Authentication
The ctx.gg API uses OAuth for authentication, supporting GitHub and Discord as identity providers.
OAuth Flow
Section titled “OAuth Flow”- Client redirects user to the OAuth provider
- User authorizes the ctx.gg application
- Provider redirects back with an authorization code
- API exchanges the code for an access token
- API creates or updates the user record and returns a session token
Endpoints
Section titled “Endpoints”GET /auth/github
Section titled “GET /auth/github”Redirects to GitHub OAuth authorization page.
Query Parameters:
| Parameter | Type | Description |
|---|---|---|
redirect | string | URL to redirect after auth (optional) |
GET /auth/github/callback
Section titled “GET /auth/github/callback”Handles the GitHub OAuth callback. Creates or updates the user and returns a session.
GET /auth/discord
Section titled “GET /auth/discord”Redirects to Discord OAuth authorization page.
GET /auth/discord/callback
Section titled “GET /auth/discord/callback”Handles the Discord OAuth callback.
GET /auth/me
Section titled “GET /auth/me”Returns the currently authenticated user.
Headers:
Authorization: Bearer <session-token>Response:
{ "id": "user-uuid", "username": "player1", "avatar": "https://avatars.githubusercontent.com/...", "provider": "github", "createdAt": "2026-01-15T10:00:00Z"}POST /auth/logout
Section titled “POST /auth/logout”Invalidates the current session.
Session Tokens
Section titled “Session Tokens”Session tokens are returned as HTTP-only cookies and can also be used as Bearer tokens in the Authorization header. Tokens expire after 30 days of inactivity.