Character transaction and refresh tokens


(Illindar Tyrannus) #1

I’m under impression that after character transaction refresh tokens don’t invalidate as they’re bound to account. Is that true?


(Snitch Ashor) #2

Not sure if they do, guess they should. The owner_id should change for sure if you just wanna detect if a character was traded.


(Blacksmoke16) #3

Good question. Talk in the #esi channel on slack seems to think it wouldn’t. The new owner might have to go to the third party dev section to revoke them after they buy them. Would be a good question for @Developers.

Kinda related, to know if a character was transferred or not:

If you do the step to get character details. i.e.

GET https://login.eveonline.com/oauth/verify HTTP/1.1

User-Agent: ...
Authorization: Bearer {YOUR_TOKEN}
Host: login.eveonline.com

This will return data like:

{
    "CharacterID": 273042051,
    "CharacterName": "CCP illurkall",
    "ExpiresOn": "2014-05-23T15:01:15.182864Z",
    "Scopes": " ",
    "TokenType": "Character",
    "CharacterOwnerHash": "XM4D...FoY="
}

The CharacterOwnerHash is a unique hash of the user/character. It will not change while the character belongs to the same account. The only way it WILL change is if the character is transferred. So you could store/check that hash to know.


(Illindar Tyrannus) #4

I imagine it’s not terribly difficult to compare new and old values before putting a face to a name during login.


(system) #5

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.