User accounts

The user module gives you access to the player's Funox account: their username, avatar, friends, and a verifiable token you can validate from your own backend.

Funox accounts are optional. Use them only when your game has cross-device progression, leaderboards, or social features.

`isUserAccountAvailable`

Synchronous boolean indicating whether the user-account features are available in the current context.

JavaScript3 lines

1if (window.Funox.SDK.user.isUserAccountAvailable) {2  showSignInButton();3}

`getUser()`

Returns the currently signed-in user, or null.

JavaScript4 lines

1const user = await window.Funox.SDK.user.getUser();2if (user) {3  console.log(user.username, user.profilePictureUrl);4}

User object

TypeScript5 lines

1{2  __dangerousUserId: string;   // Only safe to send to your trusted backend3  username: string;4  profilePictureUrl: string;5}

Why __dangerousUserId?

The client-side user ID is not verified. Never trust it for anything security-sensitive. To identify the user on your backend, use getUserToken() and verify the token server-side.

`showAuthPrompt()`

Open the Funox sign-in dialog. Resolves with the new user on success.

JavaScript10 lines

1try {2  const user = await window.Funox.SDK.user.showAuthPrompt();3  console.log("Signed in as", user.username);4} catch (err) {5  switch (err.code) {6    case "userCancelled":          break; // player closed the dialog7    case "userAlreadySignedIn":    break; // call getUser() instead8    case "showAuthPromptInProgress": break;9  }10}

`getUserToken()`

Returns a short-lived (1 hour) JWT that proves the user's identity. Send it to your backend for verification.

JavaScript4 lines

1const token = await window.Funox.SDK.user.getUserToken();2await fetch("/api/me", {3  headers: { Authorization: `Bearer ${token}` },4});

Server-side verification

Decode the JWT using Funox's rotating public key set:

Text1 line

1GET https://sdk.funox.com/publicKey.json

The payload contains:

JSON8 lines

1{2  "userId": "string",3  "gameId": "string",4  "username": "string",5  "profilePictureUrl": "string",6  "iat": 1234567890,7  "exp": 12345714908}

Reject tokens with mismatched gameId, expired exp, or invalid signature.

`showAccountLinkPrompt()`

If your game has its own account system, ask the player for permission to link it to their Funox account.

JavaScript2 lines

1const response = await window.Funox.SDK.user.showAccountLinkPrompt();2// { response: "yes" | "no" }

`listFriends({ page, size })`

Paginated list of the player's Funox friends.

JavaScript1 line

1const friends = await window.Funox.SDK.user.listFriends({ page: 1, size: 20 });

`addAuthListener(fn)` / `removeAuthListener(fn)`

Subscribe to sign-in / sign-out events.

JavaScript9 lines

1function onAuthChange(user) {2  if (user) loadCloudSave();3  else      loadGuestSave();4}5 6window.Funox.SDK.user.addAuthListener(onAuthChange);7 8// later9window.Funox.SDK.user.removeAuthListener(onAuthChange);

Common error codes

Code	Meaning
`userCancelled`	Player closed the sign-in prompt
`userAlreadySignedIn`	Tried to sign in while signed in
`showAuthPromptInProgress`	A prompt is already open
`notAvailable`	Accounts unavailable in this context

isUserAccountAvailable​

getUser()​

User object​

showAuthPrompt()​

getUserToken()​

Server-side verification​

showAccountLinkPrompt()​

listFriends({ page, size })​

addAuthListener(fn) / removeAuthListener(fn)​

Common error codes​