This guide walks you through the core workflow: authenticate, check a device, and create a ban.

Prerequisites

  • A Sentinel Network publisher account (sign up at the Dashboard)
  • An API key (generate one from Dashboard > API Keys)
  • A registered game (game_id)
  • curl or any HTTP client

Step 1: Set Up Authentication

Create an API key in the Sentinel Dashboard, then export it: 
export API_KEY="sni_<your-key>"
Include your API key as a Bearer token with every request, along with the X-Game-Id header for game-scoped operations.
API keys use the sni_ prefix. See Authentication for details on API key auth and scopes.

Step 2: Check Your Policy

Verify your publisher policy to understand which ban scopes are enforced: 
curl -s https://api.sentineltrustplay.io/v1/policy \
  -H "Authorization: Bearer $API_KEY" \
  -H "X-Game-Id: game_demo" | jq
Response
{
  "publisher_id": "pub_acme",
  "enforce_game": true,
  "enforce_publisher": true,
  "enforce_global": true,
  "enforce_cheat_global": true,
  "enforce_social_global": true,
  "rep_include_game": true,
  "rep_include_publisher": true,
  "rep_include_global": true,
  "updated_at": "2025-01-01T00:00:00Z"
}

Step 3: Perform a Device Check

The device check endpoint verifies a signed payload from the device and returns its ban and reputation status.
The device check requires a valid ES256 signature. See Device Concepts for details on key generation and payload signing.
curl -s -X POST https://api.sentineltrustplay.io/v1/device/check \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer $API_KEY" \
  -H "X-Game-Id: game_demo" \
  -d '{
    "device_id": "dvc_abc123",
    "publisher_id": "pub_acme",
    "game_id": "game_fps_01",
    "alg": "ES256",
    "payload_b64": "<base64-payload>",
    "sig_b64": "<base64-signature>"
  }'
Response
{
  "device_id": "dvc_abc123",
  "publisher_id": "pub_acme",
  "game_id": "game_fps_01",
  "banned": false,
  "bans": {
    "cheat": { "active": 0, "inactive": 0, "total": 0 },
    "social": { "active": 0, "inactive": 0, "total": 0 }
  },
  "reputation": {
    "cheat_score": 0.0,
    "social_score": 0.0
  },
  "status": "ok"
}

Step 4: Create a Ban

Create a game-scoped cheat ban on a device: 
curl -s -X POST https://api.sentineltrustplay.io/v1/bans \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer $API_KEY" \
  -H "X-Game-Id: game_demo" \
  -d '{
    "device_id": "dvc_abc123",
    "ban_type": "cheat",
    "scope": "game",
    "reason_code": "aimbot",
    "expires_at": null,
    "details": {"note": "detected by anti-cheat"},
    "idempotency_key": "first-ban-1"
  }' | jq
Response
{
  "ban_id": 1,
  "device_id": "dvc_abc123",
  "ban_type": "cheat",
  "scope": "game",
  "publisher_id": "pub_acme",
  "game_id": "game_fps_01",
  "status": "created"
}

Step 5: Revoke a Ban

If the ban was issued in error, revoke it: 
curl -s -X POST https://api.sentineltrustplay.io/v1/bans/1/revoke \
  -H "Authorization: Bearer $API_KEY" \
  -H "X-Game-Id: game_demo" | jq

Next Steps

Authentication

Learn about API keys, scopes, and the APISIX auth flow.

Device Concepts

Understand ES256 key generation, payload signing, and replay protection.

Ban Management

Explore ban types, scopes, idempotency, and pagination.

API Reference

Browse the full API with interactive playground.