Skip to main content

Get authorized in OpenAPI

Last updated on March 9, 2024


OpenAPI is a toolset that simplifies API development by helping you design and document your APIs. AccelByte uses OpenAPI to develop and manage AccelByte Gaming Services (AGS) API endpoints. You can get authorization to use OpenAPI either by using the AGS Admin Portal or by using Curl. This How-to article will walk you each option.

Use the AGS Admin Portal

Follow the steps below to get authorization using the Admin Portal.

  1. Log in to a game namespace in the AGS Admin Portal and go to Authorizations > IAM Clients.


    Take note of the namespace you are in as you will need this information later.

  2. Copy the Client ID of the list of client you'd like to use to access the endpoints.

  3. Open the API endpoint for the service you want to access (e.g., IAM). You can find the list of our services on the API Endpoints page.

  4. Click the Authorize button in the top-right corner of the screen.

  5. Under Basic authorization, paste your Client ID into the Username field and click Authorize.

  6. Type a random sequence of characters in the Password field and then delete them. Click the Authorize button.


    You need to type something into the Password and then delete it before pressing Authorize. Otherwise, OpenAPI will denote the password as undefined rather than an empty string, which will prevent logging in.

  7. Use the endpoint. Click Try it out and then do the following:

    • For Grant Type, select password.

    • For User Name and Password, enter your AGS Admin Portal username and password.

    • Input the namespace that contains the client whose ID you used to authorize.

      When you're finished, click Execute. The access token you need will be returned in the server response.

      Example image of an access token string

  8. Copy the contents of the Response body, starting from { “access_token”. This will be a very long string, as seen in the image above.

  9. Click Authorize in the top-right to return to the available authorizations window.

  10. In the authorization (apiKey) section, type the word BEARER, ensuring it's in all capitals, followed by one space. Then, paste your access token and click Authorize.

  11. Click Close in the Basic authorization section. You can now test the API endpoints.

Use Curl

If you use Curl, you can also get an access token for OpenAPI using the code below.

curl -X 'POST' \
'<<base_url>>/iam/v3/oauth/token' \
-H 'accept: application/json' \
-H 'authorization: Basic <<client_credential>>' \
-H 'Content-Type: application/x-www-form-urlencoded' \
-d 'grant_type=password&username=<<username>>&password=<<password>>'

Type the above code into command prompt:

* Replace `<<base_url>>` with your base URL.
* Replace `<<client_credential>>` with your OAuth Token in the format of `client_id:client_secret` in base64 encoding.
* Replace `<<username>>` with your username.
* Replace `<<password>>` with your password.

When you're finished, press Enter.


Here is an example response to a successful request:

"access_token": "string",
"bans": [
"ban": "string",
"disabledDate": "2022-09-01T03:19:32.816Z",
"enabled": true,
"endDate": "2022-09-01T03:19:32.816Z",
"targetedNamespace": "string"
"display_name": "string",
"expires_in": 0,
"is_comply": true,
"jflgs": 0,
"namespace": "string",
"namespace_roles": [
"namespace": "string",
"roleId": "string"
"permissions": [
"action": 0,
"resource": "string",
"schedAction": 0,
"schedCron": "string",
"schedRange": [
"platform_id": "string",
"platform_user_id": "string",
"refresh_expires_in": 0,
"refresh_token": "string",
"roles": [
"scope": "string",
"token_type": "string",
"user_id": "string",
"xuid": "string"

You can copy the access_token value from the response and paste it into OpenAPI preceded by the word BEARER, as in step 10 in the Admin Portal section.