Skip to content

Access Tokens

Jump to bottom
Ben Weier edited this page Feb 7, 2021 · 2 revisions

User Access Tokens

Certain protected profile requests for World of Warcraft require a user token provisioned by the OAuth 2.0 Authorization Code Flow. This is outside the scope of blizzard.js and a OAuth library like passport with the battle.net strategy is highly recommended.

Application Access Tokens

In most cases you shouldn't need to handle the application token yourself. Instantiating a game client with createInstance will fetch a token if the initial value is undefined, and refresh the token when it expires (typically valid for 24hrs).

If a token value is provided, the client will validate and refresh only if it's expired/invalid. Passing an optional callback function as the 2nd argument to createInstance will return the token object when it is refreshed, allowing you to listen for changes if you are managing the token state manually.

const wowClient = await wow.createInstance(
  {
    key: BLIZZARD_CLIENT_ID,
    secret: BLIZZARD_CLIENT_SECRET,
  },
  (token) => {
    // {
    //   access_token: string
    //   token_type: 'bearer'
    //   expires_in: number (in seconds)
    // }
  },
)

To completely disable validating/refreshing the application token, pass false to the 2nd argument. By opting out of the default application token handling, it is your responsibility to manage application tokens as required with the available methods.

const wowClient = await wow.createInstance(
  {
    key: BLIZZARD_CLIENT_ID,
    secret: BLIZZARD_CLIENT_SECRET,
  },
  false,
)

Validate

const validateTokenRequest = await wowClient.validateApplicationToken({
  token: 'string',
})

// validateTokenRequest.data =>
// {
//   scope: [],
//   exp: number (in seconds),
//   authorities: [
//     {
//       authority: string,
//     },
//   ],
//   client_id: string,
// }

Automatic Get & Set

await wowClient.refreshApplicationToken()

Manual Get & Set

const getTokenRequest = await wowClient.getApplicationToken()

// getTokenRequest.data =>
// {
//   access_token: string,
//   token_type: 'bearer',
//   expires_in: number (in seconds),
// }

wowClient.setApplicationToken(getTokenRequest.data.access_token)
Clone this wiki locally