question

Fabiano Shiiti Marumo avatar image
Fabiano Shiiti Marumo asked

Difference between User data with cloud script calls by client,Difference between

Hello,

https://docs.microsoft.com/en-us/gaming/playfab/features/data/playerdata/

Here you defined the 3 types of user data.

My question is:

- "Updated by your server", cloud script called from client is included in this?

- Internal Data: This data is available at server, but if the client call a cloudscript that send the data from Internal Data, what will happen?

- Internal Data: If the player call a cloud script that modifies Internal Data, what will happen?

,

Player Datadatadocumentation
10 |1200

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

1 Answer

·
Seth Du avatar image
Seth Du answered

>> "Updated by your server", cloud script called from client is included in this?

Yes, by default, Cloud Script function will keep a server-side authentication context, which is secret key and title-level entity token, hence Server API is allowed in Cloud Script function.

Because there is client API to call Cloud Script/Azure function, theoretically, as long as players know the function name of Cloud Script, they will be able to execute any functions you want, meanwhile you may define any server API in the function. The answer to 2 latter questions are both YES. To avoid abusive use, verification steps are very necessary for each function, for example, check the caller information, does this player have a valid certain flag to do the update or check their game process to grant certain rewards via server API. Those flag/mark can be stored in the form of inventory items, player read-only data, etc.

1 comment
10 |1200

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Tanishq Malu avatar image Tanishq Malu commented ·

Just to get more clarification, can a client update his/her read only data by calling a server Api? I mean if he could do this, what's the principle behind making read only data? Also, could you give scenarios explaining how categorizing data as read only data and not normal data would be helpful and helps in maintaining data privacy from clients?

0 Likes 0 ·

Write an Answer

Hint: Notify or tag a user in this post by typing @username.

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.