Check if user is subscribed to campaign w/o login?

Hi folks, I’m working on a game that allows folks to subscribe in game or via patreon for similar perks. Previously, I had used Discord as it seemed like the easiest way to ensure a user was who they said they were, and give them perks in game via a role. This worked, but honestly the Discord integration is a bit shaky at times, and can be a bit frustrating.

Thus, I was hoping that there was a way I could get an API key or something from a client, have them paste it, and then query the API to check if they’re subscribed to my specific campaign. I really want to avoid “login with patreon” as the extra oauth bits are more of a pain than they’re worth in my experience (from other oauth providers, not specifically patreon). Is there a way this can be done?

client

If by client you mean your user, thats a bigger hassle?

I really want to avoid “login with patreon

PHP lib and WP plugin have excellent and smooth implementation of login/oauth. You can just copy the code logic there and sort it out easily. If you are using PHP you can even directly plug it in. (Or use the lib as an api to do auth).

Yes, I do mean user. API keys are a workflow that I can teach if it were possible (go here, copy this, put it in here), but logging in requires a lot more oauth hassle on my part, and it requires me to keep it updated if something changes, etc. I really don’t want to be beholden to an oauth provider if they decide to change their flow. In my experience, services that work with API keys generally keep their scopes the same and/or add new ones as needed, but for example, I’ve had the same Guild Wars 2 API key since the game launched and honestly that’s kinda what I was looking for here.

Also, I’m using nodejs, I’ve seen that there is a library (https://github.com/simov/grant) that can make it slightly better, but I really just wanted to avoid oauth if possible. It sounds like that won’t be possible, so I’ll see if there are any alternatives I can explore - maybe I can link a user by having them put in their patreon email and I can check my campaign via API or something.

This api is Patreon’s api so it should be ok to use it with Patreon functionality as far as i can see.

Basically the information you seek - patron status - wont be obtainable without you having an access token to which user has given permission to acquire that information.

Having user to put in an email to have your app access your creator account via creator token and checking that email’s patron status may work, but its easily spoof-able.

Could you walk me through how I would build a list of emails subscribed to my campaign programmatically?

It is easily spoofable, but this is a low-throughput situation where I can handle spoofs with a unique constraint in the database + manually sorting out people who might try to spoof someone elses email.

First you create a client for your app at:

The app will also have your creator access and refresh tokens.

Using that creator token, you call the api for your campaign and get its details and members. Using example calls from WP plugin and PHP lib would help for this.

You iterate through list of members and process their emails. I recommend not saving the email if the email is not marked as verified.

Thanks a bunch, that’ll be a great start!

1 Like

I’m having a bit of trouble here, trying to figure out how to get these all in one API call. What I have so far is this:

    const params = new URLSearchParams({
      include: 'patron.null',
      'page[count]': '999'
    });
    const res = await fetch(`https://www.patreon.com/api/oauth2/api/campaigns/<campaignid>/pledges?${params}`, {

      headers: {
        Authorization: `Bearer ${process.env.PATREON_ACCESS_TOKEN}`
      }

    });

I’ve tried doing any number of things but I can’t seem to merge them all in to one response. I don’t want to do one API call just to do X more API calls to get all of my users emails. Is that the only way to do it?

I looked at the PHP library but it’s been a while since I did PHP, so I’m not sure how to make heads or tails of what it’s doing there.