Architecture Overview
Complete guide and documentation
System Architecture Overview
Understanding how the Gaming Panel integrates with your game and handles player authentication, data management, and multiplayer services.
Complete System Flow
From player login to game server integration - how everything works together
Game Authentication
Game automatically detects the platform and obtains user credentials
- Game launches on a specific platform (Steam, Epic, IDCGames, Google Play, Apple Store, PlayStation, Nintendo)
- Game automatically obtains platform-specific user credentials from the platform
- Game sends user data to the Gaming Panel backend for authentication
Backend Verification
The Gaming Panel backend validates the credentials with the platform servers
- Backend receives user data from your game
- Backend uses configured platform credentials to make server-to-server call to the platform
- Platform validates that the user can play this specific game
- If valid, backend creates or retrieves player account and generates session tokens
Session Creation
Upon successful verification, the system creates a secure user session
- Backend creates user session with Access Token (valid for 2 hours)
- Backend generates Refresh Token (valid for 30 days)
- Tokens are encrypted and signed for security
- User session is established and ready for game operations
Game Integration
Your game receives the session tokens and can now make authenticated API calls
- Game receives Access Token and Refresh Token from backend
- Game stores tokens securely for authenticated API calls
- Game can now access player data, inventory, shop, events, etc.
- Game automatically refreshes tokens when needed
Multiplayer Server Integration
Game servers (Photon, custom servers) validate tokens for secure multiplayer
- Game server receives Access Token from client
- Game server validates token with Gaming Panel API
- If valid, game server allows player to join multiplayer session
- Game server can send match results and statistics back to Gaming Panel
Authentication Flow Diagram
Visual representation of the complete authentication process
Complete Authentication & Token Flow
1. Game obtains user credentials
Platform credentials (Steam, Epic, etc.)
2. Send credentials for verification
POST /api/v1/auth/third-party/login
3. Server-to-server verification
Validate credentials with platform
4. Return access tokens
Access Token (2h) + Refresh Token (30d)
5. Make authenticated API calls
All subsequent requests with Access Token
6. Join multiplayer session
Send Access Token for validation
7. Validate token & send match data
POST /api/v1/multiplayer/validate-token
System Architecture Flow
All communication is secured with encrypted tokens and server-to-server validation
API Architecture
How your game communicates with the Gaming Panel backend
Authentication Layer
Handles all login and token management
- POST /api/v1/auth/third-party/login - Initial login with platform credentials
- POST /api/v1/auth/refresh - Refresh expired access tokens
- POST /api/v1/auth/validate - Validate token for game servers
Game Data Layer
Manages all player and game data
- GET /api/v1/player/stats - Player statistics and progression
- GET /api/v1/player/inventory - Player inventory and items
- GET /api/v1/shop/categories - Shop categories and items
- POST /api/v1/shop/purchase - Purchase items from shop
Multiplayer Integration Layer
Handles game server communication and match data
- POST /api/v1/multiplayer/validate-token - Validate player for game server
- POST /api/v1/multiplayer/match-result - Send match results and statistics
- GET /api/v1/multiplayer/server-info - Get game server information
Events & Progression Layer
Manages events, BattlePass, and player progression
- GET /api/v1/events/active - Get active events for player
- GET /api/v1/battlepass/progress - Get BattlePass progression
- POST /api/v1/events/claim-reward - Claim event rewards
Security & Token Management
How the system ensures secure communication and data protection
Encrypted Tokens
All tokens are encrypted using industry-standard encryption
Tokens contain player ID, game ID, permissions, and expiration time
Automatic Token Refresh
Tokens are automatically refreshed before expiration
Your game SDK handles token refresh transparently
Server-Side Validation
All API calls are validated server-side for security
Game servers must validate tokens before allowing player access
Rate Limiting
API calls are rate-limited to prevent abuse
1000 requests per hour per access token
Integration Examples
Ready-to-use code examples for popular game engines
Unity Integration
Complete C# examples for Unity games
- HTTP client setup with UnityWebRequest
- Automatic token management
- Player data synchronization
- Shop integration examples
Unreal Engine Integration
C++ and Blueprint examples for Unreal Engine
- C++ HTTP client implementation
- Blueprint-ready functions
- JSON parsing and response handling
- Multiplayer server integration
Postman Collection
Complete API testing suite
- All API endpoints pre-configured
- Environment variables setup
- Request examples with real data
- Response validation
Data Flow Overview
How data flows between your game, the Gaming Panel, and external services
Player Login
Player → Game → Platform Store → Gaming Panel → Database
Game Data
Game → Gaming Panel API → Database → Response to Game
Multiplayer
Game Server → Gaming Panel (token validation) → Game Server
Analytics
Game → Gaming Panel → Analytics Dashboard
Purchases
Game → Gaming Panel → Payment Processor → Gaming Panel → Game
Integration Best Practices
Recommended practices for integrating with the Gaming Panel
Token Management
Always store tokens securely and implement automatic refresh
Error Handling
Implement proper error handling for network failures and token expiration
Offline Support
Cache essential data locally for offline gameplay
Security
Never expose access tokens in client-side code or logs
Testing
Use the provided test environment and Postman collection for development
Monitoring
Implement logging and monitoring for API calls and errors