Game User Access Token Verification Process
- To verify that a user has accessed the game in the Game Server, the following process is executed:
- Game User Access Token is obtained from the Game Client
- Validity of Game User Access Token is verified through the Stove Server
- Confirm user
Game User Access Token Verification Sequence Diagram
Access Token Type
| Token Type |
Issue |
Role |
Valid |
| Game User Access Token |
Client |
Verifies user. |
6 hrs(21600000ms) |
| Refresh Token |
Client |
To communicate with the Stove API server, you authenticate with the server. |
720 hrs(30 Day) |
| Server Access Token |
Server |
Verifies server to communicate with the Stove API server. |
720 hrs(30 Day) |
Game User Access Token
- Refers to the token obtained through the StoveSDK_GetToken() function from the Client to the PC_SDK (hereafter referred to as the Game User Access Token).
- There are two types of tokens obtained through the StoveSDK_GetToken() function.
- Game User Access Token : An access token that serves as a proof of authorization for security reasons and has a relatively short validity period (6 hours).
- The Game User Access Token has a validity period of 6 hours (21600000ms) and requires reissuance after the expiration time.
API Access Token Introduction
- The issued
API Access Token is used for requests.
- The issued token must be passed in the
authorization header.
- The validity of an
API Access Token is 30 days.
- The validity period can be changed per client_id.
- It is recommended to periodically call the "API Access Token issuance API" to renew the token, or to save "expires_in" and call the issuance API to renew the token before expiration.
- When calling the API Access Token Issuance API, if the validity period of the existing token remains, the existing token is passed, and if less than 30% remains, a new token is issued.
- The same server token can be used on multiple servers, and we expect the API call cycle to be different for each server, so even after issuing a new token, the existing token can be used until the existing validity period.
<aside>
💡 Take Note
Authentication is required for the game server to communicate with the Stove API server, which requires an API Access Token.
The API Access Token is valid for 30 days and must be reissued after the expiration date.
(read below for more details)
</aside>
Issue API Access Token
Pre-checklist