Does AWS GameKit integrate with OAuth 2.0? (if not, when will it be supported?)
Does AWS GameKit integrate with OAuth 2.0? (if not, when will it be supported?)
Yes, AWS GameKit uses OAuth 2.0 when logging-in a player through a federated identity provider (such as Facebook). The following APIs facilitate federated log-in with OAuth 2.0: GetFederatedLoginUrl() and PollAndRetrieveFederatedTokensAsync(). Under the hood, AWS GameKit's Identity & Authentication feature uses Amazon Cognito, which uses OAuth 2.0 for federated log-in.
AWS GameKit supports Facebook as a federated identity provider out of the box. You can configure Facebook log-in through the Unreal plugin UI by following these instructions. You can also integrate log-in with other federated identity providers (Google, Amazon, etc.) by following these instructions: https://repost.aws/questions/QUM5Pryi-tSeODYLifZ4vLeA/how-can-i-add-3-p-identity-providers-to-the-identity-auth-feature-on-aws-game-kit
Other than federated log-in, AWS GameKit doesn't provide APIs to help call arbitrary OAuth 2.0 APIs. For example, to call Google People APIs to leverage the player's Google Contacts. To help call arbitrary APIs like this, AWS GameKit would need to provide APIs for the following:
- Generate a URL to request the player's incremental consent for new OAuth 2.0 scopes.
- Fetch the player's federated access token. (The token would be needed for calling the third-party's APIs).
I don't have an ETA for if/when AWS GameKit will support these APIs. I've created an internal feature request to make sure this gets evaluated.
If you'd like to try implementing further support for OAuth 2.0 in AWS GameKit yourself, here are the key locations to look at in the code:
- Generate a URL to request the player's incremental consent for new OAuth 2.0 scopes:
- Generate a log-in URL (similar to a consent URL) - https://github.com/aws/aws-gamekit/blob/main/aws-gamekit-identity/include/aws/gamekit/identity/exports.h#L204
- Poll for log-in completion and retrieve the federated tokens - https://github.com/aws/aws-gamekit/blob/main/aws-gamekit-identity/include/aws/gamekit/identity/exports.h#L227
- Set the player's federated access token during log-in - https://github.com/aws/aws-gamekit/blob/main/aws-gamekit-identity/source/aws/gamekit/identity/gamekit_identity.cpp#L194
- Fetch the player's federated access token:
- Retrieve the player's federated ID token (similar to the access token) - https://github.com/aws/aws-gamekit/blob/main/aws-gamekit-identity/include/aws/gamekit/identity/exports.h#L243
Relevant questions
Is it safe to give my AWS account credentials to AWS GameKit in the game engine? (Access Key ID and Secret Access Key)
Accepted Answerasked 2 months agoHow can I add 3P identity providers to the Identity & Auth feature on AWS GameKit?
asked 3 months agoALB Authenticate Rule with Cognito error: OAuth flows must be enabled in the user pool client
Accepted Answerasked 5 months agoHow does AWS GameKit integrate with Facebook login?
Accepted Answerasked 2 months agoWill Multi-Table queries be supported with PartiQL + DynamoDB?
asked 4 months agoDoes AWS GameKit integrate with OAuth 2.0? (if not, when will it be supported?)
Accepted Answerasked 2 months agoQuestions about Unreal Engine 5 and GameKit
asked 3 months ago[Announcement] AWS announces support for Android, iOS, and MacOS games with AWS GameKit for Unreal Engine
asked 2 months agoAre AWS Temporary Credentials supported in AWS GameKit?
Accepted Answerasked 2 months agoIs it possible to use AWS GameKit with custom game engines?
Accepted Answerasked 2 months ago