Authorization
#
1. User clicks the Bramble Authorize ButtonOpens up the Bramble Authorization Page. The user puts in his username and password and then is redirected back to the game.
URL
/bramble?response_type=code&client_id=client_id&redirect_uri=callback_url&state=teststate&scope=profile
Method:
GET
URL Query Params
Required:
response_type='code' (example: 'code')
client_id=[String] (example: 'mansim')
redirect_uri=[String] (example: 'http://armygrid.com/callback/')
state=[String] (example: 'teststate')
scope=[String] (example: 'profile')
Success Response:
- Code: 200
Content:Opens the Bramble Authorization Page for the user
- Code: 200
Error Response:
Code: 400
Content:
{ "statusCode": 400, "status": 400, "code": 400, "message": "Invalid client: redirect_uri does not match client value", "name": "invalid_client" }
Code: 400
Content:
{ "statusCode": 400, "status": 400, "code": 400, "message": "Invalid client: missing client grants", "name": "invalid_client" }
Code: 400
Content:
{ "statusCode": 400, "status": 400, "code": 400, "message": "Unsupported response type: response_type is not supported", "name": "unsupported_response_type" }
Sample Call:
Notes:
The user will be redirected after the authorization step to the callback url of the game. The authorization code will be attached to the callback url ( Example: http://armygrid.com/callback/authorization_code ). Extract the authorization_code value and use it in the next request.
#
2. Authorization Grant RequestThe access Token which will help you to send reward data to Bramble API is received in this request.
URL
/grant
Method:
POST
Header Params
Required:
Authorization='Basic ' + btoa('client_id:client_secret_id)'
Body Params(raw JSON):
{ "grant_type":"authorization_code", "code":"authorization_code_recieved_in_the_previous request", "redirect_uri":"armygrid.com/bramble_callback/" }
Success Response:
- Code: 200
Content:{ "accessToken": "199146e7e010ffa216301333b4c8cc14b9184958", "accessTokenExpiresAt": "2020-03-24T13:34:07.337Z", "scope": "profile", "refreshToken": "1dcabd1c75520b4b8567517fc8cd0a8e218865b2", "refreshTokenExpiresAt": "2020-04-24T21:21:56.017Z" }
- Code: 200
Error Response:
- Code: 400
Content:{ "statusCode": 400, "status": 400, "code": 400, "message": "Invalid grant: authorization code has expired", "name": "invalid_grant" }
- Code: 400
Sample Call:
Notes:
You will get two tokens. Refresh Token and Access Token. Refresh Token is the one which doesn't expire frequently but Access token expire frequently. This Access Token will help you in sending the Achievement Data to the Bramble API as seen in the next request.
#
3. Renewing Access Token / Refresh Token to get back access to the Bramble APISometimes the Access Token / Refresh Token will expire you will renew them again by this request
URL
/renew
Method:
POST
Header Params
Authorization='Basic ' + btoa('client_id:client_secret_id)'
URL Query Params
Recommended:
type=[String] (example: 'access')
It will renew only the access token, if set, if not then it will renew both refresh token and access token.
Body Params(raw JSON)
{ "grant_type": "refresh_token", "refresh_token": "a6332349d0eb240b26f03a53ec12ad12d53ab90b" }
Success Response:
- Code: 200
Content:{ "access_token": "199146e7e010ffa216301333b4c8cc14b9184958", "accessTokenExpiresAt": "2020-03-24T13:34:07.337Z", "scope": "profile", "refreshToken": "1dcabd1c75520b4b8567517fc8cd0a8e218865b2", "refreshTokenExpiresAt": "2020-04-24T21:21:56.017Z" }
- Code: 200
Error Response:
Code: 400
Content:{ "statusCode": 400, "status": 400, "code": 400, "message": "Invalid grant: refresh token is invalid", "name": "invalid_grant" }
Code: 400
Content:{ "statusCode": 400, "status": 400, "code": 400, "message": "Invalid client: cannot retrieve client credentials", "name": "invalid_client" }
Code: 401
Content:
{ "statusCode": 401, "status": 401, "code": 401, "message": "Invalid token: refresh token has expired", "name": "invalid_token" }
Sample Call:
Notes:
Using the old refresh Token you can regenerate new Refresh Token and new Access Token again. Refresh Token as it is called is used to refresh or renew tokens.