Overview
All APIs use the same methods for authentication, collectively described here. The available types of authentication are the following:In the API reference, you will find that APIs are marked as accepting either , or both.
•
Server authentication
Server Authentication uses to authenticate your server when calling Challengermode. This is typically used for APIs that require server authority, such as reporting game results, or for retrieving data that is not user-specific, such as searching for open tournaments.
Bot Access Token
•
User authentication
User authentication uses to call Challengermode APIs on a user's behalf. This is used for APIs that either retrieve personal data or perform actions for a specific user.
Personal Access Token (PAT)
•
HMAC validation
HMAC signatures are used for Webhook HMAC validation to verify that it is Challengermode calling your webhook.
BOT
PAT