Difference between revisions of "Third Party Authentication"

From King Arthur's Gold Wiki
Jump to: navigation, search
(Created page with "The API has a number of security features which are used internally by the game client and other KAG systems. While document partially or in full, these are not intended for...")
(No difference)

Revision as of 16:05, 4 March 2012

The API has a number of security features which are used internally by the game client and other KAG systems. While document partially or in full, these are not intended for public use.

In theory these API features can be used to allow 3rd party sites and applications to emulate a "single sign-on" type of usage, however the problem is that this can train users/players to think that it is okay to plug their KAG account information into any site that asks for it.

If you are thinking about using the security mechanisms as a single sign-on, please contact FliesLikeABrick at ryan@u13.net (or forum PM/Conversation) for the following:

  • Additional API usage details
  • A brief discussion about your plans
  • Some requirements that may be placed on your use of it, such as the inclusion of a warning to users that they are trusting you with their username and password

Failure to contact him before using the API for username/password authentication in a 3rd party site may result in a full block of your site in the API - meaning you can no longer query for basic information such as player profiles, user statistics or any future features.