Guides
Start typing to search…

Integrating PlaySafe ID

Overview

There are three simple steps to integrate PlaySafe ID to your game or service.

  1. Authenticate users - Allow users to connect their PlaySafe ID to your game via our user authorisation flow, from which you can then retrieve their PlaySafe ID.
  2. Check the PlaySafe ID - Before letting users into PlaySafe Protected servers or matchmaking, check their PlaySafe IDs to ensure they are still allowed to play, and use the age bands to manage compliance.
  3. Notify us of offences- If you've caught someone cheating, botting, or being inappropriate to children, submit the offence to our API along with any evidence you have captured.

How PlaySafe ID works


Step 1: Authenticate Users

📘

TL;DR

Add a button/link to your game client or website to allow users to login and connect their PlaySafe ID.

Users authorise connections between their PlaySafe ID and games with an OAuth-style flow. PlaySafe provides a configurable link that will redirect a user back to a URL of your choice once they have logged in, proven they are a real person, and authorised that they want to provide you with their PlaySafe ID.

To get started you'll need a developer account to get the required credentials and set up your games - contact us about setting up a developer account at [email protected].


1. Setup your Developer account

Once logged into your developer account, head to the developer settings on the PlaySafe ID website to create your first game and retrieve your API key. We may have already prepared this for you, so check your communications from us.

❗️

Make sure that the API key is stored safely; only accessible to systems that need it and never client-side.


2. Add the PlaySafe ID login to your Game

Using the details from the previous step, we can now create create a link that can be used as an in-game button or on your website for connecting users.

https://app.playsafeid.com/oauth/authorize?client_id=CLIENT_ID&redirect_uri=REDIRECT_URI=&state=STATE

These parameters should be set to:

  • CLIENT_ID - The ID of the game you want to authorise the user with
  • REDIRECT_URI - The URI that you want to redirect the user to after authorisation (where the code will be returned to).
  • STATE - A URL encodable state parameter that will be returned with the redirect (optional).

When following this link, users will be prompted to login to their PlaySafe ID and follow one of the authorisation flows detailed in the Overview of UX guide. Once the flow is complete, the user will be returned to the redirect URI, along with the state and a code. As an example, it might look like:

https://my.game.service/callback/playsafeid?code=CODE&state=STATE

3. Exchange the code for the PlaySafe ID

The code returned in the callback is a one time use code for initiating the connection between user and game. This should be provided server-side, with your developer API keys, to the user token exchange endpoint on the PlaySafe ID API. A successful exchange will return you the user's PlaySafe ID, which should be stored against that user.


Step 2: Check the PlaySafe ID

📘

TL;DR

Check a user's status before allowing them access to PlaySafe Protected services.

Now that you have a user's PlaySafe ID, you can query the PlaySafe APIs at any time to:

  • View the status of the user's PlaySafe ID
  • View the user's age band (to manage your compliance)
  • View, add, or overturn any offences against that user for your games

Each PlaySafe ID has a status that it can be in, based upon that actions by the user or things that have occurred on that account. The status informs whether the user should be allowed into, or interaction with, PlaySafe Protected servers or matchmaking.

👍

Before any action that provides a user with access to PlaySafe Protected services, you should check the status of that user. The PlaySafe ID Statuses page details actions that should be taken based upon each status, and we ask that you implement the these actions to ensure that users have the best experience possible and to maintain the integrity of the system.


Step 3: Notify us of Offences

📘

TL;DR

Notify us of offences on PlaySafe Protected services by submitting them to our API, including any evidence you have captured.

To keep cheaters, botters, and predators out of PlaySafe Protected services, we need to know when they are cheating, botting, or being inappropriate to children.

Therefore, if you or one of your tools (anti-cheat, moderation, etc.) catch someone in PlaySafe Protected servers or matchmaking:

  • Using software or hardware to gain an unfair advantage over other players
  • Being sexual, grooming, or otherwise inappropriate to children

Then we want you to notify us that this has occurred, by submitting the offence to the Submit Offence endpoint. The offence should include:

  • The user that committed the offence
  • The game that it occurred in
  • The type of offence that occurred
  • Any evidence that you captured that supports the claim

The Offence Types page details the descriptions of the types of offence that it can be categorised as. Other occurrences that do not fall under these types are not considered an offence and should not be sent.

Updated about 23 hours ago

Next page

Next step - User Authentication