Yes, AWS GameKit uses OAuth 2.0 when logging-in a player through a federated identity provider (such as Facebook). The following APIs facilitate federated log-in with OAuth 2.0: GetFederatedLoginUrl() and PollAndRetrieveFederatedTokensAsync(). Under the hood, AWS GameKit's Identity & Authentication feature uses Amazon Cognito, which uses OAuth 2.0 for federated log-in.
AWS GameKit supports Facebook as a federated identity provider out of the box. You can configure Facebook log-in through the Unreal plugin UI by following these instructions. You can also integrate log-in with other federated identity providers (Google, Amazon, etc.) by following these instructions: https://repost.aws/questions/QUM5Pryi-tSeODYLifZ4vLeA/how-can-i-add-3-p-identity-providers-to-the-identity-auth-feature-on-aws-game-kit
Other than federated log-in, AWS GameKit doesn't provide APIs to help call arbitrary OAuth 2.0 APIs. For example, to call Google People APIs to leverage the player's Google Contacts. To help call arbitrary APIs like this, AWS GameKit would need to provide APIs for the following:
- Generate a URL to request the player's incremental consent for new OAuth 2.0 scopes.
- Fetch the player's federated access token. (The token would be needed for calling the third-party's APIs).
I don't have an ETA for if/when AWS GameKit will support these APIs. I've created an internal feature request to make sure this gets evaluated.
If you'd like to try implementing further support for OAuth 2.0 in AWS GameKit yourself, here are the key locations to look at in the code:
- Generate a URL to request the player's incremental consent for new OAuth 2.0 scopes:
- Generate a log-in URL (similar to a consent URL) - https://github.com/aws/aws-gamekit/blob/main/aws-gamekit-identity/include/aws/gamekit/identity/exports.h#L204
- Poll for log-in completion and retrieve the federated tokens - https://github.com/aws/aws-gamekit/blob/main/aws-gamekit-identity/include/aws/gamekit/identity/exports.h#L227
- Set the player's federated access token during log-in - https://github.com/aws/aws-gamekit/blob/main/aws-gamekit-identity/source/aws/gamekit/identity/gamekit_identity.cpp#L194
- Fetch the player's federated access token:
- Retrieve the player's federated ID token (similar to the access token) - https://github.com/aws/aws-gamekit/blob/main/aws-gamekit-identity/include/aws/gamekit/identity/exports.h#L243
Is it safe to give my AWS account credentials to AWS GameKit in the game engine? (Access Key ID and Secret Access Key)Accepted Answer
How can I add 3P identity providers to the Identity & Auth feature on AWS GameKit?asked 3 months ago
ALB Authenticate Rule with Cognito error: OAuth flows must be enabled in the user pool clientAccepted Answerasked 5 months ago
How does AWS GameKit integrate with Facebook login?Accepted Answer
Will Multi-Table queries be supported with PartiQL + DynamoDB?asked 4 months ago
Does AWS GameKit integrate with OAuth 2.0? (if not, when will it be supported?)Accepted Answer
Questions about Unreal Engine 5 and GameKitasked 3 months ago
[Announcement] AWS announces support for Android, iOS, and MacOS games with AWS GameKit for Unreal Engineasked 2 months ago
Are AWS Temporary Credentials supported in AWS GameKit?Accepted Answer
Is it possible to use AWS GameKit with custom game engines?Accepted Answer