Game Browser IGDB integration
It's data time. We'll learn how to get authorization and query game data with filters from IGDB API.
Time to get some data from IGDB
This time we’ll talk about how we can retrieve data from IGDB API, and what steps we need to take before we can even try to retrieve any data.
At the end of this post you will get data like this Baldur’s Gate search result from IGDB API.
More installations
Let’s install the tools that help us build the backend:
Postman
Postman is a application you can run on your desktop, for example on Windows. It allows us to manually send HTTP requests, such as GET, PUT, POST, etc. It is very handy for testing and debugging purposes.
Note that this is not an absolutely must, because our backend service does not use Postman. It is solely for the purpose of trying out our queries manually. And for this post, it is good for demonstration purposes as well.
To use IGDB API, you must:
Have a Twitch account
Enable two-factor authentication in Twitch
Register your application in Twitch developer portal
Take a note of your application’s Client ID
Create a new secret, and store the Client secret safely (you can’t view it from Twitch developer portal at a later time)
You must have Client ID and Client secret available when you get authorization to use IGDB. Do not share these values with anyone.
So IGDB uses Twitch’s authorization services, and those are implemented with OAuth2 authorization protocol.
Authorization
As a side note it is good to understand, that OAuth2 is not an authentication protocol, but a authorization protocol. The difference between the two are, that authentication means only identifying who you are. It does not define what you can see or do, once you are in the system. Authorization defines just that: what resources you can see and what you can do with the resources.
To get authorization to use IGDB, we must send a POST request to IGDB. The address to send the request to is always:
https://id.twitch.tv/oauth2/token
We need to attach more information to the request though - the parameters OAuth2 uses for authorization:
client_id
client_secret
grant_type
The first two are own client’s values, and only you know those (from Twitch developer portal). The third, grant_type, has always value client_credentials.
So the final request looks like this:
https://id.twitch.tv/oauth2/token?client_id=<your client_id here>&client_secret=<your client_secret here>&grant_type=client_credentials
With Postman, it is very easy to create a query like this:
Add a new tab with the + sign.
Select POST as the request type.
Enter URL
https://id.twitch.tv/oauth2/token
Go to Params tab of the request.
Add client_id, client_secret and grant_type keys as seen in the picture below. Use your own id and secret.
Press Send.
Observe the response on the bottom of the window.
Take note of the access_token in the response. Copy it to clipboard.
There - authorization is done. We have access token, that we can use to access the actual data from IGDB. This access token must be included with all future requests, otherwise we won’t get any data. Note that the token expires after a while, and you need to retrieve a new token after that. The field expires_in tells us in how many seconds the token expires in. In the example above it is almost two months, so you’re not in a hurry to get a new token.
Get the data
Now to the meat of IGDB - the game data. Let’s make another query:
Add a new tab with the + sign.
Select POST as the request type.
Enter URL
https://api.igdb.com/v4/games/
Go to Headers tab of the request. There are already some auto generated headers. Leave them as they are.
Add Client-ID and Authorization keys as seen in the picture below. Use your own client ID (the same you used during the previous, authorization request).
For Authorization enter value Bearer <your access_token here>
Press Send.
Observe the response on the bottom of the window.
It is important that on point 6 you include the word Bearer in the beginning, and only after that the access token. And also make sure you use the access token you copied from the response of the authorization request. Do not use client secret here - it won’t work.
Now you see that IGDB responded, but you are only getting id values of the games. Another note is that there are only 10 results. This response is not really useful, so let’s change that.
On Postman, change to the Body tab of the request, set type to raw and enter the following value and send the request:
fields *;
Now we got all the fields from the ‘games’ API, as seen above. But we still get only 10 entries. To get more, we can define the limit in the body of the request, like this:
fields *; limit 100;
Now if you send the request, you’ll get 100 entries instead of the default 10.
Filtering
To filter the result set, we can use the search keyword in the body:
fields *; limit 100; search "Baldur's gate";
And to get only certain fields, we can be more specific:
fields name, summary; limit 100; search "Baldur's gate";
Next time
Next time we’ll build this same functionality into our own backend service. We will get the ability to query games with simple filters from a very simple web UI.