Ask or search…

Account Linking

Link Ready Player Me accounts to your user profiles.
Account Linking allows end-users to link their Ready Player Me account to your app/game account, so they won't have to log in again when they return to your app. This is particularly useful for cross-device experiences when session information is lost.


  • Server Component The endpoints should be called from a server to keep your API Key secure. So we recommend you set up a server component and have all account linking logic connected to your user management in the backend.
  • Get your API Key
    This can be found within Ready Player Me Studio on the left-hand navigation panel or directly here. You will need the API Key for all API-Requests. See authorizing requests.

Authorization for existing Ready Player Me users

Users with a Ready Player Me account can authorize your application to create/modify avatars by entering their credentials in the Avatar Creator. They do that by clicking the sign-in with Ready Player Me button within the iFrame.
Once the user authorizes, you will be returned it’s User-ID from the iFrame. Therefore you need to subscribe to the postMessage event v1.user.authorized from the iFrame
You will need the User ID to login on behalf of your user with an API request. (See next chapter)

Login on behalf of a user and request a token.

After getting authorized by the end-user and having his/her userId, you can request an access token for this user, which you can use to open the Avatar Creator in the iFrame or WebView.
  1. 1.
    GET Request
If the user authorized your app before, and your credentials are valid, you will receive a token to use in the next step to open the iFrame.
Sample Response:
"data": {
"token": “eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...
  1. 1.
    Add this token to the main ReadyPlayerMe URL you use in the iframe or WebView.
iframe.src = 'https://{your-subdomain}{token}'
The user should be logged in and have access to his/her avatars within the iFrame.
The token lives for 15 seconds, so you must request it right before using it.

Authorizing requests

To successfully authorize API calls, use your organization’s API key as a value of the X-API-Key header:
--header 'x-api-key: {your-api-key}'
You can create an API Key in Studio.