Client-generated Access Tokens

Generate LiveLike Profile Access Tokens with User IDs from your own system

Client-generated profile Access Tokens

Sometimes client applications are not able to store LiveLike profile IDs or access tokens in their own system. In this case LiveLike allows for generating your own access tokens containing the application's own user ID, and signed with the application's Client Secret. Profile Access Tokens generated by the client application can be used anywhere that LiveLike requires a Profile Access Token. This includes when making requests directly to the LiveLike REST API (voting on polls, joining chat rooms), and any SDK methods that accept a LiveLike Profile Access Token.

Generating an Access Token

LiveLike Profile Access Tokens are in the JSON Web Token format. They have three required claims:

  • iss
  • iat
    • This is the Unix Timestamp of when the access token was generated. It should always be generated in the UTC timezone.
  • custom_profile_id
    • This is the ID of the user in your own system. It should be a string value no longer than 255 characters, and must be unique within the application. The ID is always stored as a string in LiveLike's system. So even if the ID value is an integer (ie, an autoincrement primary key), please convert it to a string before generating the JWT access token.This ID is unique for that Client ID

Example generating a client access token in Python

from datetime import datetime, timezone

import requests
from jose import jwt
from jose.constants import ALGORITHMS

CLIENT_ID = "<your client id>"
CLIENT_SECRET = "<your client secret>"

PROFILE_API_URL = (
    f"https://cf-blast.livelikecdn.com/api/v1/applications/{CLIENT_ID}/profile/"
)

# Be sure the issued timestamp is always in UTC
issued_at = int(datetime.timestamp(datetime.now().astimezone(timezone.utc)))

claims = {
    # REQUIRED
    # The issuer is your application client ID
    "iss": CLIENT_ID,

    # REQUIRED
    "iat": issued_at,

    # OPTIONAL
    # You can optionally set an expiration on your access tokens.
    # For example, to expire the token 24 hours after issue:
    # "exp": issued_at + 86400,

    # REQUIRED
    # This is the ID of the user in your own system.
    "custom_profile_id": "custom-profile-id-123",
}

# Generate the JWT string and sign it with your CLIENT_SECRET.
# This is used to verify the authenticity when making API requests.
encoded_jwt = jwt.encode(claims, CLIENT_SECRET, algorithm=ALGORITHMS.HS256)

# Now you can use your generated JWT access tokens for that user
# anywhere that LiveLike requires a profile access token.

# For instance, change the profile nickname:
r = requests.patch(
    PROFILE_API_URL,
    json={"nickname": "New Nickname"},
    headers={"Authorization": f"Bearer {encoded_jwt}"},
)
r.raise_for_status()