I’m trying to write a multiplayer game that uses Discourse for user authentication. I want to allow players to log into the game using their Discourse by presenting them with a login form where they can enter their Discourse username and password. I then want to send these credentials to the API as well as information about the client and use this to get an API key I can use in future api calls to act on behalf of the user.
This API key is then shared with any multiplayer servers the user joins and is used by said servers to grab username, avatar, etc and other profile information, without ever needing to store or transmit a password. Is this possible?