⭐️ identity.setup
Gets or creates an identity.
Passing an existing identity token in the body refreshes the token.
Temporary Accounts
Until the identity is linked with the Rivet Hub (see PrepareGameLink), this identity will be temporary but still behave like all other identities.
This is intended to allow users to play the game without signing up while still having the benefits of having an account. When they are ready to save their account, they should be instructed to link their account (see PrepareGameLink).
Storing Token
identity_token should be stored in some form of persistent storage. The token should be read from storage and passed to Setup every time the client starts.
POST https://identity.api.rivet.gg/v1/identities
curl -X POST -d '@body.json' 'https://identity.api.rivet.gg/v1/identities'
Authorizations
Bearer authentication header of the form Bearer <token>, where <token> is your auth token.
Body
Documentation at https://jwt.io/
Response
Information about the identity that was just authenticated.
Token used to authenticate the identity.
Should be stored somewhere permanent.
Pass this to rivet.api.identity#Setup$existing_identity_token next time rivet.api.identity#Setup is called.
Token has a 90 day TTL.
This means that if rivet.api.identity#Setup is not called again within 90 days, the token will no longer be valid.
If this happens, the user can recover their account through the linking process (see rivet.api.identity#PrepareGameLink).
This token should be stored locally and never sent to a server or another device.
If this token is compromised, anyone with access to this token has control of the identity.
If this token is comprimised, anyone with access to this token has control of the identity.
curl -X POST -d '@body.json' 'https://identity.api.rivet.gg/v1/identities'