Session Access Tokens
After a user has completed your app's OAuth flow and you've acquired a session access token for their session specific to your app, you can perform a number of actions on behalf of the user within the scope of the permissions they approved by using the session access token.
The completion of the OAuth flow yields what is called a "session access token" - it is an access token scoped in permission to what the user approved for your app. If you did not set expiresAt
in the OAuth URL for user approval, this access token by default expires after 24 hours.
A session access token will begin with sca_sat:
, an example of the session access token format is: sca_sat:631a04ee-3673-4865-bb36-7ab55344f579:kAOjYqX_GLDXJCbH30mNRlEDXujy2yNnpeCBdzwKBdsfJubMlc4oEDoLB74uAfC3
Permissioned Actions
Actions allowed to be performed are limited in scope to your application and the permissions you requested from the user that they approved during your OAuth flow.
With the session access token, you can..
- Get User Profile - Get a user's HYPLAY username, wallet details and more with the Get Current User endpoint.
- Get User Transaction History - Get a user's chronological transaction history with the Get Transactions endpoint
- Read Smart Contract Data - Perform calls (reads) of smart contracts on HYCHAIN mainnet or testnet as if they were submitted by the user's wallet. This allows you to easily read on-chain data as the user using the Read Contract endpoint.
- Submit Transactions - Submit transactions to smart contracts or token transfers as the user within the permissioned limits they approved for the session. You can submit transactions with the Create Transaction endpoint.
- Read User State Data For App - HYPLAY allows apps to read off-chain data in the form of JSON blobs specific to the user and application tied to their session. This is a great way for apps to store persisted state data unique to each user that can be either public or private. This feature is not yet released.
- Write User State Data For App - HYPLAY allows apps to write off-chain data in the form of JSON blobs specific to the user and application tied to their session. Data written can be marked as public or private. This feature is not yet released.
Updated 5 months ago