>>` with your username.
* Replace `<<password>>` with your password.

When you're finished, press Enter.

Response

Here is an example response to a successful request:

{
"access_token": "string",
"bans": [
{
"ban": "string",
"disabledDate": "2022-09-01T03:19:32.816Z",
"enabled": true,
"endDate": "2022-09-01T03:19:32.816Z",
"targetedNamespace": "string"
}
],
"display_name": "string",
"expires_in": 0,
"is_comply": true,
"jflgs": 0,
"namespace": "string",
"namespace_roles": [
{
"namespace": "string",
"roleId": "string"
}
],
"permissions": [
{
"action": 0,
"resource": "string",
"schedAction": 0,
"schedCron": "string",
"schedRange": [
"string"
]
}
],
"platform_id": "string",
"platform_user_id": "string",
"refresh_expires_in": 0,
"refresh_token": "string",
"roles": [
"string"
],
"scope": "string",
"token_type": "string",
"user_id": "string",
"xuid": "string"
}
tip

You can copy the access_token value from the response and paste it into OpenAPI preceded by the word BEARER, as in step 10 in the Admin Portal section.