Validate Deezer access token on server

2.2k views Asked by At

I'm writing a Deezer InApp and I want to store some user-specific settings on my own server. The users are authenticated in the InApp, which then sends the user ID and access token when making API calls to my server, so it can identify the user. When my server receives requests with a user ID and access token, how can it verify that they are valid?

I'm looking for something similar to DZ.getLoginStatus but on the server side. I took a look at the OAuth documentation, but that describes authenticating users on the server (with a login popup if they're not already logged in), but that's not exactly my use case. I don't need to call the Deezer API from my server, only verify that the credentials I receive are valid.

1

There are 1 answers

0
Pierrickouw On BEST ANSWER

You can use the /user/me endpoint of the api with the token like so:

/user/me?access_token={token}

Then check that the user returned has the same id as yours.

You can make some test on http://developers.deezer.com/api/explorer?url=user/me