By using AWS re:Post, you agree to the Terms of Use

Is It Possible to Use GameKit Identity and Authentication with Steam, Epic Accounts, Xbox and ...?


I am developing a game for PC and Consoles and don't players be forced to provide Email and Password for using the game; It seems to me GameKit only allow Email/Password login or Facebook login. However this is not very desirable for me and the players as they prefer to login to the game services with their corresponding platform identities (Steam and Epic accounts for PC, Xbox account for Xbox Console and ...). Other BaaS solutions for games like PlayFab and Epic Online Services have such a functionality.

Now I am wondering if I am missing something here and there is a solution for doing what I want to do or GameKit does not provide such functionality (which would be a great drawback to me)?

asked 23 days ago47 views
1 Answer

Set up Additional Federated Identity Providers

There are 2 ways to add identity providers

  • Setup Custom Authorizer
  • Add Additional Federated providers like Facebook

Setup Custom Authorizer In this approach you can provide only one Identity provider. This will also disable the provided cognito identity provider. (

Apple jwks url can be found at: .

Add Additional Federated providers like Facebook

Kindly make the following changes to add additional federated identity providers to gamekit. Note that the identity provider should be supported by Aws Cognito (see Integrate the identity providers section)

aws-gamekit (

  1. Extend IFederatedIdentityProvider ( like FacebookIdentityProvider ( does. For example, create a GoogleIdentityProvider class.
  2. Add the new provider to the FederatedIdentityProvider enum ( if it's not already present.
  3. Call the new provider's methods in these IF blocks:

aws-gamekit-unity (

  1. Create a new AWS Lambda function for each of the web requests made by the new IFederatedIdentityProvider. Use the Facebook Lambda functions as a guide:
    1.[…]eTemplates/functions/identity/CognitoFbCallbackHandler/ (
    2.[…]eTemplates/functions/identity/GenerateFacebookLoginUrl/ (
    3.[…]mplates/functions/identity/PollFacebookLoginCompletion/ (
    4.[…]aseTemplates/functions/identity/RetrieveFacebookTokens/ (
  2. Add the new provider to the DyanmoDB table:
    1. Add a new attribute (ex: google_external_id):[…]urces/.BaseTemplates/cloudformation/identity/cloudFormation.yml (
    2. Add this attribute as a desired field here:[…]urces/.BaseTemplates/functions/identity/CognitoGetUser/ (
    3. Add a new global secondary index (ex: gidx_facebook_external_id):[…]urces/.BaseTemplates/cloudformation/identity/cloudFormation.yml (
  3. Add your new provider as a desired field here (ex: google_external_id):[…]urces/.BaseTemplates/functions/identity/CognitoGetUser/ (
  4. Update the cloudformation.yml, parameters.yml, and optionally dashboard.yml ( to enable creation of the new lambda functions. Use the Facebook-related yaml as reference (search these three files for facebook and fb to find it).
  5. IdentityandAuthenticationSettingsTab ( needs to be updated to be able to select and deploy the authentication provider when deploying identity&Authentication feature
  6. Add the new identity provider to the FederatedIdentityProvider enum ( ( It's integer value must match the value that was added in step 2 of the aws-gamekit instructions. (i.e. this line:
answered 19 days ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions