Authentication

Authenticate with Privy token

post

Verify a Privy token and return the user's info including roles and a Meshmap session token. Creates a new user if one does not exist.

Body

tokenstringRequired

Privy authentication token

Responses

200

Authentication successful

application/json

meshmapSessionTokenstringRequired

JWT session token for authenticating with Meshmap APIs

400

Token is required

application/json

401

Invalid token

application/json

500

Internal server error

application/json

post

/auth/privy

POST /api/v1/auth/privy HTTP/1.1
Content-Type: application/json
Accept: */*
Content-Length: 16

{
  "token": "text"
}

{
  "user": {
    "id": "text",
    "email": "text",
    "firstName": "text",
    "lastName": "text",
    "roles": [
      "text"
    ],
    "isAdmin": true,
    "hasOpsAccess": true
  },
  "meshmapSessionToken": "text"
}

Get current user profile

get

Get the profile information for the authenticated user

Authorizations

AuthorizationstringRequired

Session token in Bearer format: Bearer

Responses

200

User profile retrieved successfully

application/json

idstringRequired

Unique user identifier

emailstring · nullableOptional

User email address

firstNamestring · nullableOptional

User first name

lastNamestring · nullableOptional

User last name

phoneNumberstring · nullableOptional

User phone number

usernamestring · nullableOptional

User username

createdAtstring · date-timeRequired

User creation timestamp

imageUrlstring · nullableOptional

User profile image URL

401

Unauthorized - invalid or missing session token

application/json

500

Internal server error

application/json

get

/user

GET /api/v1/user HTTP/1.1
Authorization: YOUR_API_KEY
Accept: */*

{
  "id": "text",
  "email": "text",
  "firstName": "text",
  "lastName": "text",
  "phoneNumber": "text",
  "username": "text",
  "createdAt": "2026-02-27T17:13:34.172Z",
  "imageUrl": "text"
}

Update current user profile

patch

Update the username for the authenticated user

Authorizations

AuthorizationstringRequired

Session token in Bearer format: Bearer

Body

usernamestring · min: 1Required

New username for the user

Responses

200

User profile updated successfully

application/json

idstringRequired

Unique user identifier

emailstring · nullableOptional

User email address

firstNamestring · nullableOptional

User first name

lastNamestring · nullableOptional

User last name

phoneNumberstring · nullableOptional

User phone number

usernamestring · nullableOptional

User username

createdAtstring · date-timeRequired

User creation timestamp

imageUrlstring · nullableOptional

User profile image URL

400

Invalid request body

application/json

401

Unauthorized - invalid or missing session token

application/json

409

Username is already taken

application/json

500

Internal server error

application/json

patch

/user

PATCH /api/v1/user HTTP/1.1
Authorization: YOUR_API_KEY
Content-Type: application/json
Accept: */*
Content-Length: 19

{
  "username": "text"
}

{
  "id": "text",
  "email": "text",
  "firstName": "text",
  "lastName": "text",
  "phoneNumber": "text",
  "username": "text",
  "createdAt": "2026-02-27T17:13:34.172Z",
  "imageUrl": "text"
}

Remove user profile image

delete

Delete the profile image for the authenticated user

Authorizations

AuthorizationstringRequired

Session token in Bearer format: Bearer

Responses

200

Profile image removed successfully

application/json

successbooleanOptional

401

Unauthorized - invalid or missing session token

application/json

500

Internal server error

application/json

delete

/user/profile-image

DELETE /api/v1/user/profile-image HTTP/1.1
Authorization: YOUR_API_KEY
Accept: */*

{
  "success": true
}

Upload user profile image

patch

Upload or replace the profile image for the authenticated user

Authorizations

AuthorizationstringRequired

Session token in Bearer format: Bearer

Body

imagestring · binaryRequired

Image file to upload

Responses

200

Profile image uploaded successfully

application/json

idstringRequired

Unique user identifier

emailstring · nullableOptional

User email address

firstNamestring · nullableOptional

User first name

lastNamestring · nullableOptional

User last name

phoneNumberstring · nullableOptional

User phone number

usernamestring · nullableOptional

User username

createdAtstring · date-timeRequired

User creation timestamp

imageUrlstring · nullableOptional

User profile image URL

400

Invalid image file

application/json

401

Unauthorized - invalid or missing session token

application/json

500

Internal server error

application/json

patch

/user/profile-image

PATCH /api/v1/user/profile-image HTTP/1.1
Authorization: YOUR_API_KEY
Content-Type: multipart/form-data
Accept: */*
Content-Length: 18

{
  "image": "binary"
}

{
  "id": "text",
  "email": "text",
  "firstName": "text",
  "lastName": "text",
  "phoneNumber": "text",
  "username": "text",
  "createdAt": "2026-02-27T17:13:34.172Z",
  "imageUrl": "text"
}

Generate authentication game code

post

Generate a new 6-digit authentication code from headset side

Authorizations

x-app-api-keystringRequired

App API key in format:

Body

playerIdstring · nullableRequired

Player ID to associate with the code. Used to link the player to the code. Optional.

Responses

200

Code generated successfully

application/json

codestringRequired

Generated authentication code

Pattern: ^[0-9]{6}$

playerIdstring · nullableOptional

Player ID associated with the code (if provided)

expiryTimestring · date-timeRequired

Code expiration timestamp

401

Unauthorized - invalid or missing API key

application/json

500

Unable to generate unique code or internal server error

application/json

post

/code

POST /api/v1/code HTTP/1.1
x-app-api-key: YOUR_API_KEY
Content-Type: application/json
Accept: */*
Content-Length: 19

{
  "playerId": "text"
}

{
  "code": "text",
  "playerId": "text",
  "expiryTime": "2026-02-27T17:13:34.172Z"
}

Validate authentication code

post

Validate an authentication code and optionally return a session token

Authorizations

x-app-api-keystringRequired

App API key in format:

Body

codestringRequired

Authentication code

Pattern: ^[0-9]{6}$

Responses

200

Game code validation result

application/json

statusstring · enumRequired

Code validation status

Possible values:

sessionTokenstringOptional

JWT session token (only present when status is VALID and user is authenticated)

expiryTimestring · date-timeOptional

Code expiry time (only present when status is VALID)

errorstringOptional

Error message (only present when status is not VALID)

400

Invalid request data

application/json

401

Unauthorized - invalid or missing App API key

application/json

500

Internal server error

application/json

post

/auth/code

POST /api/v1/auth/code HTTP/1.1
x-app-api-key: YOUR_API_KEY
Content-Type: application/json
Accept: */*
Content-Length: 15

{
  "code": "text"
}

{
  "status": "VALID",
  "sessionToken": "text",
  "expiryTime": "2026-02-27T17:13:34.172Z",
  "error": "text"
}

PreviousCore NextApps

Last updated 1 day ago

hashtagAuthenticate with Privy token

hashtagGet current user profile

hashtagUpdate current user profile

hashtagRemove user profile image

hashtagUpload user profile image

hashtagGenerate authentication game code

hashtagValidate authentication code

Authenticate with Privy token

Get current user profile

Update current user profile

Remove user profile image

Upload user profile image

Generate authentication game code

Validate authentication code