Player Re-authentication
Re-authentication confirms that the person currently playing is the same person who originally verified their account. It uses a facial liveness check triggered via a push notification to the player's mobile device.
Use this flow at sensitive moments: before a withdrawal, before a high-stakes match, after a suspicious login, or after a top-10 finish in a Cash Game.
Flow Overview
flowchart TD
A([Trigger condition met\ne.g. withdrawal request, top-10 finish]) --> B[Request player verification via API]
B --> C[Save playerVerificationId]
C --> D[GamerSafer sends push notification to player]
D --> E{Player completes facial liveness?}
E -- "No / Timeout" --> F[Handle failure\ne.g. block action, flag account for review]
E -- Yes --> G[GamerSafer sends playerVerification webhook]
G --> H[Match playerVerificationId to your request]
H --> I([Perform authorized action])Step 1 — Choose Your Trigger
Re-authentication can be triggered at any point that makes sense for your platform. Examples:
- Player initiates a real-money withdrawal
- Player finishes in the top 10 of a Cash Game match
- Player starts matchmaking after a period of inactivity
- Player logs in from a new device or IP
Step 2 — Request Player Verification
Call POST /guilds/player-verifications from your backend:
POST /guilds/player-verifications HTTP/1.1
Host: api.gamersafer.com
Authorization: Bearer <GUILD_TOKEN>
Content-Type: application/json
{
"guildMemberId": "01FC3GW10QG03E3FH3Q5ZPAYEN",
"webhookUrl": "https://your-backend.com/webhooks/gamersafer",
"linkBack": "https://your-app.com/deeplink/back"
}| Parameter | Required | Description |
|---|---|---|
guildMemberId | Yes | The player's GamerSafer guild member ID |
webhookUrl | No | URL for the result webhook |
linkBack | No | Where to redirect the player after completing verification |
Response:
{
"playerVerificationId": "01ARZ3NDEKTSV4RRFFQ69G5FAV",
"expiresAt": "2025-06-01T14:48:00.000Z"
}Store the playerVerificationId — you'll use it to match the incoming webhook to your original request.
Step 3 — Player Receives Push Notification
GamerSafer sends a push notification to the player's mobile device. The player must open the GamerSafer app and complete a facial liveness check against their original registered face.
The verification expires at expiresAt. If the player does not complete it in time, treat it as a failure.
Step 4 — Handle the playerVerification Webhook
On success, GamerSafer POSTs to your webhookUrl:
{
"event": "playerVerification",
"payload": {
"guildMemberId": "01FC3GW10QG03E3FH3Q5ZPAYEN",
"verified": true
}
}Match the guildMemberId to your pending verification request and proceed with the authorized action (e.g., approve the withdrawal, mark the match as valid, allow matchmaking).