Skip to content

Verify token

Uses the token, Player ID, and Device ID from PlayerInfo returned after a successful login from the app client to validate the user's token on the app server.

The Verify token API operates through Server-to-Server communication, where the app server calls the Hive authentication server directly. If the app does not allow duplicate logins, you can manage validated tokens or implement session management using the app's own session key.


Request URL

Production URL https://auth.qpyou.cn/v2/game/token/get-token
Distributed environment URL https://auth.globalwithhive.com/v2/game/token/get-token
Sandbox URL https://sandbox-auth.qpyou.cn/v2/game/token/get-token
HTTP Method POST
Content-Type application/json
Data Format JSON
Note

The Hive authentication server is configured in a distributed environment to prepare for failures or unstable network communication.
If a failure occurs while communicating with the authentication server host, or if the timeout defined on the app server is exceeded, the app server must directly call the distributed environment URL (Fallback URL).


Request header

Field name Description Type Required
Authorization User token returned after a successful game client login (PlayerInfo.token) String Y
X-Access-Token User Token returned after a successful game client login
OAuth 2.0 Access Token for player identity verification
String Y
ISCRYPT Whether data is encrypted (0 = not encrypted; always pass 0) Integer Y


Request body

Field name Description Type Required
appid App ID String Y
did Device ID returned after successful login String Y
player_id Authentication Player ID returned after successful login BigInteger Y
include_fields Additional field list Field list for requesting additional information in the response Array N
Note

You can optionally return additional information through the include_fields parameter. When requesting token verification, the response includes the corresponding information under data based on the field values specified in the include_fields array.

Additional field list

Field name Description Type
is_blocked Whether use is restricted (true - restricted, false - normal) Boolean
is_device_registered Whether device management is used (true - used, false - not used) Boolean
join_timestamp player_id registration date (Unix Timestamp) Long
china_pi_no China real-name verification number. Returns null if real-name verification has not been completed String / null


Response body

Field name Description Type
result_code Response code, 0=validation succeeded Integer
result_msg Result message String
token_validation JWT validation result (JWT validation error) Object
token_validation.result_code JWT validation result code Integer
token_validation.result_msg JWT validation result message String
data Object containing the information specified in include_fields in the request Object

Response code

Code value Description
0 Success
2300 Refunded user subject to repayment
4000 Invalid parameter
4001 Request JSON error
2499 JWT validation failed (see token_validation)
5000 DB error
6000 Invalid appid
6001 IdP token error
7000 Invalid token
7001 No token value in header
9999 Unknown error


Request example

{
    "appid": "com.com2us.hivesdk.normal.freefull.apple.global.ios.universal",
    "did": "255764404509548",
    "player_id": 10000000000
}

include_fields

{
    "appid": "com.com2us.hivesdk.normal.freefull.apple.global.ios.universal",
    "did": "255764404509548",
    "player_id": 10000000000,
    "include_fields": ["is_blocked", "is_device_registered", "join_timestamp", "china_pi_no"]
}


Response example

Success

{
    "result_code": 0,
    "result_msg": "SUCCESS",
    "token_validation": {
        "result_code": 0,
        "result_msg": "success"
    }
}

JWT validation failure

{
    "result_code": 2499,
    "result_msg": "JWT validation failed. See token_validation for details.",
    "token_validation": {
        "result_code": 2408,
        "result_msg": "The access token is expired. Please refresh your token."
    }
}

include_fields

{
    "result_code": 0,
    "result_msg": "SUCCESS",
    "token_validation": {
        "result_code": 0,
        "result_msg": "success"
    },
    "data": {
        "is_blocked": false,
        "is_device_registered": false,
        "join_timestamp": 1495594605,
        "china_pi_no": null
    }
}
Note

When JWT validation fails, you can check detailed error information in the token_validation field. For details, see JWT validation error codes.