Authentication
Before a player can perform any operations they need to authenticate with the platform. There are a few authentication options, and some can be used in combination with others. These options are described below.
FAQs? You can review Frequently Asked Questions about Authentication.
Username / Password Authentication
Using RegistrationRequest you can create a player with a username / password / displayName combination. If you use this method, the player can sign in on any device with the same credentials and will be logged in and their history will be available. Once a player has registered using RegistrationRequest, they can use the same username / password combination with AuthenticationRequest to login to the platform.
Device Authentication
Perhaps you don't want to force your players to actively login. In these instances, we'll need the ability to identify the device that is being used so we can persist data against the player. To do this, you can perform device authentication. This method registers an identifier (the implementation is dependent on platform) of the device and creates a stub player on the platform.
If you use device authentication, each time the device authenticates it will be identified as the same player and you'll be able to view previous high scores, or use the same playerId in your code.
Device Authentication Persistence! Please be aware that this persistence of device authentication might cause problems if players are either sharing a device or if a player sells a device after authentication. Even if the seller wipes all data off the device before selling it, if the buyer installs GameSparks again, the device may be recognized as previously authenticated, depending on the specific OS implementation, and could be linked to the first player as owner of the device when it was first authenticated.
When using device authentication:
- There's no display name stored against the player.
- If you're using Leaderboards, the displayName field of each Leaderboard entry will be blank for these users.
- You can set a displayName against these anonymous players using ChangeUserDetailsRequest, which will set the displayName of the player and also update all Leaderboards to contain the correct displayName.
Important: Mobile Device Authentication ID! For mobile device authentication, we strongly recommend that you use an IDFV device ID. Using an IDFA device ID can be unreliable.
Social Authentication
If you don't want players to create a userName / password combination, you can delegate authentication to one of the social providers. Currently these are:
- Amazon
- Google Plus
- Steam
- Xbox One
- Twitch
- Kongregate
- PSN
- SignInWithApple
- Viber
- Nintendo
These methods create a player on the platform and also get their list of friends from the provider. You can then use this list of friends to link players with their friends who also play your game.
Some rules are applied when the player is already authenticated or the social profile is already in use:
- If the player is already authenticated with one of the other methods and the social profile is not already linked to another account, then the social profile will be linked to the current player.
- If the player is already authenticated with one of the other methods but the social profile is already linked to another player, then the client will be logged out of the current account and re-authenticated with the player the social profile is linked to.
- If the player is not already authenticated and the profile is not already in use, then a new player record is created and linked to the social profile.
Setting Up External Providers? For details on how to set up 3rd-party external providers for your game, see the Integrations page.