Query

2 posts

Flag Post

With kongregate_game_auth_token, it’s sent to the game creator’s client. Would this mean we could use this login token (game creators) and log into others accounts for our games? Would that be considered against the TOS of Kongregate?

All that’s required for someone to do this a Kong ID+Username+Auth Token. The ID and Username of which is public if you view their profile sources.

For example (link is separated for easy viewing):

http://www.examplegame.com/kong/index.php?DO_NOT_SHARE_THIS_LINK=1

&kongregate_username=Roktu

&kongregate_user_id=9255093

&kongregate_game_auth_token=bb9e5af3c34tre5db1b786582e68c13230431c7fc3f2dc3e0e344fdf8cf0df

&kongregate_api_host=http%3A%2F%2Fapi.kongregate.com&kongregate_channel_id=1360956679962&kongregate_api_path=http%3A%2F%2Fchat.kongregate.com%2Fflash%2FAPI_AS3_01aabf1c79c5809c4df4e9f520111165.swf

 
Flag Post

Sharing that data can allow someone to be authenticated as you for a game. Which is why it says “DO NOT SHARE THIS LINK” in all caps.