Sport Buff allows end users to view content without being logged in. However, to participate in activities like playing along and appearing on the leaderboard, authentication is required.
Important: API authentication should only be performed from your backend to avoid exposing your API key.
Note: If using SDK login, you can handle the login flow yourself and pass the token to our SDK afterward.
Warning: Anonymous login is not retainable across devices or app installs, as the identity data is stored locally on the device or browser.
To authenticate a user, use the following REST API endpoint to obtain a token:
API Request
{
"method": "POST",
"url": "https://api.Account_Name.buffup.net/users",
"headers": {
"Content-Type": "application/json",
"X-API-Key": "API_KEY"
},
"body": {
"opaqueID": "123456",
"displayName": "ILoveSportBuff",
"email": "[email protected]",
"firstName": "John",
"lastName": "Doe",
"country": "UK"
}
}
Request Object Format
{
"title": "User",
"type": "object",
"properties": {
"opaqueID": {
"type": "string",
"description": "A unique ID for this user in your system"
},
"displayName": {
"type": "string",
"description": "How to display the user (Min 3 characters, Max 25)"
},
"email": {
"type": "string",
"description": "User's email address"
},
"firstName": {
"type": "string",
"description": "User's first name"
},
"lastName": {
"type": "string",
"description": "User's last name"
},
"country": {
"type": "string",
"description": "Alpha-2 country code (e.g., GB, PL, DE)"
}
},
"required": ["opaqueID"]
}
Response
{
"refreshToken": "TOKEN",
"userID": "UUID",
"expiresAt": "RFC 3339 DATETIME",
"createdAt": "RFC 3339 DATETIME"
}
Note: The opaqueID is required, while all other values are optional The opaqueID should be a unique value that you have on your backend for this user and this is the only required value in order to provide an identity for this user on our system