NAV Navbar
Logo
http shell javascript

Introduction

Welcome to the Brinkbit API!

In this document are language bindings in HTTP, Shell, and JavaScript. You can view code examples in the dark area to the right, and you can switch the programming language of the examples with the tabs in the top right.

Getting Started Checklist

Step Description
1. Create your game in the Brinkbit Control Center.
2. Whitelist your domain in your Game Settings (Note: Only necessary if you’re running from a browser without a proxy).
3. Copy your Game ID and Game Secret Key from your Game Settings.
4. If you’re not using HTTP or Shell directly, find your platform SDK below and follow the SDK init instructions on the Github README.
5. Make a game!

SDKs

Right now, Brinkbit has two SDKs and we’ll be rolling out more soon. Visit the individual repos for information on installing and initializing each SDK.

SDK Type Status Repository/Docs
JavaScript Client alpha https://github.com/Brinkbit/brinkbit.js
Node Server alpha https://github.com/Brinkbit/brinkbit-node
Unity Client coming soon accepting contributions!
Unreal Client coming soon accepting contributions!
PHP Server coming soon accepting contributions!
Ruby Server coming soon accepting contributions!
Python Server coming soon accepting contributions!

Player Authentication

Brinkbit Player Authentication allows you to create an account for each of your players. You can view and manage players in the Brinkbit Control Center.

Create

Create a new player

POST /api/0.1/<game_id>/players/ HTTP/1.1
Host: brinkbit.com
Content-Type: application/json

{
  "username": "<username>",
  "password": "<password>",
  "email": "<email>"
}
curl -X POST \
    https://brinkbit.com/api/0.1/<game_id>/players/ \
    -H 'content-type: application/json' \
    -d '{
    "username": "<username>",
    "email": "<email>",
    "password": "<password>"
}'
// create a new player
const player = new brinkbit.Player({
    username: '<username>',
    email: '<email>',
    password: '<password>',
});
player.save()
.then(() => {
    // player has been created on server
});

// shortcut
brinkbit.Player.create({
    username: '<username>',
    email: '<email>',
    password: '<password>',
})
.then(( player ) => {
    // player is an authenticated player object
})

Create a new player.

HTTP Request

POST /api/0.1/<game_id>/players/

SDK save() method

When creating a player, the first time you call save, the player will be created on the server. Subsequent requests will update the player’s account info if it changed.

JSON Parameters

Parameter Description
username The player’s username
email The player’s email
password The player’s password

Login

Authenticate a player

POST /api/0.1/<game_id>/token/ HTTP/1.1
Host: brinkbit.com
Content-Type: application/json

{
  "client_id": "<game_id>",
  "username": "<username_or_email>",
  "password": "<password>",
  "grant_type": "password",
  "scope": "<access_scope>"
}
curl -X POST \
    http://brinkbit.com/api/0.1/<game_id>/token/ \
    -H 'Content-Type: application/json' \
    -d '{
    "client_id": "<game_id>",
    "username": "<username_or_email>",
    "password": "<password>",
    "grant_type": "password",
    "scope": "<access_scope>"
}'
// login a player
brinkbit.login({
    username: 'Violet', // can also be email
    password: 'FireballsAreTheWorst',
})
.then(( player ) => {
    // player is an authenticated player object
});

Logging in a player via the SDK returns an instance for that player. You can use this instance to save data on the player.

HTTP Request

POST /api/0.1/<game_id>/token/

SDK Parameters

Parameter Description
username The player’s username or email
password The player’s password

Direct API Requests

When making a direct API request to authenticate a player, the parameters are slightly different. See User Access Tokens for more information.

Forgot Password

Send an email with a link to reset a player’s password

POST /api/0.1/<game_id>/forgot/ HTTP/1.1
Host: brinkbit.com
Content-Type: application/json

{
  "emailOrUsername": "<username_or_email>"
}
curl -X POST \
    https://brinkbit.com/api/0.1/<game_id>/forgot/ \
    -H 'content-type: application/json' \
    -d '{
    "emailOrUsername": "<username_or_email>"
}'
brinkbit.forgot({ emailOrUsername: '<username_or_email>' })
.then(() => {
    // email has been sent
});

// alternative if the username or email is stored on player
player.forgot()
.then(() => {
    // email has been sent
});

Requesting this method will send an email to the player with details for reseting their password. The email will include a link containing a reset password token. This token can then be used to authorize a request to reset the player’s password.

You can configure the format of the email, reset url, and content in the Brinkbit Control Center.

HTTP Request

POST /api/0.1/<game_id>/forgot/

JSON Parameters

gameId is required with at least one of the following parameters:

Parameter Description
username The player’s username
email The player’s email
emailOrUsername Accepts either player’s email or username

Validate Reset Token

Validate a password reset token

This method is useful for determining whether to display your reset password screen or to redirect the player to the login screen. If the token is valid, the server will return a successful 200 response. In the case of an invalid token, a 404 will be returned.

GET /api/0.1/<game_id>/reset/?token=<reset_pwd_token> HTTP/1.1
Host: brinkbit.com
Content-Type: application/json
curl -X GET \
    'https://brinkbit.com/api/0.1/<game_id>/reset/?token=<reset_pwd_token>' \
    -H 'content-type: application/json'
brinkbit.validateResetToken( '<token>' )
.then(() => {
    // token is valid
})
.catch(() => {
    // token is invalid
});

HTTP Request

GET /api/0.1/<game_id>/reset/

Query Parameters

Parameter Description
token The password reset token included in the Forgot Password reset email

Reset Password

Reset a user’s password

This method is useful for determining whether to display your reset password screen or to redirect the player to the login screen. If the token is valid, the server will return a successful 200 response. In the case of an invalid token, a 401 will be returned.

POST /api/0.1/<game_id>/reset/ HTTP/1.1
Host: brinkbit.com
Content-Type: application/json

{
  "token": "<reset_pwd_token>",
  "password": "<new_password>"
}
curl -X POST \
    https://brinkbit.com/api/0.1/<game_id>/reset/ \
    -H 'content-type: application/json' \
    -d '{
    "token": "<reset_pwd_token>",
    "password": "<new_password>"
}'
// SDK method coming soon

HTTP Request

POST /api/0.1/<game_id>/reset/

JSON Parameters

Parameter Description
token The password reset token included in the Forgot Password reset email
password The new password

Update Password

Update a player’s password

POST /api/0.1/<game_id>/players/<player_id>/password/ HTTP/1.1
Host: brinkbit.com
Content-Type: application/json
Authorization: Bearer <user_token>

{
  "data": "<new_password>"
}
curl -X POST \
    https://brinkbit.com/api/0.1/<game_id>/players/<player_id>/password/ \
    -H 'authorization: Bearer <user_token>' \
    -H 'content-type: application/json' \
    -d '{
    "data": "<new_password>"
}'
// SDK method coming soon

This method of password reset should be used when the player is already authenticated. For example, when the user is already logged in and simply wants to change the password they already use. If the user does not know their password, you should use the Forgot Password flow.

Path Parameters

Parameter Description
player_id The player’s id

JSON Parameters

Parameter Description
data The new password to use

Authorization

Requires a User Access Token for the requested player to be included in the request.

Player Data

Player account info is limited to the player’s username, email, id, and date created. These properties are the only information that is stored on the player object. Additional information should be stored as generic player data.

Generic player data is JSON data that only a single player can access and update. Each player data object has a unique key which is used to identify the resource. This key is specified at the time of creation at the end of the request path.

Authorized third-party plugins can create data on behalf of your players. When making a request from a plugin, you should specify your plugin id in the request path to prevent accidental namespace collision. If the request is from your game and not a plugin, you should use your game id as the plugin_id.

Request Account Info

Request a player’s account info

GET /api/0.1/<game_id>/playerinfo/ HTTP/1.1
Host: brinkbit.com
Content-Type: application/json
Authorization: Bearer <user_token>
GET /api/0.1/<game_id>/players/<player_id>/ HTTP/1.1
Host: brinkbit.com
Content-Type: application/json
Authorization: Bearer <user_token>
curl -X GET \
    https://brinkbit.com/api/0.1/<game_id>/playerinfo/ \
    -H 'authorization: Bearer <user_token>' \
    -H 'content-type: application/json'
curl -X GET \
    https://brinkbit.com/api/0.1/<game_id>/player/<player_id>/ \
    -H 'authorization: Bearer <user_token>' \
    -H 'content-type: application/json'
player.fetch()
.then(() => {
    // player has been updated with values from server
});

Player account info includes the player’s username, email, id, and date created.

HTTP Request

The following route will return the account information for whatever player’s access token was provided

GET /api/0.1/<game_id>/playerinfo/

Alternatively, you can request a player’s account info using their id

GET /api/0.1/<game_id>/player/<player_id>/

Path Parameter

Parameter Description
player_id The player’s id

Authorization

Requires a User Access Token for the requested player to be included in the request.

Update Account Info

Update a player’s account info

PUT /api/0.1/<game_id>/players/<player_id>/ HTTP/1.1
Host: brinkbit.com
Content-Type: application/json
Authorization: Bearer <user_token>

{
  "email": "<new_email>"
}
POST /api/0.1/<game_id>/players/<player_id>/email/ HTTP/1.1
Host: brinkbit.com
Content-Type: application/json
Authorization: Bearer <user_token>

{
  "data": "<new_email>"
}
curl -X PUT \
    https://brinkbit.com/api/0.1/<game_id>/players/<player_id>/ \
    -H 'authorization: Bearer <user_token>' \
    -H 'content-type: application/json' \
    -d '{
    "email": "<new_email>"
}'
curl -X POST \
    https://brinkbit.com/api/0.1/<game_id>/players/<player_id>/email/ \
    -H 'authorization: Bearer <user_token>' \
    -H 'content-type: application/json' \
    -d '{
    "data": "<new_email>"
}'
player.save()
.then(() => {
    // local values have been saved to the server
});

Of a player’s account info, only the player’s email can be updated using this call. Updating a password requires a separate explicit call. (See below)

SDK save() method

When creating a player, the first time you call save, the player will be created on the server. Subsequent requests will update the player’s account info if it changed.

JSON Parameter

Parameter Request Description
email PUT /players/ The player’s email address
data POST /players/:player_id/ The player’s email address

Path Parameter

Parameter Description
player_id The player’s id

Authorization

Requires a User Access Token for the requested player to be included in the request.

Create Generic data

Creates generic data associated with the player

POST /api/0.1/<game_id>/data/<plugin_id>/players/<player_id>/keys/<key> HTTP/1.1
Host: brinkbit.com
Content-Type: application/json
Authorization: Bearer <user_token>

<json_data>
curl -X POST \
    https://brinkbit.com/api/0.1/<game_id>/data/<plugin_id>/players/<player_id>/keys/<key> \
    -H 'authorization: Bearer <user_token>' \
    -H 'content-type: application/json' \
    -d <json_data>
// sdk method coming soon

Creates generic data associated with the player

HTTP Request

POST /api/0.1/<game_id>/data/<plugin_id>/players/<player_id>/keys/<key>

Path Parameters

Parameter Description
plugin_id The id of the plugin making the request. This can be the same as the game_id
game_id The id of the game
player_id The player’s id
key The unique key which will be used to identify the resource

Authorization

Requires a User Access Token for the requested player to be included in the request.

Request Generic data

Requests generic data associated with the player

GET /api/0.1/<game_id>/data/<plugin_id>/players/<player_id>/keys/<key> HTTP/1.1
Host: brinkbit.com
Content-Type: application/json
Authorization: Bearer <user_token>

<json_data>
curl -X GET \
    https://brinkbit.com/api/0.1/<game_id>/data/<plugin_id>/players/<player_id>/keys/<key> \
    -H 'authorization: Bearer <user_token>' \
    -H 'content-type: application/json' \
    -d <json_data>
// sdk method coming soon

Requests generic data associated with the player

HTTP Request

GET /api/0.1/<game_id>/data/<plugin_id>/players/<player_id>/keys/<key>

Path Parameters

Parameter Description
plugin_id The id of the plugin making the request. This can be the same as the game_id
game_id The id of the game
player_id The player’s id
key The unique key which will be used to identify the resource

Authorization

Requires a User Access Token for the requested player to be included in the request.

Update Generic data

Updates generic data associated with the player

PUT /api/0.1/<game_id>/data/<plugin_id>/players/<player_id>/keys/<key> HTTP/1.1
Host: brinkbit.com
Content-Type: application/json
Authorization: Bearer <user_token>

<json_data>
curl -X PUT \
    https://brinkbit.com/api/0.1/<game_id>/data/<plugin_id>/players/<player_id>/keys/<key> \
    -H 'authorization: Bearer <user_token>' \
    -H 'content-type: application/json' \
    -d <json_data>
// sdk method coming soon

Updates generic data associated with the player

HTTP Request

PUT /api/0.1/<game_id>/data/<plugin_id>/players/<player_id>/keys/<key>

Path Parameters

Parameter Description
plugin_id The id of the plugin making the request. This can be the same as the game_id
game_id The id of the game
player_id The player’s id
key The unique key which will be used to identify the resource

Authorization

Requires a User Access Token for the requested player to be included in the request.

Destroy Generic data

Destroys generic data associated with the player

DELETE /api/0.1/<game_id>/data/<plugin_id>/players/<player_id>/keys/<key> HTTP/1.1
Host: brinkbit.com
Content-Type: application/json
Authorization: Bearer <user_token>

<json_data>
curl -X DELETE \
    https://brinkbit.com/api/0.1/<game_id>/data/<plugin_id>/players/<player_id>/keys/<key> \
    -H 'authorization: Bearer <user_token>' \
    -H 'content-type: application/json' \
    -d <json_data>
// sdk method coming soon

Destroys generic data associated with the player

HTTP Request

DELETE /api/0.1/<game_id>/data/<plugin_id>/players/<player_id>/keys/<key>

Path Parameters

Parameter Description
plugin_id The id of the plugin making the request. This can be the same as the game_id
game_id The id of the game
player_id The player’s id
key The unique key which will be used to identify the resource

Authorization

Requires a User Access Token for the requested player to be included in the request.

Game Data

Game data is JSON data that is publicly readable but can only be created, updated, and destroyed by your application. Modifying game data should only be done from a secure client such as a server, or a private tool. Any client distributed to end users such as a mobile game, desktop application, or webpage is inherently insecure. You should only read game data from these sources, which does not require a client access token.

Create Generic data

Creates generic data associated with the game

POST /api/0.1/<game_id>/data/<plugin_id>/keys/<key> HTTP/1.1
Host: brinkbit.com
Content-Type: application/json
Authorization: Bearer <client_token>

<json_data>
curl -X POST \
    https://brinkbit.com/api/0.1/<game_id>/data/<plugin_id>/keys/<key> \
    -H 'authorization: Bearer <client_token>' \
    -H 'content-type: application/json' \
    -d <json_data>
// sdk method coming soon

Creates generic data associated with the game

HTTP Request

POST /api/0.1/<game_id>/data/<plugin_id>/keys/<key>

Path Parameters

Parameter Description
plugin_id The id of the plugin making the request. This can be the same as the game_id
game_id The id of your game
key The unique key which will be used to identify the resource

Authorization

Requires a Client Access Token for the requested game to be included in the request.

Request Generic data

Requests generic data associated with the game

GET /api/0.1/<game_id>/data/<plugin_id>/keys/<key> HTTP/1.1
Host: brinkbit.com
Content-Type: application/json
curl -X GET \
    https://brinkbit.com/api/0.1/<game_id>/data/<plugin_id>/keys/<key> \
    -H 'content-type: application/json' \
// sdk method coming soon

Requests generic data associated with the game

HTTP Request

GET /api/0.1/<game_id>/data/<plugin_id>/keys/<key>

Path Parameters

Parameter Description
plugin_id The id of the plugin making the request. This can be the same as the game_id
game_id The id of your game
key The unique key which will be used to identify the resource

Update Generic data

Updates generic data associated with the game

PUT /api/0.1/<game_id>/data/<plugin_id>/keys/<key> HTTP/1.1
Host: brinkbit.com
Content-Type: application/json
Authorization: Bearer <client_token>

<json_data>
curl -X PUT \
    https://brinkbit.com/api/0.1/<game_id>/data/<plugin_id>/keys/<key> \
    -H 'authorization: Bearer <client_token>' \
    -H 'content-type: application/json' \
    -d <json_data>
// sdk method coming soon

Updates generic data associated with the game

HTTP Request

PUT /api/0.1/<game_id>/data/<plugin_id>/keys/<key>

Path Parameters

Parameter Description
plugin_id The id of the plugin making the request. This can be the same as the game_id
game_id The id of your game
key The unique key which will be used to identify the resource

Authorization

Requires a Client Access Token for the requested game to be included in the request.

Destroy Generic data

Destroys generic data associated with the game

DELETE /api/0.1/<game_id>/data/<plugin_id>/keys/<key> HTTP/1.1
Host: brinkbit.com
Content-Type: application/json
Authorization: Bearer <client_token>

<json_data>
curl -X DELETE \
    https://brinkbit.com/api/0.1/<game_id>/data/<plugin_id>/keys/<key> \
    -H 'authorization: Bearer <client_token>' \
    -H 'content-type: application/json' \
    -d <json_data>
// sdk method coming soon

Destroys generic data associated with the game

HTTP Request

DELETE /api/0.1/<game_id>/data/<plugin_id>/keys/<key>

Path Parameters

Parameter Description
plugin_id The id of the plugin making the request. This can be the same as the game_id
game_id The id of your game
key The unique key which will be used to identify the resource

Authorization

Requires a Client Access Token for the requested game to be included in the request.

Leaderboards

Brinkbit provides a default Leaderboard plugin to manage creating and comparing user scores. You can create your first leaderboard in the Brinkbit Control Center and then use these methods to save and query scores.

Request Leaderboard

Requests a leaderboard

GET /api/0.1/<game_id>/data/leaderboards/queries/players/leaderboard?_sortOrder=1&amp;_skip=0&amp;_leaderboardId=<leaderboard_id> HTTP/1.1
Host: brinkbit.com
Content-Type: application/json
Authorization: Bearer <user_token>
curl -X GET \
    'https://brinkbit.com/api/0.1/<game_id>/data/leaderboards/queries/players/leaderboard?_sortOrder=1&_skip=0&_leaderboardId=<leaderboard_id>' \
    -H 'authorization: Bearer <user_token>' \
    -H 'content-type: application/json'
// sdk method coming soon

Requests a leaderboard

HTTP Request

POST /api/0.1/<game_id>/data/leaderboards/players/<player_id>/keys/<leaderboard_id>

Path Parameters

Parameter Description
game_id The id of your game
player_id The id of the player
leaderboard_id The id of the leaderboard created in the brinkbit control center

JSON Parameters

Parameter Description
score The score being stored
leaderboard_id The id of the leaderboard created in the brinkbit control center

Authorization

Requires a User Access Token for the requested game to be included in the request.

Create Leaderboard Score

Creates a score associated with a leaderboard

POST /api/0.1/<game_id>/data/leaderboards/players/<player_id>/keys/<leaderboard_id> HTTP/1.1
Host: brinkbit.com
Content-Type: application/json
Authorization: Bearer <user_token>

{
  "type": "score",
  "leaderboardId": "<leaderboard_id>",
  "resource": "leaderboard",
  "score": <score>
}
curl -X POST \
    https://brinkbit.com/api/0.1/<game_id>/data/leaderboards/players/<player_id>/keys/<leaderboard_id> \
    -H 'authorization: Bearer <user_token>' \
    -H 'content-type: application/json' \
    -d '{
    "type": "score",
    "leaderboardId": "<leaderboard_id>",
    "resource": "leaderboard",
    "score": <score>
}'
// sdk method coming soon

Creates a score associated with a leaderboard

HTTP Request

POST /api/0.1/<game_id>/data/leaderboards/players/<player_id>/keys/<leaderboard_id>

Path Parameters

Parameter Description
game_id The id of your game
player_id The id of the player
leaderboard_id The id of the leaderboard created in the brinkbit control center

JSON Parameters

Parameter Description
score The score being stored
leaderboard_id The id of the leaderboard created in the brinkbit control center

Authorization

Requires a User Access Token for the requested game to be included in the request.

Request Leaderboard Score

Requests a score associated with a leaderboard

GET /api/0.1/<game_id>/data/leaderboards/players/<player_id>/keys/<leaderboard_id> HTTP/1.1
Host: brinkbit.com
Content-Type: application/json
Authorization: Bearer <user_token>
curl -X GET \
    https://brinkbit.com/api/0.1/<game_id>/data/leaderboards/players/<player_id>/keys/<leaderboard_id> \
    -H 'authorization: Bearer <user_token>' \
    -H 'content-type: application/json'
// sdk method coming soon

Requests a score associated with a leaderboard

HTTP Request

GET /api/0.1/<game_id>/data/leaderboards/players/<player_id>/keys/<leaderboard_id>

Path Parameters

Parameter Description
game_id The id of your game
player_id The id of the player
leaderboard_id The id of the leaderboard created in the brinkbit control center

Authorization

Requires a User Access Token for the requested game to be included in the request.

Update Leaderboard Score

Updates a score associated with a leaderboard

PUT /api/0.1/<game_id>/data/leaderboards/players/<player_id>/keys/<leaderboard_id> HTTP/1.1
Host: brinkbit.com
Content-Type: application/json
Authorization: Bearer <user_token>

{
  "type": "score",
  "leaderboardId": "<leaderboard_id>",
  "resource": "leaderboard",
  "score": <score>
}
curl -X PUT \
    https://brinkbit.com/api/0.1/<game_id>/data/leaderboards/players/<player_id>/keys/<leaderboard_id> \
    -H 'authorization: Bearer <user_token>' \
    -H 'content-type: application/json' \
    -d '{
    "type": "score",
    "leaderboardId": "<leaderboard_id>",
    "resource": "leaderboard",
    "score": <score>
}'
// sdk method coming soon

Updates a score associated with a leaderboard

HTTP Request

PUT /api/0.1/<game_id>/data/leaderboards/players/<player_id>/keys/<leaderboard_id>

Path Parameters

Parameter Description
game_id The id of your game
player_id The id of the player
leaderboard_id The id of the leaderboard created in the brinkbit control center

JSON Parameters

Parameter Description
score The score being stored
leaderboard_id The id of the leaderboard created in the brinkbit control center

Authorization

Requires a User Access Token for the requested game to be included in the request.

Delete Leaderboard Score

Deletes a score associated with a leaderboard

DELETE /api/0.1/<game_id>/data/leaderboards/players/<player_id>/keys/<leaderboard_id> HTTP/1.1
Host: brinkbit.com
Content-Type: application/json
Authorization: Bearer <user_token>
curl -X DELETE \
    https://brinkbit.com/api/0.1/<game_id>/data/leaderboards/players/<player_id>/keys/<leaderboard_id> \
    -H 'authorization: Bearer <user_token>' \
    -H 'content-type: application/json'
// sdk method coming soon

Deletes a score associated with a leaderboard

HTTP Request

DELETE /api/0.1/<game_id>/data/leaderboards/players/<player_id>/keys/<leaderboard_id>

Path Parameters

Parameter Description
game_id The id of your game
player_id The id of the player
leaderboard_id The id of the leaderboard created in the brinkbit control center

Authorization

Requires a User Access Token for the requested game to be included in the request.

Achievements

Brinkbit provides a default Achievements plugin to manage unlocking achievements. You can create your achievements in the Brinkbit Control Center and then use these methods to unlock and relock them.

Request Revealed Achievements

Requests revealed achievements

GET /api/0.1/<game_id>/data/achievements/queries/games/achievements/revealed?_sortOrder=<sort_order>&amp;_skip=<skip_count>&amp;_count=<count> HTTP/1.1
Host: brinkbit.com
Content-Type: application/json
Authorization: Bearer <user_token>
curl -X GET \
    'https://brinkbit.com/api/0.1/<game_id>/data/achievements/queries/games/achievements/revealed?_sortOrder=<sort_order>&_skip=<skip_count>&_count=<count>' \
    -H 'authorization: Bearer <user_token>' \
    -H 'content-type: application/json'
// sdk method coming soon

Requests revealed achievements

HTTP Request

GET /api/0.1/<game_id>/data/achievements/queries/games/achievements/revealed

Path Parameters

Parameter Description
game_id The id of your game

Query Parameters

Parameter Description
_sortOrder 1 or 0 - either ascending or descending
_skip The number of achievement results to skip
_count The number of results to return

Authorization

Requires a User Access Token for the requested game to be included in the request.

Request Hidden Achievements

Requests hidden achievements

GET /api/0.1/<game_id>/data/achievements/queries/games/achievements/hidden?_sortOrder=<sort_order>&amp;_skip=<skip_count>&amp;_count=<count> HTTP/1.1
Host: brinkbit.com
Content-Type: application/json
Authorization: Bearer <user_token>
curl -X GET \
    'https://brinkbit.com/api/0.1/<game_id>/data/achievements/queries/games/achievements/hidden?_sortOrder=<sort_order>&_skip=<skip_count>&_count=<count>' \
    -H 'authorization: Bearer <user_token>' \
    -H 'content-type: application/json'
// sdk method coming soon

Requests hidden achievements

HTTP Request

GET /api/0.1/<game_id>/data/achievements/queries/games/achievements/hidden

Path Parameters

Parameter Description
game_id The id of your game

Query Parameters

Parameter Description
_sortOrder 1 or 0 - either ascending or descending
_skip The number of achievement results to skip
_count The number of results to return

Authorization

Requires a User Access Token for the requested game to be included in the request.

Request All Achievements

Requests all achievements

GET /api/0.1/<game_id>/data/achievements/queries/games/achievements/all?_sortOrder=<sort_order>&amp;_skip=<skip_count>&amp;_count=<count> HTTP/1.1
Host: brinkbit.com
Content-Type: application/json
Authorization: Bearer <user_token>
curl -X GET \
    'https://brinkbit.com/api/0.1/<game_id>/data/achievements/queries/games/achievements/all?_sortOrder=<sort_order>&_skip=<skip_count>&_count=<count>' \
    -H 'authorization: Bearer <user_token>' \
    -H 'content-type: application/json'
// sdk method coming soon

Requests all achievements

HTTP Request

GET /api/0.1/<game_id>/data/achievements/queries/games/achievements/all

Path Parameters

Parameter Description
game_id The id of your game

Query Parameters

Parameter Description
_sortOrder 1 or 0 - either ascending or descending
_skip The number of achievement results to skip
_count The number of results to return

Authorization

Requires a User Access Token for the requested game to be included in the request.

Request Unlocked Achievements

Requests unlocked achievements

GET /api/0.1/<game_id>/data/achievements/players/<player_id>/queries/achievements/unlocked?_sortOrder=1&amp;_skip=0&amp;_count=10 HTTP/1.1
Host: brinkbit.com
Content-Type: application/json
Authorization: Bearer <user_token>
curl -X GET \
  'https://brinkbit.com/api/0.1/<game_id>/data/achievements/players/<player_id>/queries/achievements/unlocked?_sortOrder=1&_skip=0&_count=10' \
  -H 'authorization: Bearer <user_token>' \
  -H 'content-type: application/json'
// sdk method coming soon

Requests unlocked achievements

HTTP Request

GET /api/0.1/<game_id>/data/achievements/players/<player_id>/queries/achievements/unlocked

Path Parameters

Parameter Description
game_id The id of your game
player_id The id of the player

Query Parameters

Parameter Description
_sortOrder 1 or 0 - either ascending or descending
_skip The number of achievement results to skip
_count The number of results to return

Authorization

Requires a User Access Token for the requested game to be included in the request.

Unlock Achievement

Unlocks an achievement

POST /api/0.1/<game_id>/data/achievements/players/<player_id>/keys/<achievement_id> HTTP/1.1
Host: brinkbit.com
Content-Type: application/json
Authorization: Bearer <user_token>

{
    "resource": "achievements",
    "type": "achievements",
    "achievementId": "<achievement_id>"
}
curl -X POST \
  https://brinkbit.com/api/0.1/<game_id>/data/achievements/players/<player_id>/keys/<achievement_id> \
  -H 'authorization: Bearer <user_token>' \
  -H 'content-type: application/json' \
  -d '{
    "resource": "achievements",
    "type": "achievements",
    "achievementId": "<achievement_id>"
}'
// sdk method coming soon

Unlocks an achievement

HTTP Request

POST /api/0.1/<game_id>/data/achievements/players/<player_id>/keys/<achievement_id>

Path Parameters

Parameter Description
game_id The id of your game
player_id The id of the player
achievement_id The id of the achievement you are unlocking

JSON Parameters

Parameter Description
achievementId The id of the achievement you are unlocking

Authorization

Requires a User Access Token for the requested game to be included in the request.

Relock Achievement

Relocks an achievement that was already unlocked

DELETE /api/0.1/<game_id>/data/achievements/players/<player_id>/keys/<achievement_id> HTTP/1.1
Host: brinkbit.com
Content-Type: application/json
Authorization: Bearer <user_token>
curl -X DELETE \
  https://brinkbit.com/api/0.1/<game_id>/data/achievements/players/<player_id>/keys/<achievement_id> \
  -H 'authorization: Bearer <user_token>' \
  -H 'content-type: application/json'
// sdk method coming soon

Relocks an achievement that was already unlocked

HTTP Request

DELETE /api/0.1/<game_id>/data/achievements/players/<player_id>/keys/<achievement_id>

Path Parameters

Parameter Description
game_id The id of your game
player_id The id of the player
achievement_id The id of the achievement you are relocking

Authorization

Requires a User Access Token for the requested game to be included in the request.

Security

Brinkbit implements the OAuth 2.0 framework for authenticating requests.

For security reasons, we recommend using a server-side SDK to proxy any requests that require game-level permissions. As we roll out support for our cloud scripting product, this will replace the need for a custom server setup.

In general, when using an SDK, you shouldn’t have to worry about authenticating your requests beyond adding your game id and game secret in your server SDK. The SDK will automatically request and send the appropriate tokens.

Users created by your application will only ever be accessible by your application and by the Brinkbit platform. The OAuth authentication strategies ensure that the security and privacy of your users is protected.

IMPORTANT NOTE

Some calls to the /api/0.1/<game_id>/token/ endpoint require you to send your game id and secret so you should NEVER call those directly from a client application.

Only store your game secrets in secure server-side locations. The client application is NOT secure, and should never be trusted for storing secrets. It is possible to accidentally expose game and user data by not properly protecting your game secrets. Please take every precaution to protect your game secrets and treat them as though they were passwords.

Authentication Levels

Brinkbit supports three levels of authentication:

Access Token Overview

Access tokens are requested from https://brinkbit.com/api/0.1/<game_id>/token/.

Authenticate requests with an Access Token by passing it as a Bearer Authorization header:

Authorization: Bearer <access_token>

The type of token you are requesting is specified by the grant_type parameter which is passed in the JSON request data.

User Access Token

Request a User Access Token

POST /api/0.1/<game_id>/token/ HTTP/1.1
Host: brinkbit.com
Content-Type: application/json

{
  "client_id": "<game_id>",
  "username": "<username_or_email>",
  "password": "<password>",
  "grant_type": "password",
  "scope": "<access_scope>"
}
curl -X POST \
    http://brinkbit.com/api/0.1/<game_id>/token/ \
    -H 'Content-Type: application/json' \
    -d '{
    "client_id": "<game_id>",
    "username": "<username_or_email>",
    "password": "<password>",
    "grant_type": "password",
    "scope": "<access_scope>"
}'

User Access Tokens are used for managing data which is private for a particular user or player. You should not store User Access Tokens on your server. For privacy and security reasons, you should only store User Access Tokens on the client that initiated the request.

A Client Access Token will not give you permission to access user data beyond initial creation. To access user data, authenticate your requests using a User Access Token

Parameters

Client Access Token

Request a client access token

POST /api/0.1/<game_id>/token/ HTTP/1.1
Host: brinkbit.com
Content-Type: application/json

{
  "client_id": "<game_id>",
  "client_secret": "<game_secret>",
  "grant_type": "client_credentials",
  "scope": "<access_scope>"
}
curl -X POST \
    http://brinkbit.com/api/0.1/<game_id>/token/ \
    -H 'Content-Type: application/json' \
    -d '{
    "client_id": "<game_id>",
    "client_secret": "<game_secret>",
    "grant_type": "client_credentials",
    "scope": "<access_scope>"
}'

Client access tokens are used for creating users and for managing generic game data.

A Client Access Token will not give you permission to access user data beyond initial creation.

To access user data, authenticate your requests using a User Access Token

Plugin Access Token

Request a plugin access token

Documentation for the Plugin Access Token flow is coming soon.

Errors

Error Code Meaning
400 Bad Request – Something was wrong with your request
401 Unauthorized – Your API key is wrong
403 Forbidden – The resource requested is hidden for administrators only
404 Not Found – The specified resource could not be found
406 Not Acceptable – You requested a format that isn’t json
429 Too Many Requests – You’re sending too many requests! Slow down!
500 Internal Server Error – We had a problem with our server. Try again later.